[App_rpt-users] SIP VoIP for Asterisk
David KE6UPI
dshaw at ke6upi.com
Sat Sep 7 20:20:05 UTC 2013
I'm lost.
I was going to reply with a long email asking questions and helping out..
I'm not going too.
Good Luck, David
On Thu, Sep 5, 2013 at 3:32 PM, Dwaine Garden VE3GIF <
DwaineGarden at rogers.com> wrote:
> Bill, sorry for hijacking your thread. Didn't mean it....
>
> Dwine
>
> Bill South <wbs099 at yahoo.com> wrote:
>
> > While this thread is not part of what I originally asked about (SIP
> provider recommendations) I'll add that 911 access is mandated in some
> LATAs, but seems to be some debate if it must be 911 or if 9-911 is OK, or
> other variations. I worked in the telecom business for over 25 years in
> various parts of the USA and different localities would respond differently
> to the question about 911. When E911 first came out, where a database
> lookup was done by the local police emeregency agency systems answering 911
> calls showing names and addresses, some jurisdictions mandated that
> database had to show the exact location the call was originating from, not
> a billing address of some companies headquarters. Big problem for some
> large companies where a single billing address is used for all telco
> circuits. For residences I'm not sure anyone has put much thought into
> laws regarding 911 dialing and any restrictions thereof; businesses on the
> other hand, where
> > 100's maybe thousands of workers are in the same building and floor and
> locating a 911 caller could be pretty tough for local emnergency
> responders, there are, or were anyway, laws in some locations mandating 911
> unrestricted. The thought has always been though that in an emergency
> people have the expectation, whether at home or work, that they can dial
> 911 and get help; not sure where the laws stands now on that across the USA.
> >
> >--------------------------------------------
> >On Thu, 9/5/13, Dwaine Garden VE3GIF <DwaineGarden at rogers.com> wrote:
> >
> > Subject: Re: [App_rpt-users] SIP VoIP for Asterisk
> > To: "Jim Duuuude" <telesistant at hotmail.com>
> > Cc: "app_rpt mailing list" <app_rpt-users at ohnosec.org>
> > Date: Thursday, September 5, 2013, 7:40 PM
> >
> > Canadian customers have to provide an
> > address and name for 911 purposes for a DID. Bell and
> > Rogers were mandated with their VoIP services.
> >
> > I gave them the logs of the server where the IP address were
> > listed. Rogers was good and moved me to a new IP address
> > and filtered out the source.
> >
> > I had an iptables script that would ban IP address that
> > attempted a certain number of connections during a certain
> > amount of time. Then ban that IP address. It worked great.
> > It stopped the hackers script dead cold. Until they ran
> > the 911 script. They were ruthless in their attacks.
> >
> > My all-star node was the best fun I have had with Ham radio.
> > I'll fire it back up again. Just waiting for the dust
> > to settle without a DID setup.
> >
> > Dwaine
> >
> > Jim Duuuude <telesistant at hotmail.com> wrote:
> >
> > Double BRAVO-SIERRA!!
> >
> > If that were true, a LOT of large business owners (some of
> > which may even operate
> > large businesses :-) ) would be in jail, if they HAPPEN to
> > have a phone system or even
> > worse, service from the "phone company", that
> > requires dialing 9 to get an "outside line".
> >
> > I bet even the police dept has to dial 9 to dial 911.
> >
> > And as far as that goes, put the line in your pet
> > tarantula's name, and make it clear to them
> > that the spider is more then willing to 'serve its
> > time' for such a terrible transgressions!! :-)
> >
> > Wholesale outbound telecom services, such as ones provided
> > by most SIP providers, are *NOT*
> > "in your name", *NOR* do they even technically
> > have a "phone number" or a "service
> > address".
> > Just because you pay the bill for them does not, in any
> > manner, construe that you are the end user
> > of the service.
> >
> > Jim
> >
> >
> >
> >
> > Date: Thu, 5 Sep
> > 2013 14:58:42 -0400
> > Subject: RE: [App_rpt-users] SIP VoIP for Asterisk
> > From: DwaineGarden at rogers.com
> > To: telesistant at hotmail.com
> > CC: dshaw at ke6upi.com; app_rpt-users at ohnosec.org
> >
> > It was an interesting experience. Has anyone else
> > experienced the same problem and had the police involved?
> > I did mention that I would change the
> > Dial string. The police told me that a person has to be
> > able to dial 911 and get emergency services.
> >
> > I gave up and just walked over to the all-star computer and
> > hit the power button. Sadly, it has been off ever since.
> >
> > If I had changed the 911 Dial string before the incident.
> > The police would of not gotten involved. Never known about
> > the situation.
> >
> > Just let everyone know. The two police officers were very
> > good about it. They told me that its happening a lot and
> > 911 is getting a little upset about it.
> >
> > I told them they should go after the person responsible.
> > They told me that's you. The line is in your name.
> >
> > Anyway, just wanted to throw out there my experience.
> >
> > Dwaine
> >
> > Jim Duuuude <telesistant at hotmail.com> wrote:
> >
> > Okay (and yes, that is STUPID and most likely
> > WRONG, but most police depts are
> > just completely ignorant of telecom issues). So, fine...
> > GIVE them access to 911.
> > Let them dial it. But, sadly, on YOUR phone network, the
> > dialing string is just a LITTLE
> > bit longer (like about 30 digits in front of the 911)... get
> > it?
> >
> > Jim
> >
> >
> > Date: Thu, 5 Sep
> > 2013 14:07:58 -0400
> > From: DwaineGarden at rogers.com
> > To: dshaw at ke6upi.com
> > CC: app_rpt-users at ohnosec.org
> > Subject: Re: [App_rpt-users] SIP VoIP for Asterisk
> >
> > The problem is you are not allowed by law to have a phone
> > without unrestricted access to 911. I had Metro Toronto
> > police at my door explaining that even if I block 911 to any
> > outside connections I would be breaking the law. If you
> > have a server on the internet with sip. They have to able
> > to connect to be able to call 911.
> >
> > I told the police it was retard. They told me that was fine
> > they will charge me.
> >
> > Police told me that even if someone breaks into your house.
> > If there is a phone install, the criminals better have
> > access to dial 911 unrestrictive.
> >
> > The hackers did not get into the box. They were trying for
> > months. Got pissed off and changed their script to dial
> > 911 constantly. SIP and DID see a 911 call. It dials it.
> > No questions asked. No login or nothing.
> >
> > The Police told me it was a huge problem. SIP or DID are
> > setup like a public pay phone. Full access to 911.
> >
> > It was an eye opener for me. You learn something new
> > everyday. If I see someone asking about SIP or DID. I let
> > them know about my experience.
> >
> > David KE6UPI <dshaw at ke6upi.com> wrote:
> >
> > I'm sorry Dwaine what are you
> > talking about? Sorry If I don't understand what your
> > talking about.
> >
> > I have both a public Asterisk server and a local
> > Asterisk server. I have never had anyone connect and make a
> > call that was not authenticated user.. Yes they try and
> > fail2ban will block them. There are many way to stop
> > unwanted hackers on your server.
> >
> >
> >
> > As for dialing 911 just make a dial plain to route to space
> > if you want.
> >
> > Google "Asterisk Security"
> >
> > http://www.voip-info.org/wiki/view/Asterisk+security
> >
> >
> >
> > David
> >
> >
> >
> > On Thu, Sep 5, 2013
> > at 9:13 AM, Dwaine Garden VE3GIF <DwaineGarden at rogers.com>
> > wrote:
> >
> > It
> > works great until the hacks find the machine. They
> > port scan non stop. Its especially fun when their
> > scripts dial 911 constantly. There is no way to turn
> > off dialing 911 for SIP.
> >
> >
> >
> >
> > Bill South <wbs099 at yahoo.com>
> > wrote:
> >
> >
> >
> > > I'm thinking of adding some type of
> > SIP trunking or other VoIP service provider to my ACID
> > Asterisk system to support in/out bound calling.
> > I've read some emails on the app_rpt reflector
> > with names of providers mentioned, but I am looking for
> > recommendations, as there are zillions of VoIP providers out
> > there. This is going to be used very sparingly so
> > least-cost is a good thing, but good reliability and no
> > bombardment with email adds by the provider is desired too.
> > I can easily get by with a single number, but may want
> > to add additional DIDs later. Thoughts?
> >
> >
> > >
> >
> > >Bill
> >
> > >
> >
> > >
> >
> > >_______________________________________________
> >
> > >App_rpt-users mailing list
> >
> > >App_rpt-users at ohnosec.org
> >
> > >http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
> >
> > _______________________________________________
> >
> > App_rpt-users mailing list
> >
> > App_rpt-users at ohnosec.org
> >
> > http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
> >
> >
> >
> >
> > _______________________________________________
> > App_rpt-users mailing list
> > App_rpt-users at ohnosec.org
> > http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
> >
> > -----Inline Attachment Follows-----
> >
> > _______________________________________________
> > App_rpt-users mailing list
> > App_rpt-users at ohnosec.org
> > http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
> >
> >_______________________________________________
> >App_rpt-users mailing list
> >App_rpt-users at ohnosec.org
> >http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at ohnosec.org
> http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20130907/a1978529/attachment.html>
More information about the App_rpt-users
mailing list