From ka6ken at alker.net Thu Jun 1 07:51:23 2017 From: ka6ken at alker.net (Ken Alker) Date: Thu, 01 Jun 2017 00:51:23 -0700 Subject: [App_rpt-users] mini-pc recommendations for Allstar / Dial Message-ID: <3498D61B53C007FB07196024@[10.0.0.109]> Hello, I am brand new to this list and Allstar (although I have been using Asterisk for well over a decade). I would like to run three URIs off of one PC running Dial. The PC will also communicate with at least three RTCMs at other locations. I ASSuME, based on this requirement, that a mini-PC would be the best platform (and not a Rasberry Pi or other ARM based processor). Please correct me if this is wrong (as I'd love to get away with a super low power $35 computer). What mini-PC platforms have people successfully used (IOW, what mini-PCs would you suggest I look into)? I'd like something relatively inexpensive, low power, and with no moving parts (for a difficult to reach remote location at high elevation). I've been looking into the Qotom mini-PCs, however, many of them seem to be based on the J1900, and I have heard that the Intel "Bay Trail" processors (of which the J1900 is one) have some clock issues due to a conflict with the (Debian) kernel being used in the Dial/Allstar project. I don't know if newer releases of the processor have fixed this, or if it applies to every single Bay Trail processor ever produced. Perhaps someone can expound on this for me, as well. Thank you! Ken Alker KA6KEN http://www.impulse.net From markjohnston73 at gmail.com Thu Jun 1 12:46:22 2017 From: markjohnston73 at gmail.com (Mark Johnston) Date: Thu, 1 Jun 2017 05:46:22 -0700 Subject: [App_rpt-users] mini-pc recommendations for Allstar / Dial In-Reply-To: <3498D61B53C007FB07196024@10.0.0.109> References: <3498D61B53C007FB07196024@10.0.0.109> Message-ID: I have purchased a few using the Intel Atom CPU, they are not super fast, but I have had 4 URI's connected with no issues, and internet streaming as well on one node... they are inexpensive, and no fan on them, got 12V power supplies for them, mounted it all in a 1U rack, but there are plenty of other small form factor PC's like that if you just want a desktop style (mini) computer. Some are "Industrial" type, might look at what amazon has, etc... "Got Root?" How many software engineers does it take to change a light bulb? *None. It's a hardware problem.* Unix is user friendly. It's just very particular about who it's friends are. WINDOWS: Will Install Needless Data On Whole System MICROSOFT: Most Intelligent Customers Realize Our Software Only Fools Teenagers. A ntennas P oorly P laced L acks E ngineering The best way to accelerate a computer running Windows is at 9.81 m/s?. *"I get paid to support Windows, I use Linux to get work done."* On Thu, Jun 1, 2017 at 12:51 AM, Ken Alker wrote: > Hello, > > I am brand new to this list and Allstar (although I have been using > Asterisk for well over a decade). I would like to run three URIs off of > one PC running Dial. The PC will also communicate with at least three > RTCMs at other locations. I ASSuME, based on this requirement, that a > mini-PC would be the best platform (and not a Rasberry Pi or other ARM > based processor). Please correct me if this is wrong (as I'd love to get > away with a super low power $35 computer). > > What mini-PC platforms have people successfully used (IOW, what mini-PCs > would you suggest I look into)? I'd like something relatively inexpensive, > low power, and with no moving parts (for a difficult to reach remote > location at high elevation). > > I've been looking into the Qotom mini-PCs, however, many of them seem to > be based on the J1900, and I have heard that the Intel "Bay Trail" > processors (of which the J1900 is one) have some clock issues due to a > conflict with the (Debian) kernel being used in the Dial/Allstar project. > I don't know if newer releases of the processor have fixed this, or if it > applies to every single Bay Trail processor ever produced. Perhaps someone > can expound on this for me, as well. > > Thank you! > > Ken Alker > KA6KEN > http://www.impulse.net > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/c > gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ka6ken at alker.net Thu Jun 1 16:31:04 2017 From: ka6ken at alker.net (Ken Alker) Date: Thu, 01 Jun 2017 09:31:04 -0700 Subject: [App_rpt-users] mini-pc recommendations for Allstar / Dial In-Reply-To: References: <3498D61B53C007FB07196024@10.0.0.109> Message-ID: Thanks. Have you managed to avoid the freeze-up issue due to the clock problems on certain Atom processors (Bay Trail, and possibly others) due to a conflict with the kernel being used in the Dial release (apparently, a CPU problem, but a problem nonetheless)? --On Thursday, June 01, 2017 5:46 AM -0700 Mark Johnston wrote: > I have purchased a few using the Intel Atom CPU, they are not super fast, > but I have had 4 URI's connected with no issues, and internet streaming > as well on one node... they are inexpensive, and no fan on them, got 12V > power supplies for them, mounted it all in a 1U rack, but there are > plenty of other small form factor PC's like that if you just want a > desktop style (mini) computer. Some are "Industrial" type, might look at > what amazon has, etc... > > > > > > > > > "Got Root?" > > > How many software engineers does it take to change a light bulb? > None. It's a hardware problem. > > > > > Unix is user friendly. It's just very particular about who it's friends > are. > WINDOWS: Will Install Needless Data On Whole System > MICROSOFT: Most Intelligent Customers Realize Our Software Only Fools > Teenagers. > > > > > > A ntennas > P oorly > P laced > L acks > E ngineering > > The best way to accelerate a computer running Windows is at 9.81 m/s?. > > > "I get paid to support Windows, I use Linux to get work done." > > > > On Thu, Jun 1, 2017 at 12:51 AM, Ken Alker wrote: > > Hello, > > I am brand new to this list and Allstar (although I have been using > Asterisk for well over a decade).? I would like to run three URIs off of > one PC running Dial.? The PC will also communicate with at least three > RTCMs at other locations.? I ASSuME, based on this requirement, that a > mini-PC would be the best platform (and not a Rasberry Pi or other ARM > based processor).? Please correct me if this is wrong (as I'd love to > get away with a super low power $35 computer). > > What mini-PC platforms have people successfully used (IOW, what mini-PCs > would you suggest I look into)?? I'd like something relatively > inexpensive, low power, and with no moving parts (for a difficult to > reach remote location at high elevation). > > I've been looking into the Qotom mini-PCs, however, many of them seem to > be based on the J1900, and I have heard that the Intel "Bay Trail" > processors (of which the J1900 is one) have some clock issues due to a > conflict with the (Debian) kernel being used in the Dial/Allstar > project.? I don't know if newer releases of the processor have fixed > this, or if it applies to every single Bay Trail processor ever > produced.? Perhaps someone can expound on this for me, as well. > > Thank you! > > Ken Alker > KA6KEN > http://www.impulse.net > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > > From steve at siesel.net Fri Jun 2 01:55:48 2017 From: steve at siesel.net (Steve Siesel) Date: Thu, 1 Jun 2017 21:55:48 -0400 Subject: [App_rpt-users] First Time Install with some issues.. Message-ID: <01ee01d2db43$5bb3af80$131b0e80$@siesel.net> All, Here is what my problems are: 1. Getting the following in my asterisk trace: [Jun 1 21:33:22] WARNING[587] chan_iax2.c: REGISTER-LOG: registry rereqquest [Jun 1 21:34:12] WARNING[588] chan_iax2.c: REGISTER-LOG: Sending registration request for '46031' [Jun 1 21:34:12] WARNING[580] chan_iax2.c: REGISTER-LOG: registry rereqquest However my iax2 show registry shows: DMRLink*CLI> iax2 show registry Host dnsmgr Username Perceived Refresh State 67.215.233.178:4569 Y 46031 47.203.114.127:1025 60 Registered 2. I have port forwarded both udp and tcp 4569 to the Allstar node. I have also added the following to iax.conf for Zopier access: [k4ksa] username=steve type=friend context=myphone host=dynamic auth=md5 secret=xxxxxxx disallow=all allow=ulaw allow=g726aal2 allow=gsm codecpriority=host transfer=no ;callerid=K4KSA I have also added the context to extensions.conf as well. This is what I am getting in the asterisk trace when trying to register (also getting error 29 from Zopier) [Jun 1 21:35:35] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) [Jun 1 21:35:37] NOTICE[582] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) [Jun 1 21:35:40] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) 3. Telephone access from Allstar. When using the dial in telephone number trying to get voice or function access it times out with a busy signal. I did a tcpdump port 4569 and I can see the telephone service making It to the machine: 21:43:29.564494 IP seal.lambdatel.com.iax > DMRLink.home.iax: UDP, length 96 21:43:29.565075 IP DMRLink.home.iax > seal.lambdatel.com.iax: UDP, length 65 Using RAT RC1 Anyone have any thoughts to my three problems? Steve K4KSA -------------- next part -------------- An HTML attachment was scrubbed... URL: From markjohnston73 at gmail.com Fri Jun 2 03:14:29 2017 From: markjohnston73 at gmail.com (Mark Johnston) Date: Thu, 1 Jun 2017 20:14:29 -0700 Subject: [App_rpt-users] mini-pc recommendations for Allstar / Dial In-Reply-To: References: <3498D61B53C007FB07196024@10.0.0.109> Message-ID: I don't know how often there would be a freeze up, *root at KC7DMF:~# uptime* * 19:22:06 up 19 days, 31 min, 1 user, load average: 0.05, 0.09, 0.12* *I believe this may address the issue, I added **kernel.panic = 20 * *to /etc/sysctl.conf* *I know it would kernel panic once in a great while, never did find exactly why, but this seems to keep it running.* *I also wrote a script when the network has packet loss, to restart...* "Got Root?" How many software engineers does it take to change a light bulb? *None. It's a hardware problem.* Unix is user friendly. It's just very particular about who it's friends are. WINDOWS: Will Install Needless Data On Whole System MICROSOFT: Most Intelligent Customers Realize Our Software Only Fools Teenagers. A ntennas P oorly P laced L acks E ngineering The best way to accelerate a computer running Windows is at 9.81 m/s?. *"I get paid to support Windows, I use Linux to get work done."* On Thu, Jun 1, 2017 at 9:31 AM, Ken Alker wrote: > Thanks. Have you managed to avoid the freeze-up issue due to the clock > problems on certain Atom processors (Bay Trail, and possibly others) due to > a conflict with the kernel being used in the Dial release (apparently, a > CPU problem, but a problem nonetheless)? > > > --On Thursday, June 01, 2017 5:46 AM -0700 Mark Johnston < > markjohnston73 at gmail.com> wrote: > > I have purchased a few using the Intel Atom CPU, they are not super fast, >> but I have had 4 URI's connected with no issues, and internet streaming >> as well on one node... they are inexpensive, and no fan on them, got 12V >> power supplies for them, mounted it all in a 1U rack, but there are >> plenty of other small form factor PC's like that if you just want a >> desktop style (mini) computer. Some are "Industrial" type, might look at >> what amazon has, etc... >> >> >> >> >> >> >> >> >> "Got Root?" >> >> >> How many software engineers does it take to change a light bulb? >> None. It's a hardware problem. >> >> >> >> >> Unix is user friendly. It's just very particular about who it's friends >> are. >> WINDOWS: Will Install Needless Data On Whole System >> MICROSOFT: Most Intelligent Customers Realize Our Software Only Fools >> Teenagers. >> >> >> >> >> >> A ntennas >> P oorly >> P laced >> L acks >> E ngineering >> >> The best way to accelerate a computer running Windows is at 9.81 m/s?. >> >> >> "I get paid to support Windows, I use Linux to get work done." >> >> >> >> On Thu, Jun 1, 2017 at 12:51 AM, Ken Alker wrote: >> >> Hello, >> >> I am brand new to this list and Allstar (although I have been using >> Asterisk for well over a decade). I would like to run three URIs off of >> one PC running Dial. The PC will also communicate with at least three >> RTCMs at other locations. I ASSuME, based on this requirement, that a >> mini-PC would be the best platform (and not a Rasberry Pi or other ARM >> based processor). Please correct me if this is wrong (as I'd love to >> get away with a super low power $35 computer). >> >> What mini-PC platforms have people successfully used (IOW, what mini-PCs >> would you suggest I look into)? I'd like something relatively >> inexpensive, low power, and with no moving parts (for a difficult to >> reach remote location at high elevation). >> >> I've been looking into the Qotom mini-PCs, however, many of them seem to >> be based on the J1900, and I have heard that the Intel "Bay Trail" >> processors (of which the J1900 is one) have some clock issues due to a >> conflict with the (Debian) kernel being used in the Dial/Allstar >> project. I don't know if newer releases of the processor have fixed >> this, or if it applies to every single Bay Trail processor ever >> produced. Perhaps someone can expound on this for me, as well. >> >> Thank you! >> >> Ken Alker >> KA6KEN >> http://www.impulse.net >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> >> >> > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/c > gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Fri Jun 2 14:46:56 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Fri, 2 Jun 2017 07:46:56 -0700 Subject: [App_rpt-users] First Time Install with some issues.. In-Reply-To: <01ee01d2db43$5bb3af80$131b0e80$@siesel.net> References: <01ee01d2db43$5bb3af80$131b0e80$@siesel.net> Message-ID: <9866DCCF-2830-44CF-AA75-3D45AE17568B@gmail.com> Item 1, does not concern me. with respect to 2 & 3, how did you setup extensions.conf? Did you set it up for zoiper? Thanks, Bob k6ecm 73 Sent from iPad > On Jun 1, 2017, at 6:55 PM, Steve Siesel wrote: > > > All, > > Here is what my problems are: > > 1. Getting the following in my asterisk trace: > > [Jun 1 21:33:22] WARNING[587] chan_iax2.c: REGISTER-LOG: registry rereqquest > [Jun 1 21:34:12] WARNING[588] chan_iax2.c: REGISTER-LOG: Sending registration request for '46031' > [Jun 1 21:34:12] WARNING[580] chan_iax2.c: REGISTER-LOG: registry rereqquest > > However my iax2 show registry shows: > DMRLink*CLI> iax2 show registry > Host dnsmgr Username Perceived Refresh State > 67.215.233.178:4569 Y 46031 47.203.114.127:1025 60 Registered > > 2. I have port forwarded both udp and tcp 4569 to the Allstar node. I have also added the following to iax.conf for Zopier access: > > > [k4ksa] > username=steve > type=friend > context=myphone > host=dynamic > auth=md5 > secret=xxxxxxx > disallow=all > allow=ulaw > allow=g726aal2 > allow=gsm > codecpriority=host > transfer=no > ;callerid=K4KSA > > I have also added the context to extensions.conf as well. > > This is what I am getting in the asterisk trace when trying to register (also getting error 29 from Zopier) > > [Jun 1 21:35:35] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) > [Jun 1 21:35:37] NOTICE[582] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) > [Jun 1 21:35:40] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) > > > 3. Telephone access from Allstar. When using the dial in telephone number trying to get voice or function access it times out with a busy signal. I did a tcpdump port 4569 and I can see the telephone service making It to the machine: > > 21:43:29.564494 IP seal.lambdatel.com.iax > DMRLink.home.iax: UDP, length 96 > 21:43:29.565075 IP DMRLink.home.iax > seal.lambdatel.com.iax: UDP, length 65 > > > Using RAT RC1 > > Anyone have any thoughts to my three problems? > > Steve > K4KSA > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From steve at siesel.net Fri Jun 2 15:38:07 2017 From: steve at siesel.net (Steve Siesel) Date: Fri, 2 Jun 2017 11:38:07 -0400 Subject: [App_rpt-users] First Time Install with some issues.. In-Reply-To: <9866DCCF-2830-44CF-AA75-3D45AE17568B@gmail.com> References: <01ee01d2db43$5bb3af80$131b0e80$@siesel.net> <9866DCCF-2830-44CF-AA75-3D45AE17568B@gmail.com> Message-ID: <021501d2dbb6$3bc765e0$b35631a0$@siesel.net> Yes! I did set up extensions.conf as well. >From iax.conf: [k4ksa] username=steve type=friend context=myphone host=dynamic auth=md5 secret=xxxxxxxxx disallow=all allow=ulaw allow=g726aal2 allow=gsm codecpriority=host transfer=no ;callerid=K4KSA >From extensions.conf: [myphone] ?Settings for Zoiper exten => 46031,1,answer() ?Change the node number on all these lines to your ow$ exten => 46031,n,Playback(rpt/node) exten => 46031,n,Playback(digits/4) ? change the playback digits to your node a$ exten => 46031,n,Playback(digits/1) exten => 46031,n,Playback(digits/7) exten => 46031,n,Playback(digits/6) exten => 46031,n,Playback(digits/4) exten => 46031,n,Playback(rpt/connected) exten => 46031,n,rpt(46031|Pv) ? Change both numbers here to your node Also any idea why I can?t connect from the allstarlink telephone portal? Steve From: App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] On Behalf Of Bob Pyke Sent: Friday, June 02, 2017 10:47 AM To: Users of Asterisk app_rpt Subject: Re: [App_rpt-users] First Time Install with some issues.. Item 1, does not concern me. with respect to 2 & 3, how did you setup extensions.conf? Did you set it up for zoiper? Thanks, Bob k6ecm 73 Sent from iPad On Jun 1, 2017, at 6:55 PM, Steve Siesel > wrote: All, Here is what my problems are: 1. Getting the following in my asterisk trace: [Jun 1 21:33:22] WARNING[587] chan_iax2.c: REGISTER-LOG: registry rereqquest [Jun 1 21:34:12] WARNING[588] chan_iax2.c: REGISTER-LOG: Sending registration request for '46031' [Jun 1 21:34:12] WARNING[580] chan_iax2.c: REGISTER-LOG: registry rereqquest However my iax2 show registry shows: DMRLink*CLI> iax2 show registry Host dnsmgr Username Perceived Refresh State 67.215.233.178:4569 Y 46031 47.203.114.127:1025 60 Registered 2. I have port forwarded both udp and tcp 4569 to the Allstar node. I have also added the following to iax.conf for Zopier access: [k4ksa] username=steve type=friend context=myphone host=dynamic auth=md5 secret=xxxxxxx disallow=all allow=ulaw allow=g726aal2 allow=gsm codecpriority=host transfer=no ;callerid=K4KSA I have also added the context to extensions.conf as well. This is what I am getting in the asterisk trace when trying to register (also getting error 29 from Zopier) [Jun 1 21:35:35] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) [Jun 1 21:35:37] NOTICE[582] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) [Jun 1 21:35:40] NOTICE[585] chan_iax2.c: No registration for peer 'steve' (from 47.203.114.127) 3. Telephone access from Allstar. When using the dial in telephone number trying to get voice or function access it times out with a busy signal. I did a tcpdump port 4569 and I can see the telephone service making It to the machine: 21:43:29.564494 IP seal.lambdatel.com.iax > DMRLink.home.iax: UDP, length 96 21:43:29.565075 IP DMRLink.home.iax > seal.lambdatel.com.iax: UDP, length 65 Using RAT RC1 Anyone have any thoughts to my three problems? Steve K4KSA _______________________________________________ App_rpt-users mailing list App_rpt-users at lists.allstarlink.org http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Fri Jun 2 16:25:24 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Fri, 2 Jun 2017 09:25:24 -0700 Subject: [App_rpt-users] First Time Install with some issues.. In-Reply-To: <021501d2dbb6$3bc765e0$b35631a0$@siesel.net> References: <01ee01d2db43$5bb3af80$131b0e80$@siesel.net> <9866DCCF-2830-44CF-AA75-3D45AE17568B@gmail.com> <021501d2dbb6$3bc765e0$b35631a0$@siesel.net> Message-ID: <067BE02D-1F2B-4F44-97D0-611FD0481D63@gmail.com> I'm not seeing the issue. Also, I've not setup a phone, but wonder if you need to setup sip.conf, which also needs to be enabled in modules.conf. Thanks, Bob k6ecm 73 Sent from iPad > On Jun 2, 2017, at 8:38 AM, Steve Siesel wrote: > > conf: From zl1bhd at gmail.com Mon Jun 5 11:55:59 2017 From: zl1bhd at gmail.com (Steve Wright) Date: Mon, 5 Jun 2017 23:55:59 +1200 Subject: [App_rpt-users] ohnosec Message-ID: What is the proper entry point for asterisk app_rpt? If ohnosec is it, then quite frankly it is completely incoherent - even for seasoned linux folks. thanks s -------------- next part -------------- An HTML attachment was scrubbed... URL: From szingman at msgstor.com Mon Jun 5 12:15:33 2017 From: szingman at msgstor.com (Steve Zingman) Date: Mon, 5 Jun 2017 08:15:33 -0400 Subject: [App_rpt-users] ohnosec In-Reply-To: References: Message-ID: <4bf05661-3e14-b046-3551-b4e01747e162@msgstor.com> Steve, I'm not sure what you mean by entry point. 73, Steve N4IRS On 6/5/2017 7:55 AM, Steve Wright wrote: > What is the proper entry point for asterisk app_rpt? > > If ohnosec is it, then quite frankly it is completely incoherent - > even for seasoned linux folks. > > thanks > s > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Mon Jun 5 20:25:00 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Mon, 5 Jun 2017 13:25:00 -0700 Subject: [App_rpt-users] ohnosec In-Reply-To: <4bf05661-3e14-b046-3551-b4e01747e162@msgstor.com> References: <4bf05661-3e14-b046-3551-b4e01747e162@msgstor.com> Message-ID: <83876786-E652-4B41-B26E-4F2E581A9F9C@gmail.com> http://docs.allstarlink.org/drupal/ Although I do like and still use ohnosec, the old site:-) Search the web where you will find some blogs on setting up asterisk for the first time. They were written for the older version ACID, but they still work. Thanks, Bob Sent from my iPhone > On Jun 5, 2017, at 5:15 AM, Steve Zingman wrote: > > Steve, > I'm not sure what you mean by entry point. > > 73, Steve N4IRS > >> On 6/5/2017 7:55 AM, Steve Wright wrote: >> What is the proper entry point for asterisk app_rpt? >> >> If ohnosec is it, then quite frankly it is completely incoherent - even for seasoned linux folks. >> >> thanks >> s >> >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Mon Jun 5 20:28:43 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Mon, 5 Jun 2017 13:28:43 -0700 Subject: [App_rpt-users] ohnosec In-Reply-To: <83876786-E652-4B41-B26E-4F2E581A9F9C@gmail.com> References: <4bf05661-3e14-b046-3551-b4e01747e162@msgstor.com> <83876786-E652-4B41-B26E-4F2E581A9F9C@gmail.com> Message-ID: <5C9E0152-8F83-4595-8B12-4CE3D01AC391@gmail.com> P.S. For better understanding of Asterisk in general there is https://www.amazon.com/gp/aw/d/1449332420/ref=mp_s_a_1_1?ie=UTF8&qid=1496694406&sr=8-1&pi=AC_SX236_SY340_QL65&keywords=asterisk Sent from my iPhone > On Jun 5, 2017, at 1:25 PM, Bob Pyke wrote: > > http://docs.allstarlink.org/drupal/ > > Although I do like and still use ohnosec, the old site:-) > > Search the web where you will find some blogs on setting up asterisk for the first time. They were written for the older version ACID, but they still work. > > Thanks, > Bob > > Sent from my iPhone > >> On Jun 5, 2017, at 5:15 AM, Steve Zingman wrote: >> >> Steve, >> I'm not sure what you mean by entry point. >> >> 73, Steve N4IRS >> >>> On 6/5/2017 7:55 AM, Steve Wright wrote: >>> What is the proper entry point for asterisk app_rpt? >>> >>> If ohnosec is it, then quite frankly it is completely incoherent - even for seasoned linux folks. >>> >>> thanks >>> s >>> >>> >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Mon Jun 5 21:00:16 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Mon, 5 Jun 2017 16:00:16 -0500 Subject: [App_rpt-users] ohnosec In-Reply-To: <5C9E0152-8F83-4595-8B12-4CE3D01AC391@gmail.com> References: <4bf05661-3e14-b046-3551-b4e01747e162@msgstor.com> <83876786-E652-4B41-B26E-4F2E581A9F9C@gmail.com> <5C9E0152-8F83-4595-8B12-4CE3D01AC391@gmail.com> Message-ID: Instead of paying 40 dollars for the book you can also download the book free http://asterisk-service.com/downloads/Asterisk-%20The%20Definitive%20Guide,%204th%20Edition.pdf Just a thought.. Loren Tedford (KC9ZHV) Phone:618-553-0806 Fax: 1-618-551-2755 Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Mon, Jun 5, 2017 at 3:28 PM, Bob Pyke wrote: > P.S. For better understanding of Asterisk in general there is > https://www.amazon.com/gp/aw/d/1449332420/ref=mp_s_a_1_ > 1?ie=UTF8&qid=1496694406&sr=8-1&pi=AC_SX236_SY340_QL65&keywords=asterisk > > Sent from my iPhone > > On Jun 5, 2017, at 1:25 PM, Bob Pyke wrote: > > http://docs.allstarlink.org/drupal/ > > Although I do like and still use ohnosec, the old site:-) > > Search the web where you will find some blogs on setting up asterisk for > the first time. They were written for the older version ACID, but they > still work. > > Thanks, > Bob > > Sent from my iPhone > > On Jun 5, 2017, at 5:15 AM, Steve Zingman wrote: > > Steve, > I'm not sure what you mean by entry point. > > 73, Steve N4IRS > > On 6/5/2017 7:55 AM, Steve Wright wrote: > > What is the proper entry point for asterisk app_rpt? > > If ohnosec is it, then quite frankly it is completely incoherent - even > for seasoned linux folks. > > thanks > s > > > > _______________________________________________ > App_rpt-users mailing listApp_rpt-users at lists.allstarlink.orghttp://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerutley at gmail.com Mon Jun 5 21:05:10 2017 From: jerutley at gmail.com (Jeremy Utley) Date: Mon, 5 Jun 2017 16:05:10 -0500 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com> References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com> Message-ID: Hello all! Forgive me for thread necromancy on this one! I just today had my hub node compromised - luckily all they did was try to attack SSH on another host (at least that's all I've been able to determine so far). So, I'm going to be rebuilding that Hub node tonite. The reason I post is, I am actually a Linux sys-admin in my day job - would there be any benefit in me doing a write-up on what all steps I take in securing DIAL? At least a high-level overview of what I end up doing that others can build from? Also, I just want to make sure - doing the standard apt-get update / upgrade on DIAL will not break anything, right? Jeremy, NQ0M On Thu, May 11, 2017 at 11:42 AM, Steve Zingman wrote: > Thor, > I agree that things need to be tightened up. Now that the mandate has > changed, those things are changing. I would welcome someone taking on the > guidance in system administration piece of the puzzle. > > 73, Steve N4IRS > > > On 5/11/2017 12:35 PM, Thor Wiegman wrote: >> >> You're not the first person I'm aware of to have this type of problem. >> AllStarLink nodes are an easy target to become bitcoin miners and members of >> botnets. Most people installing these nodes don't know the basics of Linux >> system administration and the defaults aren't even remotely secure. >> >> Not only should that "debian" user be deleted, the appropriate changes to >> SSH need to be made to prevent the superuser "root" from logging in >> remotely. That is one of the first things that everyone needs to be change >> after installation of a DIAL system, not sure why it's even allowed by >> default. >> >> I've noticed that a lot of node ops tend to login as root and execute >> commands as the root user. Crazy! It's an extremely dangerous and insecure >> thing to do, but people new to Linux don't know any better. >> >> It would be nice if the default installation were setup in such a way that >> prevented or discouraged login by the superuser. It's odd that sudo doesn't >> appear to be installed by default. Would be very nice if the installation >> script prompted for the creation of a user account with proper permissions >> in much the same way as standard distros do. Not perfect, but it's a start. >> >> Most of these systems are being run by people who are new to Linux. They >> don't know about Linux/Unix system administration and nobody is "elmering" >> them in it. The result is people taking dangerous shortcuts and developing >> bad habits. The community would benefit from some guidance in system >> administration as well as from some improved defaults in the distro. >> >> >> >> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote: >>> >>> What is the "debian" user in the DIAL distro? >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. From zl1bhd at gmail.com Mon Jun 5 21:15:24 2017 From: zl1bhd at gmail.com (Steve Wright) Date: Tue, 6 Jun 2017 09:15:24 +1200 Subject: [App_rpt-users] App_rpt-users Digest, Vol 100, Issue 6 In-Reply-To: References: Message-ID: On Tue, Jun 6, 2017 at 9:00 AM, Bob Pyke wrote: > > > http://docs.allstarlink.org/drupal/ > > Thanks Bob, others. Don't quite know why I didn't find that.. Overall, the docs are pretty frustrating and I don't have anywhere near the skills to rewrite them. Steve -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Mon Jun 5 21:54:51 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Mon, 5 Jun 2017 16:54:51 -0500 Subject: [App_rpt-users] App_rpt-users Digest, Vol 100, Issue 6 In-Reply-To: References: Message-ID: I actually didn't fully read everyone's comments I suppose some how you guys wanna learn more about asterisk here is the online pdf files that i have from about 2 years ago when i was trying to work on other solutions and stuff in asterisk and never gotten around to fully research and develop changes that i wanted to incorporate into allstarlink.. Of course I am not a pro programmer like everyone else but had the desire back then to really want to make this program stand out to the ham community and the hobbiest.. I have lost this vision and personally just do enough to get by with my systems.. Its amazing how a medical situation can change your mind on the hobby oh well here it goes the list i have for asterisk education.. List of pdf file and links.. http://asterisk-service.com/en_US/page/asterisk-books (Needs Translated to English not all links work) Here is the Links that work http://asterisk-service.com/downloads/TrixboxMadeEasy.pdf http://asterisk-service.com/downloads/Asterisk-%20The%20Definitive%20Guide,%204th%20Edition.pdf http://asterisk-service.com/downloads/TrixboxCE-2.6.pdf http://asterisk-service.com/downloads/elastix_without_tears.pdf http://asterisk-service.com/downloads/FreePBX-2.5.pdf http://asterisk-service.com/downloads/Asterisk-1.4.pdf http://asterisk-service.com/downloads/trixbox_without_tears.pdf Grab them now before they disapeer you never know when this stuff goes away.. PS All I wanna do is help the allstarlink community and other hams that's my goal... Loren Tedford (KC9ZHV) Phone: Fax: Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Mon, Jun 5, 2017 at 4:15 PM, Steve Wright wrote: > > On Tue, Jun 6, 2017 at 9:00 AM, Bob Pyke wrote: > >> >> >> http://docs.allstarlink.org/drupal/ >> >> > Thanks Bob, others. > > Don't quite know why I didn't find that.. Overall, the docs are pretty > frustrating and I don't have anywhere near the skills to rewrite them. > > > Steve > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Mon Jun 5 22:04:08 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Mon, 5 Jun 2017 15:04:08 -0700 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com> Message-ID: I would benefit from as much as you'd like to share. :-) Thanks, Bob Sent from my iPhone > On Jun 5, 2017, at 2:05 PM, Jeremy Utley wrote: > > Hello all! > > Forgive me for thread necromancy on this one! I just today had my hub > node compromised - luckily all they did was try to attack SSH on > another host (at least that's all I've been able to determine so far). > So, I'm going to be rebuilding that Hub node tonite. The reason I > post is, I am actually a Linux sys-admin in my day job - would there > be any benefit in me doing a write-up on what all steps I take in > securing DIAL? At least a high-level overview of what I end up doing > that others can build from? > > Also, I just want to make sure - doing the standard apt-get update / > upgrade on DIAL will not break anything, right? > > Jeremy, NQ0M > >> On Thu, May 11, 2017 at 11:42 AM, Steve Zingman wrote: >> Thor, >> I agree that things need to be tightened up. Now that the mandate has >> changed, those things are changing. I would welcome someone taking on the >> guidance in system administration piece of the puzzle. >> >> 73, Steve N4IRS >> >> >>> On 5/11/2017 12:35 PM, Thor Wiegman wrote: >>> >>> You're not the first person I'm aware of to have this type of problem. >>> AllStarLink nodes are an easy target to become bitcoin miners and members of >>> botnets. Most people installing these nodes don't know the basics of Linux >>> system administration and the defaults aren't even remotely secure. >>> >>> Not only should that "debian" user be deleted, the appropriate changes to >>> SSH need to be made to prevent the superuser "root" from logging in >>> remotely. That is one of the first things that everyone needs to be change >>> after installation of a DIAL system, not sure why it's even allowed by >>> default. >>> >>> I've noticed that a lot of node ops tend to login as root and execute >>> commands as the root user. Crazy! It's an extremely dangerous and insecure >>> thing to do, but people new to Linux don't know any better. >>> >>> It would be nice if the default installation were setup in such a way that >>> prevented or discouraged login by the superuser. It's odd that sudo doesn't >>> appear to be installed by default. Would be very nice if the installation >>> script prompted for the creation of a user account with proper permissions >>> in much the same way as standard distros do. Not perfect, but it's a start. >>> >>> Most of these systems are being run by people who are new to Linux. They >>> don't know about Linux/Unix system administration and nobody is "elmering" >>> them in it. The result is people taking dangerous shortcuts and developing >>> bad habits. The community would benefit from some guidance in system >>> administration as well as from some improved defaults in the distro. >>> >>> >>> >>>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote: >>>> >>>> What is the "debian" user in the DIAL distro? >>> >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. From lorentedford at gmail.com Mon Jun 5 22:07:59 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Mon, 5 Jun 2017 17:07:59 -0500 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com>

Message-ID: Bob the biggest problem is I can't remember where i left off and put most of my documentation in two forums.. forum.kc9zhv.com and forum.voipham.com you will just have to dig around and ask me if you come onto some thing whether i remember anything about it.. Their was so much stuff.. Loren Tedford (KC9ZHV) Phone: Fax: Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Mon, Jun 5, 2017 at 5:04 PM, Bob Pyke wrote: > I would benefit from as much as you'd like to share. :-) > > Thanks, > Bob > > Sent from my iPhone > > > On Jun 5, 2017, at 2:05 PM, Jeremy Utley wrote: > > > > Hello all! > > > > Forgive me for thread necromancy on this one! I just today had my hub > > node compromised - luckily all they did was try to attack SSH on > > another host (at least that's all I've been able to determine so far). > > So, I'm going to be rebuilding that Hub node tonite. The reason I > > post is, I am actually a Linux sys-admin in my day job - would there > > be any benefit in me doing a write-up on what all steps I take in > > securing DIAL? At least a high-level overview of what I end up doing > > that others can build from? > > > > Also, I just want to make sure - doing the standard apt-get update / > > upgrade on DIAL will not break anything, right? > > > > Jeremy, NQ0M > > > >> On Thu, May 11, 2017 at 11:42 AM, Steve Zingman > wrote: > >> Thor, > >> I agree that things need to be tightened up. Now that the mandate has > >> changed, those things are changing. I would welcome someone taking on > the > >> guidance in system administration piece of the puzzle. > >> > >> 73, Steve N4IRS > >> > >> > >>> On 5/11/2017 12:35 PM, Thor Wiegman wrote: > >>> > >>> You're not the first person I'm aware of to have this type of problem. > >>> AllStarLink nodes are an easy target to become bitcoin miners and > members of > >>> botnets. Most people installing these nodes don't know the basics of > Linux > >>> system administration and the defaults aren't even remotely secure. > >>> > >>> Not only should that "debian" user be deleted, the appropriate changes > to > >>> SSH need to be made to prevent the superuser "root" from logging in > >>> remotely. That is one of the first things that everyone needs to be > change > >>> after installation of a DIAL system, not sure why it's even allowed by > >>> default. > >>> > >>> I've noticed that a lot of node ops tend to login as root and execute > >>> commands as the root user. Crazy! It's an extremely dangerous and > insecure > >>> thing to do, but people new to Linux don't know any better. > >>> > >>> It would be nice if the default installation were setup in such a way > that > >>> prevented or discouraged login by the superuser. It's odd that sudo > doesn't > >>> appear to be installed by default. Would be very nice if the > installation > >>> script prompted for the creation of a user account with proper > permissions > >>> in much the same way as standard distros do. Not perfect, but it's a > start. > >>> > >>> Most of these systems are being run by people who are new to Linux. > They > >>> don't know about Linux/Unix system administration and nobody is > "elmering" > >>> them in it. The result is people taking dangerous shortcuts and > developing > >>> bad habits. The community would benefit from some guidance in system > >>> administration as well as from some improved defaults in the distro. > >>> > >>> > >>> > >>>> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org > wrote: > >>>> > >>>> What is the "debian" user in the DIAL distro? > >>> > >>> > >>> _______________________________________________ > >>> App_rpt-users mailing list > >>> App_rpt-users at lists.allstarlink.org > >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > >>> > >>> To unsubscribe from this list please visit > >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > and > >>> scroll down to the bottom of the page. Enter your email address and > press > >>> the "Unsubscribe or edit options button" > >>> You do not need a password to unsubscribe, you can do it via email > >>> confirmation. If you have trouble unsubscribing, please send a message > to > >>> the list detailing the problem. > >> > >> > >> _______________________________________________ > >> App_rpt-users mailing list > >> App_rpt-users at lists.allstarlink.org > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > >> > >> To unsubscribe from this list please visit > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > >> scroll down to the bottom of the page. Enter your email address and > press > >> the "Unsubscribe or edit options button" > >> You do not need a password to unsubscribe, you can do it via email > >> confirmation. If you have trouble unsubscribing, please send a message > to > >> the list detailing the problem. > > _______________________________________________ > > App_rpt-users mailing list > > App_rpt-users at lists.allstarlink.org > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From k6ecm1 at gmail.com Mon Jun 5 22:15:51 2017 From: k6ecm1 at gmail.com (Bob Pyke) Date: Mon, 5 Jun 2017 15:15:51 -0700 Subject: [App_rpt-users] App_rpt-users Digest, Vol 100, Issue 6 In-Reply-To: References:

Message-ID: <079122E7-713D-40AE-B635-955DF5305D04@gmail.com> Cool! Thanks, Bob Sent from my iPhone > On Jun 5, 2017, at 2:54 PM, Loren Tedford wrote: > > I actually didn't fully read everyone's comments I suppose some how you guys wanna learn more about asterisk here is the online pdf files that i have from about 2 years ago when i was trying to work on other solutions and stuff in asterisk and never gotten around to fully research and develop changes that i wanted to incorporate into allstarlink.. Of course I am not a pro programmer like everyone else but had the desire back then to really want to make this program stand out to the ham community and the hobbiest.. I have lost this vision and personally just do enough to get by with my systems.. Its amazing how a medical situation can change your mind on the hobby oh well here it goes the list i have for asterisk education.. > > List of pdf file and links.. > http://asterisk-service.com/en_US/page/asterisk-books (Needs Translated to English not all links work) > > Here is the Links that work > > http://asterisk-service.com/downloads/TrixboxMadeEasy.pdf > http://asterisk-service.com/downloads/Asterisk-%20The%20Definitive%20Guide,%204th%20Edition.pdf > http://asterisk-service.com/downloads/TrixboxCE-2.6.pdf > http://asterisk-service.com/downloads/elastix_without_tears.pdf > http://asterisk-service.com/downloads/FreePBX-2.5.pdf > http://asterisk-service.com/downloads/Asterisk-1.4.pdf > http://asterisk-service.com/downloads/trixbox_without_tears.pdf > > Grab them now before they disapeer you never know when this stuff goes away.. > > > > > > > PS All I wanna do is help the allstarlink community and other hams that's my goal... > > Loren Tedford (KC9ZHV) > Phone: > Fax: > Email: lorentedford at gmail.com > Email: KC9ZHV at KC9ZHV.com > http://www.lorentedford.com > http://www.kc9zhv.com > http://forum.kc9zhv.com > http://hub.kc9zhv.com > http://Ltcraft.net > http://voipham.com > >> On Mon, Jun 5, 2017 at 4:15 PM, Steve Wright wrote: >> >>> On Tue, Jun 6, 2017 at 9:00 AM, Bob Pyke wrote: >>> >>> >>> http://docs.allstarlink.org/drupal/ >>> >> >> Thanks Bob, others. >> >> Don't quite know why I didn't find that.. Overall, the docs are pretty frustrating and I don't have anywhere near the skills to rewrite them. >> >> >> Steve >> >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerutley at gmail.com Tue Jun 6 02:13:50 2017 From: jerutley at gmail.com (Jeremy Utley) Date: Mon, 5 Jun 2017 21:13:50 -0500 Subject: [App_rpt-users] A little confusion regarding the X86 Downloads Message-ID: <01b101d2de6a$8a066420$9e132c60$@gmail.com> Hey all! As I reinstall my hub node after it got compromised this morning, I find myself a little confused at just which download option I should use for an amd64 architecture machine. The site seems to recommend DIAL RC1, but RC *usually* means Release Candidate - meaning it's not quite ready for prime time, but getting close to release. I would not usually consider a "RC" release to be the recommended release under any circumstances. The other problem comes from looking at the file modification dates on the dvswitch.org server: The RC1 file - amd64-i386-DIAL-RC1.tar.gz - is dated Nov 15, 2016 The other file - dial-allstar-netinstall.iso - is dated Jan 22, 2017 So it *seems* that the RC1 is older than the other one, while still being the recommended install - but the name would not tend to agree, as the RC should be a candidate for release as a newer version, so should be newer than the existing "stable" version - and the stable version should be the recommended download - or at least this is how it would work in most open source projects. What am I missing? And once installed, is there any danger in using the Debian "apt-get update" command to update the packages for the underlying Linux OS to their newest versions? Thanks, Jeremy, NQ0M -------------- next part -------------- An HTML attachment was scrubbed... URL: From petem001 at gmail.com Tue Jun 6 02:28:34 2017 From: petem001 at gmail.com (Pierre Martel) Date: Tue, 06 Jun 2017 02:28:34 +0000 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com> Message-ID: Hi Jeremy, Can you tell us what they did to enter in the system? this would be the first thing to change on any dial system. Thanks for letting us know that there is a way to compomise a node, that way we can prepare our nodes for a futur attack Pierre VE2PF Le lun. 5 juin 2017 ? 17:05, Jeremy Utley a ?crit : > Hello all! > > Forgive me for thread necromancy on this one! I just today had my hub > node compromised - luckily all they did was try to attack SSH on > another host (at least that's all I've been able to determine so far). > So, I'm going to be rebuilding that Hub node tonite. The reason I > post is, I am actually a Linux sys-admin in my day job - would there > be any benefit in me doing a write-up on what all steps I take in > securing DIAL? At least a high-level overview of what I end up doing > that others can build from? > > Also, I just want to make sure - doing the standard apt-get update / > upgrade on DIAL will not break anything, right? > > Jeremy, NQ0M > > On Thu, May 11, 2017 at 11:42 AM, Steve Zingman > wrote: > > Thor, > > I agree that things need to be tightened up. Now that the mandate has > > changed, those things are changing. I would welcome someone taking on the > > guidance in system administration piece of the puzzle. > > > > 73, Steve N4IRS > > > > > > On 5/11/2017 12:35 PM, Thor Wiegman wrote: > >> > >> You're not the first person I'm aware of to have this type of problem. > >> AllStarLink nodes are an easy target to become bitcoin miners and > members of > >> botnets. Most people installing these nodes don't know the basics of > Linux > >> system administration and the defaults aren't even remotely secure. > >> > >> Not only should that "debian" user be deleted, the appropriate changes > to > >> SSH need to be made to prevent the superuser "root" from logging in > >> remotely. That is one of the first things that everyone needs to be > change > >> after installation of a DIAL system, not sure why it's even allowed by > >> default. > >> > >> I've noticed that a lot of node ops tend to login as root and execute > >> commands as the root user. Crazy! It's an extremely dangerous and > insecure > >> thing to do, but people new to Linux don't know any better. > >> > >> It would be nice if the default installation were setup in such a way > that > >> prevented or discouraged login by the superuser. It's odd that sudo > doesn't > >> appear to be installed by default. Would be very nice if the > installation > >> script prompted for the creation of a user account with proper > permissions > >> in much the same way as standard distros do. Not perfect, but it's a > start. > >> > >> Most of these systems are being run by people who are new to Linux. > They > >> don't know about Linux/Unix system administration and nobody is > "elmering" > >> them in it. The result is people taking dangerous shortcuts and > developing > >> bad habits. The community would benefit from some guidance in system > >> administration as well as from some improved defaults in the distro. > >> > >> > >> > >> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org > wrote: > >>> > >>> What is the "debian" user in the DIAL distro? > >> > >> > >> _______________________________________________ > >> App_rpt-users mailing list > >> App_rpt-users at lists.allstarlink.org > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > >> > >> To unsubscribe from this list please visit > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > >> scroll down to the bottom of the page. Enter your email address and > press > >> the "Unsubscribe or edit options button" > >> You do not need a password to unsubscribe, you can do it via email > >> confirmation. If you have trouble unsubscribing, please send a message > to > >> the list detailing the problem. > > > > > > _______________________________________________ > > App_rpt-users mailing list > > App_rpt-users at lists.allstarlink.org > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > > > To unsubscribe from this list please visit > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > > scroll down to the bottom of the page. Enter your email address and press > > the "Unsubscribe or edit options button" > > You do not need a password to unsubscribe, you can do it via email > > confirmation. If you have trouble unsubscribing, please send a message to > > the list detailing the problem. > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerutley at gmail.com Tue Jun 6 02:50:25 2017 From: jerutley at gmail.com (Jeremy Utley) Date: Mon, 5 Jun 2017 21:50:25 -0500 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com>

Message-ID: <01c501d2de6f$a6a764d0$f3f62e70$@gmail.com> To be honest, I scoured the system and couldn?t find any indication of how they got into it. However, my logs stopped somewhere around June 2 due to the log2ram partition filling up, so I didn?t have a LOT to go on. The only way I even found out was the machine was probing SSH ports on hosts out on the internet, and got caught by a fail2ban script and reported to my employer (who just happens to host the server the VM was running on). That ?Debian? user is a prime candidate ? but I couldn?t see any evidence that was where it came from. At any rate, I have wiped the VM and am in the process of reinstalling now. I?m going to be doing some serious hardening of the system (to rival what we do at work in our PCI-compliant cluster), and will document what steps I take onto my Wordpress blog ? including firewalling the box, limiting SSH connections, and a whole host of other stuff. Jeremy From: App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] On Behalf Of Pierre Martel Sent: Monday, June 5, 2017 9:29 PM To: Users of Asterisk app_rpt Subject: Re: [App_rpt-users] What is the "debian" user in the DIAL distro? Hi Jeremy, Can you tell us what they did to enter in the system? this would be the first thing to change on any dial system. Thanks for letting us know that there is a way to compomise a node, that way we can prepare our nodes for a futur attack Pierre VE2PF Le lun. 5 juin 2017 ? 17:05, Jeremy Utley > a ?crit : Hello all! Forgive me for thread necromancy on this one! I just today had my hub node compromised - luckily all they did was try to attack SSH on another host (at least that's all I've been able to determine so far). So, I'm going to be rebuilding that Hub node tonite. The reason I post is, I am actually a Linux sys-admin in my day job - would there be any benefit in me doing a write-up on what all steps I take in securing DIAL? At least a high-level overview of what I end up doing that others can build from? Also, I just want to make sure - doing the standard apt-get update / upgrade on DIAL will not break anything, right? Jeremy, NQ0M On Thu, May 11, 2017 at 11:42 AM, Steve Zingman > wrote: > Thor, > I agree that things need to be tightened up. Now that the mandate has > changed, those things are changing. I would welcome someone taking on the > guidance in system administration piece of the puzzle. > > 73, Steve N4IRS > > > On 5/11/2017 12:35 PM, Thor Wiegman wrote: >> >> You're not the first person I'm aware of to have this type of problem. >> AllStarLink nodes are an easy target to become bitcoin miners and members of >> botnets. Most people installing these nodes don't know the basics of Linux >> system administration and the defaults aren't even remotely secure. >> >> Not only should that "debian" user be deleted, the appropriate changes to >> SSH need to be made to prevent the superuser "root" from logging in >> remotely. That is one of the first things that everyone needs to be change >> after installation of a DIAL system, not sure why it's even allowed by >> default. >> >> I've noticed that a lot of node ops tend to login as root and execute >> commands as the root user. Crazy! It's an extremely dangerous and insecure >> thing to do, but people new to Linux don't know any better. >> >> It would be nice if the default installation were setup in such a way that >> prevented or discouraged login by the superuser. It's odd that sudo doesn't >> appear to be installed by default. Would be very nice if the installation >> script prompted for the creation of a user account with proper permissions >> in much the same way as standard distros do. Not perfect, but it's a start. >> >> Most of these systems are being run by people who are new to Linux. They >> don't know about Linux/Unix system administration and nobody is "elmering" >> them in it. The result is people taking dangerous shortcuts and developing >> bad habits. The community would benefit from some guidance in system >> administration as well as from some improved defaults in the distro. >> >> >> >> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org wrote: >>> >>> What is the "debian" user in the DIAL distro? >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. _______________________________________________ App_rpt-users mailing list App_rpt-users at lists.allstarlink.org http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Tue Jun 6 03:14:17 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Mon, 5 Jun 2017 22:14:17 -0500 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: <01c501d2de6f$a6a764d0$f3f62e70$@gmail.com> References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com>

<01c501d2de6f$a6a764d0$f3f62e70$@gmail.com> Message-ID: This is the wiki i use to use when i was hosting my dial on linode.. https://www.linode.com/docs/security/securing-your-server Loren Tedford (KC9ZHV) Phone: Fax: Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Mon, Jun 5, 2017 at 9:50 PM, Jeremy Utley wrote: > To be honest, I scoured the system and couldn?t find any indication of how > they got into it. However, my logs stopped somewhere around June 2 due to > the log2ram partition filling up, so I didn?t have a LOT to go on. The > only way I even found out was the machine was probing SSH ports on hosts > out on the internet, and got caught by a fail2ban script and reported to my > employer (who just happens to host the server the VM was running on). That > ?Debian? user is a prime candidate ? but I couldn?t see any evidence that > was where it came from. At any rate, I have wiped the VM and am in the > process of reinstalling now. I?m going to be doing some serious hardening > of the system (to rival what we do at work in our PCI-compliant cluster), > and will document what steps I take onto my Wordpress blog ? including > firewalling the box, limiting SSH connections, and a whole host of other > stuff. > > > > Jeremy > > > > *From:* App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] > *On Behalf Of *Pierre Martel > *Sent:* Monday, June 5, 2017 9:29 PM > *To:* Users of Asterisk app_rpt > *Subject:* Re: [App_rpt-users] What is the "debian" user in the DIAL > distro? > > > > Hi Jeremy, > > > > Can you tell us what they did to enter in the system? this would be the > first thing to change on any dial system. > > > > Thanks for letting us know that there is a way to compomise a node, that > way we can prepare our nodes for a futur attack > > > > Pierre > > VE2PF > > > > > > Le lun. 5 juin 2017 ? 17:05, Jeremy Utley a ?crit : > > Hello all! > > Forgive me for thread necromancy on this one! I just today had my hub > node compromised - luckily all they did was try to attack SSH on > another host (at least that's all I've been able to determine so far). > So, I'm going to be rebuilding that Hub node tonite. The reason I > post is, I am actually a Linux sys-admin in my day job - would there > be any benefit in me doing a write-up on what all steps I take in > securing DIAL? At least a high-level overview of what I end up doing > that others can build from? > > Also, I just want to make sure - doing the standard apt-get update / > upgrade on DIAL will not break anything, right? > > Jeremy, NQ0M > > On Thu, May 11, 2017 at 11:42 AM, Steve Zingman > wrote: > > Thor, > > I agree that things need to be tightened up. Now that the mandate has > > changed, those things are changing. I would welcome someone taking on the > > guidance in system administration piece of the puzzle. > > > > 73, Steve N4IRS > > > > > > On 5/11/2017 12:35 PM, Thor Wiegman wrote: > >> > >> You're not the first person I'm aware of to have this type of problem. > >> AllStarLink nodes are an easy target to become bitcoin miners and > members of > >> botnets. Most people installing these nodes don't know the basics of > Linux > >> system administration and the defaults aren't even remotely secure. > >> > >> Not only should that "debian" user be deleted, the appropriate changes > to > >> SSH need to be made to prevent the superuser "root" from logging in > >> remotely. That is one of the first things that everyone needs to be > change > >> after installation of a DIAL system, not sure why it's even allowed by > >> default. > >> > >> I've noticed that a lot of node ops tend to login as root and execute > >> commands as the root user. Crazy! It's an extremely dangerous and > insecure > >> thing to do, but people new to Linux don't know any better. > >> > >> It would be nice if the default installation were setup in such a way > that > >> prevented or discouraged login by the superuser. It's odd that sudo > doesn't > >> appear to be installed by default. Would be very nice if the > installation > >> script prompted for the creation of a user account with proper > permissions > >> in much the same way as standard distros do. Not perfect, but it's a > start. > >> > >> Most of these systems are being run by people who are new to Linux. > They > >> don't know about Linux/Unix system administration and nobody is > "elmering" > >> them in it. The result is people taking dangerous shortcuts and > developing > >> bad habits. The community would benefit from some guidance in system > >> administration as well as from some improved defaults in the distro. > >> > >> > >> > >> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org > wrote: > >>> > >>> What is the "debian" user in the DIAL distro? > >> > >> > >> _______________________________________________ > >> App_rpt-users mailing list > >> App_rpt-users at lists.allstarlink.org > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > >> > >> To unsubscribe from this list please visit > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > >> scroll down to the bottom of the page. Enter your email address and > press > >> the "Unsubscribe or edit options button" > >> You do not need a password to unsubscribe, you can do it via email > >> confirmation. If you have trouble unsubscribing, please send a message > to > >> the list detailing the problem. > > > > > > _______________________________________________ > > App_rpt-users mailing list > > App_rpt-users at lists.allstarlink.org > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > > > To unsubscribe from this list please visit > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > > scroll down to the bottom of the page. Enter your email address and press > > the "Unsubscribe or edit options button" > > You do not need a password to unsubscribe, you can do it via email > > confirmation. If you have trouble unsubscribing, please send a message to > > the list detailing the problem. > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From petem001 at gmail.com Tue Jun 6 03:17:22 2017 From: petem001 at gmail.com (Pierre Martel) Date: Tue, 06 Jun 2017 03:17:22 +0000 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: <01c501d2de6f$a6a764d0$f3f62e70$@gmail.com> References: <7d84d718-f0b7-14dc-f869-35ff0af0d759@aplaceonthe.net> <00260bd6-a3d7-4123-50b8-754bef8564a7@msgstor.com>

<01c501d2de6f$a6a764d0$f3f62e70$@gmail.com> Message-ID: Thanks, Keep us posted on when you will post on your blog, it will help the ham community a lot, we are not all security computer specialist. In fact, most of us are more unsecure computer jack of all trade ;-) Le lun. 5 juin 2017 ? 22:50, Jeremy Utley a ?crit : > To be honest, I scoured the system and couldn?t find any indication of how > they got into it. However, my logs stopped somewhere around June 2 due to > the log2ram partition filling up, so I didn?t have a LOT to go on. The > only way I even found out was the machine was probing SSH ports on hosts > out on the internet, and got caught by a fail2ban script and reported to my > employer (who just happens to host the server the VM was running on). That > ?Debian? user is a prime candidate ? but I couldn?t see any evidence that > was where it came from. At any rate, I have wiped the VM and am in the > process of reinstalling now. I?m going to be doing some serious hardening > of the system (to rival what we do at work in our PCI-compliant cluster), > and will document what steps I take onto my Wordpress blog ? including > firewalling the box, limiting SSH connections, and a whole host of other > stuff. > > > > Jeremy > > > > *From:* App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] > *On Behalf Of *Pierre Martel > *Sent:* Monday, June 5, 2017 9:29 PM > *To:* Users of Asterisk app_rpt > *Subject:* Re: [App_rpt-users] What is the "debian" user in the DIAL > distro? > > > > Hi Jeremy, > > > > Can you tell us what they did to enter in the system? this would be the > first thing to change on any dial system. > > > > Thanks for letting us know that there is a way to compomise a node, that > way we can prepare our nodes for a futur attack > > > > Pierre > > VE2PF > > > > > > Le lun. 5 juin 2017 ? 17:05, Jeremy Utley a ?crit : > > Hello all! > > Forgive me for thread necromancy on this one! I just today had my hub > node compromised - luckily all they did was try to attack SSH on > another host (at least that's all I've been able to determine so far). > So, I'm going to be rebuilding that Hub node tonite. The reason I > post is, I am actually a Linux sys-admin in my day job - would there > be any benefit in me doing a write-up on what all steps I take in > securing DIAL? At least a high-level overview of what I end up doing > that others can build from? > > Also, I just want to make sure - doing the standard apt-get update / > upgrade on DIAL will not break anything, right? > > Jeremy, NQ0M > > On Thu, May 11, 2017 at 11:42 AM, Steve Zingman > wrote: > > Thor, > > I agree that things need to be tightened up. Now that the mandate has > > changed, those things are changing. I would welcome someone taking on the > > guidance in system administration piece of the puzzle. > > > > 73, Steve N4IRS > > > > > > On 5/11/2017 12:35 PM, Thor Wiegman wrote: > >> > >> You're not the first person I'm aware of to have this type of problem. > >> AllStarLink nodes are an easy target to become bitcoin miners and > members of > >> botnets. Most people installing these nodes don't know the basics of > Linux > >> system administration and the defaults aren't even remotely secure. > >> > >> Not only should that "debian" user be deleted, the appropriate changes > to > >> SSH need to be made to prevent the superuser "root" from logging in > >> remotely. That is one of the first things that everyone needs to be > change > >> after installation of a DIAL system, not sure why it's even allowed by > >> default. > >> > >> I've noticed that a lot of node ops tend to login as root and execute > >> commands as the root user. Crazy! It's an extremely dangerous and > insecure > >> thing to do, but people new to Linux don't know any better. > >> > >> It would be nice if the default installation were setup in such a way > that > >> prevented or discouraged login by the superuser. It's odd that sudo > doesn't > >> appear to be installed by default. Would be very nice if the > installation > >> script prompted for the creation of a user account with proper > permissions > >> in much the same way as standard distros do. Not perfect, but it's a > start. > >> > >> Most of these systems are being run by people who are new to Linux. > They > >> don't know about Linux/Unix system administration and nobody is > "elmering" > >> them in it. The result is people taking dangerous shortcuts and > developing > >> bad habits. The community would benefit from some guidance in system > >> administration as well as from some improved defaults in the distro. > >> > >> > >> > >> On 05/10/2017 12:38 PM, app_rpt-users-request at lists.allstarlink.org > wrote: > >>> > >>> What is the "debian" user in the DIAL distro? > >> > >> > >> _______________________________________________ > >> App_rpt-users mailing list > >> App_rpt-users at lists.allstarlink.org > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > >> > >> To unsubscribe from this list please visit > >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > >> scroll down to the bottom of the page. Enter your email address and > press > >> the "Unsubscribe or edit options button" > >> You do not need a password to unsubscribe, you can do it via email > >> confirmation. If you have trouble unsubscribing, please send a message > to > >> the list detailing the problem. > > > > > > _______________________________________________ > > App_rpt-users mailing list > > App_rpt-users at lists.allstarlink.org > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > > > To unsubscribe from this list please visit > > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > > scroll down to the bottom of the page. Enter your email address and press > > the "Unsubscribe or edit options button" > > You do not need a password to unsubscribe, you can do it via email > > confirmation. If you have trouble unsubscribing, please send a message to > > the list detailing the problem. > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From izzy_y2k at yahoo.com Tue Jun 6 09:50:19 2017 From: izzy_y2k at yahoo.com (izzy_y2k at yahoo.com) Date: Tue, 6 Jun 2017 04:50:19 -0500 Subject: [App_rpt-users] /bin/cp: /tmp/rpt_extnodes-temp and /tmp/rpt_extnodes-temp are the same file Message-ID: <003301d2deaa$50479200$f0d6b600$@com> Keep seeing this error pop up. I assume it is from an update node list generated by allstar but not sure how or where to fix? Thank you John K1if --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus -------------- next part -------------- An HTML attachment was scrubbed... URL: From szingman at msgstor.com Tue Jun 6 17:07:06 2017 From: szingman at msgstor.com (Steve Zingman) Date: Tue, 6 Jun 2017 13:07:06 -0400 Subject: [App_rpt-users] /bin/cp: /tmp/rpt_extnodes-temp and /tmp/rpt_extnodes-temp are the same file In-Reply-To: <003301d2deaa$50479200$f0d6b600$@com> References: <003301d2deaa$50479200$f0d6b600$@com> Message-ID: <3bfa31e3-3152-8346-a0b3-8bbd1aa592ea@msgstor.com> Jon, You are correct, that is being generated by the node list updater. What version of AllStarLink are you running? On 6/6/2017 5:50 AM, izzy_y2k at yahoo.com wrote: > > Keep seeing this error pop up. I assume it is from an update node list > generated by allstar but not sure how or where to fix? > > Thank you > > John K1if > > > > ------------------------------------------------------------------------ > Avast logo > > This email has been checked for viruses by Avast antivirus software. > www.avast.com > > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From petem001 at gmail.com Tue Jun 6 21:00:37 2017 From: petem001 at gmail.com (Pierre Martel) Date: Tue, 06 Jun 2017 21:00:37 +0000 Subject: [App_rpt-users] RTCM Simulcast and 9.6 MHz Phase locking In-Reply-To: References: <0d88c7df-42bf-4baa-2f85-507bcb276783@kuggie.com> <167348058.6106852.1494267089695@mail.yahoo.com> <497E313D-B351-4A59-ACF7-D3485E6C38E6@bryanfields.net>

Message-ID: after reading on gps locked clock and pll found this. http://www.leobodnar.com/shop/index.php?main_page=product_info&cPath=107&products_id=234 Low-jitter GPS-locked precision frequency reference 450 Hz to 800 MHz output this could be usefull to steer about any radio model no? Is it worth the time and money to try with this device? Le ven. 12 mai 2017 ? 17:39, Pierre Martel a ?crit : > A big thanks Tim. I feel less uneducated ;-) Will have to get a look at > this.. > > 2017-05-12 12:03 GMT-04:00 Tim Sawyer : > >> Political Correctness Gone Mad. ? >> >> Actually it's Programmable Clock Generator Module. >> >> K >> >> On Thu, May 11, 2017 at 8:38 PM Pierre Martel wrote: >> >>> I know there is always the one that ask the obvious question but, what >>> is a pcgm? >>> >>> >>> Le lun. 8 mai 2017 ? 23:10, Tim Sawyer a ?crit : >>> >>>> The PCGM were noisy. I know of a case where a ham using one was shut >>>> down by the site owner. Seems the PCGM was emitting a interfering signal on >>>> high band, around 158 Mhz. >>>> >>>> On Mon, May 8, 2017 at 1:33 PM, Bryan Fields >>>> wrote: >>>> >>>>> I've been following this with some interest. One of the fundamental >>>>> issues with the PCGM was the master clock going to the radio was unable to >>>>> be modulated. This made low frequency signals (PL) distort, and digital PL >>>>> was even worse. >>>>> >>>>> Typically most radios use two point modulation, with modulation on the >>>>> reference oscillator. When you add an external reference you loose this. >>>>> >>>>> Some base stations are designed to do two point modulation even on an >>>>> external clock, the Quantar for example. This station will even phase lock >>>>> it's PL and DPL generation if provided a 1 PPS in addition to a clock. >>>>> >>>>> If we could inject modulation into the clock generator simulcast >>>>> performance would vastly improve. I'd be interested to see your design to >>>>> see if this would be a possibility. >>>>> >>>>> Thoughts? >>>>> >>>>> -- >>>>> Bryan Fields >>>>> M: +1-727-409-1194 <(727)%20409-1194> >>>>> >>>>> On May 8, 2017, at 14:15, Reid Brandon wrote: >>>>> >>>>> Hi Joe, >>>>> I got a page with a pic of a man that rotated around saying DOWNLOAD >>>>> NOT FOUND. >>>>> Try again!? >>>>> Tks Reid >>>>> >>>>> >>>>> On Sunday, May 7, 2017 12:25 PM, Pierre Martel >>>>> wrote: >>>>> >>>>> >>>>> I am very interrested in all this project. My email is VE2PF @ VE2MRC >>>>> dot com! >>>>> >>>>> what radio did you used for the project? >>>>> >>>>> Thanks for sharing! >>>>> >>>>> Pierre >>>>> VE2PF >>>>> >>>>> >>>>> 2017-05-07 12:32 GMT-04:00 Kevin Custer : >>>>> >>>>> Joe, >>>>> >>>>> Why not consider do it as an article for Repeater Builder? >>>>> >>>>> Thanks, >>>>> Kevin >>>>> >>>>> >>>>> On 5/7/2017 3:13 AM, Joe Moskalski wrote: >>>>> >>>>> I wanted to throw this email out to the group for all those who want >>>>> to simulcast with the RTCM. For those who don't know, in order to make the >>>>> RTCM suitable for simulcast you must have a more accurate 9.6 MHz clock for >>>>> the RTCM in order to ensure the audio sounds acceptable in the overlap >>>>> areas. I did this a few months ago using 9.6 MHz OCXO's. This worked >>>>> reasonably well. Not as well as I would have liked but the system was very >>>>> usable, but of course I wanted it to be better. Since the PCGM >>>>> (Programmable Clock Generation Module) is no longer available, I decided to >>>>> roll my own as some say. >>>>> I created a PLL circuit that can accept a 10 MHz, 1 MHz or 100 KHz >>>>> reference input and produce a phase locked 9.6 MHz out for the RTCM. I have >>>>> been testing this over the past few days and it has made an great >>>>> improvement in the audio quality in the overlap. The quality of the audio >>>>> in the overlap areas sounds very, very good, it's very similar to what I >>>>> expect to hear in commercial simulcast systems. My circuit is heavily based >>>>> off of an old Motorola MSF5000 HSO PLL circuit that I was able to adapt and >>>>> modify to my needs. There are other uses for this circuit that make it >>>>> attractive for simulcasting but I wont get into them here. I am will to >>>>> share my schematic and bill of materials (digikey) with anyone. Please send >>>>> me an email and I will be willing to share all of my information on the >>>>> project. >>>>> >>>>> >>>>> ______________________________ _________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlin k.org >>>>> >>>>> http://lists.allstarlink.org/c gi-bin/mailman/listinfo/app_rp t-users >>>>> >>>>> >>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/c >>>>> gi-bin/mailman/listinfo/app_rp t-users >>>>> >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>>> >>>>> >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address >>>>> and press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>>> >>>>> >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>>> >>>>> >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>>> >>>> >>>> >>>> >>>> -- >>>> -- >>>> Tim >>>> _______________________________________________ >>>> App_rpt-users mailing list >>>> App_rpt-users at lists.allstarlink.org >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> >>>> To unsubscribe from this list please visit >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> and scroll down to the bottom of the page. Enter your email address and >>>> press the "Unsubscribe or edit options button" >>>> You do not need a password to unsubscribe, you can do it via email >>>> confirmation. If you have trouble unsubscribing, please send a message to >>>> the list detailing the problem. >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >> >> -- >> -- >> Tim >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tisawyer at gmail.com Tue Jun 6 22:32:03 2017 From: tisawyer at gmail.com (Tim Sawyer) Date: Tue, 6 Jun 2017 15:32:03 -0700 Subject: [App_rpt-users] A little confusion regarding the X86 Downloads In-Reply-To: <01b101d2de6a$8a066420$9e132c60$@gmail.com> References: <01b101d2de6a$8a066420$9e132c60$@gmail.com> Message-ID: RC1 is the latest release per N4IRS. On Mon, Jun 5, 2017 at 7:13 PM, Jeremy Utley wrote: > Hey all! > > > > As I reinstall my hub node after it got compromised this morning, I find > myself a little confused at just which download option I should use for an > amd64 architecture machine. > > > > The site seems to recommend DIAL RC1, but RC **usually** means Release > Candidate ? meaning it?s not quite ready for prime time, but getting close > to release. I would not usually consider a ?RC? release to be the > recommended release under any circumstances. The other problem comes from > looking at the file modification dates on the dvswitch.org server: > > > > The RC1 file ? amd64-i386-DIAL-RC1.tar.gz ? is dated Nov 15, 2016 > > The other file ? dial-allstar-netinstall.iso ? is dated Jan 22, 2017 > > > > So it **seems** that the RC1 is older than the other one, while still > being the recommended install ? but the name would not tend to agree, as > the RC should be a candidate for release as a newer version, so should be > newer than the existing ?stable? version ? and the stable version should be > the recommended download ? or at least this is how it would work in most > open source projects. > > > > What am I missing? And once installed, is there any danger in using the > Debian ?apt-get update? command to update the packages for the underlying > Linux OS to their newest versions? > > > > Thanks, > > > > Jeremy, NQ0M > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -- -- Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: From izzy_y2k at yahoo.com Tue Jun 6 23:51:32 2017 From: izzy_y2k at yahoo.com (izzy_y2k at yahoo.com) Date: Tue, 6 Jun 2017 18:51:32 -0500 Subject: [App_rpt-users] /bin/cp: /tmp/rpt_extnodes-temp and /tmp/rpt_extnodes-temp are the same file Message-ID: <000001d2df1f$d4ec6c90$7ec545b0$@com> Hello Steve Thanks for the quick reply I am using Dial version 325 Thanks John K1IF --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus -------------- next part -------------- An HTML attachment was scrubbed... URL: From kc2irv at gmail.com Wed Jun 7 07:46:00 2017 From: kc2irv at gmail.com (Joe Moskalski) Date: Wed, 7 Jun 2017 03:46:00 -0400 Subject: [App_rpt-users] RTCM Simulcast and 9.6 MHz Phase locking In-Reply-To: References: <0d88c7df-42bf-4baa-2f85-507bcb276783@kuggie.com> <167348058.6106852.1494267089695@mail.yahoo.com> <497E313D-B351-4A59-ACF7-D3485E6C38E6@bryanfields.net>

Message-ID: I purchased one of those units about 2 months ago and they work extremely well. I have used it to allow the use of Motorola Maxtrac's and GM300's for simulcast operation by externally injecting a 14.4 MHz reference into the radio from this unit. if you want a ready-made solution that will give you GPS locked accuracy and is programmable to just about any frequency you would need than this is it. On Tue, Jun 6, 2017 at 5:00 PM, Pierre Martel wrote: > after reading on gps locked clock and pll found this. > http://www.leobodnar.com/shop/index.php?main_page=product_ > info&cPath=107&products_id=234 > > Low-jitter GPS-locked precision frequency reference > 450 Hz to 800 MHz output > > this could be usefull to steer about any radio model no? > > Is it worth the time and money to try with this device? > > Le ven. 12 mai 2017 ? 17:39, Pierre Martel a ?crit : > >> A big thanks Tim. I feel less uneducated ;-) Will have to get a look at >> this.. >> >> 2017-05-12 12:03 GMT-04:00 Tim Sawyer : >> >>> Political Correctness Gone Mad. ? >>> >>> Actually it's Programmable Clock Generator Module. >>> >>> K >>> >>> On Thu, May 11, 2017 at 8:38 PM Pierre Martel >>> wrote: >>> >>>> I know there is always the one that ask the obvious question but, what >>>> is a pcgm? >>>> >>>> >>>> Le lun. 8 mai 2017 ? 23:10, Tim Sawyer a ?crit : >>>> >>>>> The PCGM were noisy. I know of a case where a ham using one was shut >>>>> down by the site owner. Seems the PCGM was emitting a interfering signal on >>>>> high band, around 158 Mhz. >>>>> >>>>> On Mon, May 8, 2017 at 1:33 PM, Bryan Fields >>>>> wrote: >>>>> >>>>>> I've been following this with some interest. One of the fundamental >>>>>> issues with the PCGM was the master clock going to the radio was unable to >>>>>> be modulated. This made low frequency signals (PL) distort, and digital PL >>>>>> was even worse. >>>>>> >>>>>> Typically most radios use two point modulation, with modulation on >>>>>> the reference oscillator. When you add an external reference you loose >>>>>> this. >>>>>> >>>>>> Some base stations are designed to do two point modulation even on an >>>>>> external clock, the Quantar for example. This station will even phase lock >>>>>> it's PL and DPL generation if provided a 1 PPS in addition to a clock. >>>>>> >>>>>> If we could inject modulation into the clock generator simulcast >>>>>> performance would vastly improve. I'd be interested to see your design to >>>>>> see if this would be a possibility. >>>>>> >>>>>> Thoughts? >>>>>> >>>>>> -- >>>>>> Bryan Fields >>>>>> M: +1-727-409-1194 <(727)%20409-1194> >>>>>> >>>>>> On May 8, 2017, at 14:15, Reid Brandon wrote: >>>>>> >>>>>> Hi Joe, >>>>>> I got a page with a pic of a man that rotated around saying DOWNLOAD >>>>>> NOT FOUND. >>>>>> Try again!? >>>>>> Tks Reid >>>>>> >>>>>> >>>>>> On Sunday, May 7, 2017 12:25 PM, Pierre Martel >>>>>> wrote: >>>>>> >>>>>> >>>>>> I am very interrested in all this project. My email is VE2PF @ VE2MRC >>>>>> dot com! >>>>>> >>>>>> what radio did you used for the project? >>>>>> >>>>>> Thanks for sharing! >>>>>> >>>>>> Pierre >>>>>> VE2PF >>>>>> >>>>>> >>>>>> 2017-05-07 12:32 GMT-04:00 Kevin Custer : >>>>>> >>>>>> Joe, >>>>>> >>>>>> Why not consider do it as an article for Repeater Builder? >>>>>> >>>>>> Thanks, >>>>>> Kevin >>>>>> >>>>>> >>>>>> On 5/7/2017 3:13 AM, Joe Moskalski wrote: >>>>>> >>>>>> I wanted to throw this email out to the group for all those who want >>>>>> to simulcast with the RTCM. For those who don't know, in order to make the >>>>>> RTCM suitable for simulcast you must have a more accurate 9.6 MHz clock for >>>>>> the RTCM in order to ensure the audio sounds acceptable in the overlap >>>>>> areas. I did this a few months ago using 9.6 MHz OCXO's. This worked >>>>>> reasonably well. Not as well as I would have liked but the system was very >>>>>> usable, but of course I wanted it to be better. Since the PCGM >>>>>> (Programmable Clock Generation Module) is no longer available, I decided to >>>>>> roll my own as some say. >>>>>> I created a PLL circuit that can accept a 10 MHz, 1 MHz or 100 KHz >>>>>> reference input and produce a phase locked 9.6 MHz out for the RTCM. I have >>>>>> been testing this over the past few days and it has made an great >>>>>> improvement in the audio quality in the overlap. The quality of the audio >>>>>> in the overlap areas sounds very, very good, it's very similar to what I >>>>>> expect to hear in commercial simulcast systems. My circuit is heavily based >>>>>> off of an old Motorola MSF5000 HSO PLL circuit that I was able to adapt and >>>>>> modify to my needs. There are other uses for this circuit that make it >>>>>> attractive for simulcasting but I wont get into them here. I am will to >>>>>> share my schematic and bill of materials (digikey) with anyone. Please send >>>>>> me an email and I will be willing to share all of my information on the >>>>>> project. >>>>>> >>>>>> >>>>>> ______________________________ _________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlin k.org >>>>>> >>>>>> http://lists.allstarlink.org/c gi-bin/mailman/listinfo/app_rp t-users >>>>>> >>>>>> >>>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/c >>>>>> gi-bin/mailman/listinfo/app_rp t-users >>>>>> >>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>> press the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlink.org >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> >>>>>> To unsubscribe from this list please visit >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>>>>> scroll down to the bottom of the page. Enter your email address and press >>>>>> the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlink.org >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> >>>>>> To unsubscribe from this list please visit >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>> press the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlink.org >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> >>>>>> To unsubscribe from this list please visit >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>> press the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> -- >>>>> Tim >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>> >>>> _______________________________________________ >>>> App_rpt-users mailing list >>>> App_rpt-users at lists.allstarlink.org >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> >>>> To unsubscribe from this list please visit >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> and scroll down to the bottom of the page. Enter your email address and >>>> press the "Unsubscribe or edit options button" >>>> You do not need a password to unsubscribe, you can do it via email >>>> confirmation. If you have trouble unsubscribing, please send a message to >>>> the list detailing the problem. >>> >>> -- >>> -- >>> Tim >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit http://lists.allstarlink.org/ >>> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >>> the page. Enter your email address and press the "Unsubscribe or edit >>> options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >>> >> >> > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From bmcintosh at paceprofessional.co.uk Wed Jun 7 14:27:51 2017 From: bmcintosh at paceprofessional.co.uk (Bernie McIntosh) Date: Wed, 7 Jun 2017 14:27:51 +0000 Subject: [App_rpt-users] TX Timeout Message-ID: <0102015c82f45af6-344f6793-02ef-4553-ac3f-1026757c7adb-000000@eu-west-1.amazonses.com> I am using a smartphone to access my node so that I can listen to the radio channel, and when required, transmit on the channel. All is well, but I want to implement a timeout so that if I put the node into transmit mode from my smartphone and do not return it to receive, the transmitter will turn off, after say, 30 seconds. I am using the default IAX configuration for the smartphone. The tx_timeout parameter makes the transmitter turn off at the required time as expected. But when a radio user subsequently transmits on the channel and then goes back to receive, the node keys the transmitter again and continues to send audio from the smartphone on the channel. It is as if the smartphone PTT is still "closed" and so the timeout timer resets itself and waits another 30 seconds before switching off again. So I guess I need a way to disconnect the smartphone after x seconds of PTT from it ? Google is failing me on this one and I'd be grateful for any help. Thanks Bernie GM4WZG > -----Original Message----- > From: app_rpt-users-bounces at ohnosec.org [mailto:app_rpt-users- > bounces at ohnosec.org] On Behalf Of app_rpt-users-request at ohnosec.org > Sent: 03 December 2016 17:00 > To: app_rpt-users at ohnosec.org > Subject: App_rpt-users Digest, Vol 94, Issue 3 > > Send App_rpt-users mailing list submissions to > app_rpt-users at ohnosec.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users > or, via email, send a message with subject or body 'help' to > app_rpt-users-request at ohnosec.org > > You can reach the person managing the list at > app_rpt-users-owner at ohnosec.org > > When replying, please edit your Subject line so it is more specific than "Re: > Contents of App_rpt-users digest..." > > > Today's Topics: > > 1. Re: Podcast Server (Danny) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Fri, 2 Dec 2016 19:03:17 +0200 > From: Danny > To: app_rpt-users at ohnosec.org > Subject: Re: [App_rpt-users] Podcast Server > Message-ID: <20161202170316.GA3444 at fever.havannah.local> > Content-Type: text/plain; charset=us-ascii > > >On Dec 02 16, Eric Guth : > > > > Dear Danny, > > > > This is very clever. Thanks for including my podcast, QSO Today, in your > Allstar jukebox of podcasts. > > > > 73, > > > > Eric Guth > > 4Z1UG > > Allstar: 28422 > > QSO Today > > > > Hi Eric, > > It is only a pleasure. I have been listening to your podcast for so long and I > thought it would be befitting to repay you and all the others that have > podcasts in such a manner. > > Would you believe me if I told you the same evening I advertised "Play > Something" on this list we experienced heavy thunderstorms which forced > me to shut down the whole system ... lol ... > > But at least I got to test my skills at unplugging everything within a flash. I > think I broke my own record ... less than 4 minutes to pull the plug and > disconnect all feedlines ... > > However, on a slightly different note ... please guys, if you register with a > mistyped callsign contact me immediately in order for me to rectify it. Too > many hams blamed the system, but when I checked the database and their > original registration e-mail, they mistyped/misspelled their own callsigns > and/or e-mail address. > > Some of you asked me to give a little more detail, so here goes. > > "Play Something" does exactly what it's name says, it "Plays Something". You > don't know what you are going to get. But I guarantee you will not hear the > same podcast played more than once in 3 months or more (except for ARRL > news). The algorithm I have developed will prevent this from happening. > Podcasts are not randomly selected, but rather in a fashion where you will be > able to follow a certain podcast provider from his first podcast to his last > podcast in a sequential order. Also, you will not hear the same podcaster > twice in a row. > > "Play Something" observes time-outs. It transmits for 150 seconds, then > unkeys for 10 seconds. I think 10 seconds should be enough for anyone to > squeeze through a DTMF code ... ;) ... > > Oh yes ... one important thing ... YOU NEED TO CONNECT TO MY NODE to > listen ... > people send me mails telling me "Play Something" is not working but they > never even connected ... ;) ... > > "Play Something" is for EVERYONE and ANYONE for FREE (for as long as > possible). > I have no problem if you park your node permanently at my node whilst you > are just listening ... that's just fine by me ... > > I am open to suggestions ... and if you have a podcaster you would like to add > you are more than welcome to make a suggestion > > Thank you > > Danny > ZS6XOX > 73's > > AllStar node 44081 > EchoLink ZS6XOX-R > > zs6xox at gmail.com > > (p.s: Thank you for listening ...) > > > > ------------------------------ > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at ohnosec.org > http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users > > > End of App_rpt-users Digest, Vol 94, Issue 3 > ******************************************** From petem001 at gmail.com Wed Jun 7 18:44:52 2017 From: petem001 at gmail.com (Pierre Martel) Date: Wed, 07 Jun 2017 18:44:52 +0000 Subject: [App_rpt-users] RTCM Simulcast and 9.6 MHz Phase locking In-Reply-To: References: <0d88c7df-42bf-4baa-2f85-507bcb276783@kuggie.com> <167348058.6106852.1494267089695@mail.yahoo.com> <497E313D-B351-4A59-ACF7-D3485E6C38E6@bryanfields.net>

Message-ID: So It would be good, now from what Info I have, I will still need another gps for the nmea and 1 pps to feed the rtcm? Le mer. 7 juin 2017 ? 03:46, Joe Moskalski a ?crit : > I purchased one of those units about 2 months ago and they work extremely > well. I have used it to allow the use of Motorola Maxtrac's and GM300's for > simulcast operation by externally injecting a 14.4 MHz reference into the > radio from this unit. > if you want a ready-made solution that will give you GPS locked accuracy > and is programmable to just about any frequency you would need than this is > it. > > On Tue, Jun 6, 2017 at 5:00 PM, Pierre Martel wrote: > >> after reading on gps locked clock and pll found this. >> >> http://www.leobodnar.com/shop/index.php?main_page=product_info&cPath=107&products_id=234 >> >> Low-jitter GPS-locked precision frequency reference >> 450 Hz to 800 MHz output >> >> this could be usefull to steer about any radio model no? >> >> Is it worth the time and money to try with this device? >> >> Le ven. 12 mai 2017 ? 17:39, Pierre Martel a ?crit : >> >>> A big thanks Tim. I feel less uneducated ;-) Will have to get a look at >>> this.. >>> >>> 2017-05-12 12:03 GMT-04:00 Tim Sawyer : >>> >>>> Political Correctness Gone Mad. ? >>>> >>>> Actually it's Programmable Clock Generator Module. >>>> >>>> K >>>> >>>> On Thu, May 11, 2017 at 8:38 PM Pierre Martel >>>> wrote: >>>> >>>>> I know there is always the one that ask the obvious question but, what >>>>> is a pcgm? >>>>> >>>>> >>>>> Le lun. 8 mai 2017 ? 23:10, Tim Sawyer a ?crit : >>>>> >>>>>> The PCGM were noisy. I know of a case where a ham using one was shut >>>>>> down by the site owner. Seems the PCGM was emitting a interfering signal on >>>>>> high band, around 158 Mhz. >>>>>> >>>>>> On Mon, May 8, 2017 at 1:33 PM, Bryan Fields >>>>>> wrote: >>>>>> >>>>>>> I've been following this with some interest. One of the fundamental >>>>>>> issues with the PCGM was the master clock going to the radio was unable to >>>>>>> be modulated. This made low frequency signals (PL) distort, and digital PL >>>>>>> was even worse. >>>>>>> >>>>>>> Typically most radios use two point modulation, with modulation on >>>>>>> the reference oscillator. When you add an external reference you loose >>>>>>> this. >>>>>>> >>>>>>> Some base stations are designed to do two point modulation even on >>>>>>> an external clock, the Quantar for example. This station will even phase >>>>>>> lock it's PL and DPL generation if provided a 1 PPS in addition to a clock. >>>>>>> >>>>>>> If we could inject modulation into the clock generator simulcast >>>>>>> performance would vastly improve. I'd be interested to see your design to >>>>>>> see if this would be a possibility. >>>>>>> >>>>>>> Thoughts? >>>>>>> >>>>>>> -- >>>>>>> Bryan Fields >>>>>>> M: +1-727-409-1194 <(727)%20409-1194> >>>>>>> >>>>>>> On May 8, 2017, at 14:15, Reid Brandon wrote: >>>>>>> >>>>>>> Hi Joe, >>>>>>> I got a page with a pic of a man that rotated around saying >>>>>>> DOWNLOAD NOT FOUND. >>>>>>> Try again!? >>>>>>> Tks Reid >>>>>>> >>>>>>> >>>>>>> On Sunday, May 7, 2017 12:25 PM, Pierre Martel >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> I am very interrested in all this project. My email is VE2PF @ >>>>>>> VE2MRC dot com! >>>>>>> >>>>>>> what radio did you used for the project? >>>>>>> >>>>>>> Thanks for sharing! >>>>>>> >>>>>>> Pierre >>>>>>> VE2PF >>>>>>> >>>>>>> >>>>>>> 2017-05-07 12:32 GMT-04:00 Kevin Custer : >>>>>>> >>>>>>> Joe, >>>>>>> >>>>>>> Why not consider do it as an article for Repeater Builder? >>>>>>> >>>>>>> Thanks, >>>>>>> Kevin >>>>>>> >>>>>>> >>>>>>> On 5/7/2017 3:13 AM, Joe Moskalski wrote: >>>>>>> >>>>>>> I wanted to throw this email out to the group for all those who want >>>>>>> to simulcast with the RTCM. For those who don't know, in order to make the >>>>>>> RTCM suitable for simulcast you must have a more accurate 9.6 MHz clock for >>>>>>> the RTCM in order to ensure the audio sounds acceptable in the overlap >>>>>>> areas. I did this a few months ago using 9.6 MHz OCXO's. This worked >>>>>>> reasonably well. Not as well as I would have liked but the system was very >>>>>>> usable, but of course I wanted it to be better. Since the PCGM >>>>>>> (Programmable Clock Generation Module) is no longer available, I decided to >>>>>>> roll my own as some say. >>>>>>> I created a PLL circuit that can accept a 10 MHz, 1 MHz or 100 KHz >>>>>>> reference input and produce a phase locked 9.6 MHz out for the RTCM. I have >>>>>>> been testing this over the past few days and it has made an great >>>>>>> improvement in the audio quality in the overlap. The quality of the audio >>>>>>> in the overlap areas sounds very, very good, it's very similar to what I >>>>>>> expect to hear in commercial simulcast systems. My circuit is heavily based >>>>>>> off of an old Motorola MSF5000 HSO PLL circuit that I was able to adapt and >>>>>>> modify to my needs. There are other uses for this circuit that make it >>>>>>> attractive for simulcasting but I wont get into them here. I am will to >>>>>>> share my schematic and bill of materials (digikey) with anyone. Please send >>>>>>> me an email and I will be willing to share all of my information on the >>>>>>> project. >>>>>>> >>>>>>> >>>>>>> ______________________________ _________________ >>>>>>> App_rpt-users mailing list >>>>>>> App_rpt-users at lists.allstarlin k.org >>>>>>> >>>>>>> http://lists.allstarlink.org/c gi-bin/mailman/listinfo/app_rp t-users >>>>>>> >>>>>>> >>>>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/c >>>>>>> gi-bin/mailman/listinfo/app_rp t-users >>>>>>> >>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>> press the "Unsubscribe or edit options button" >>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>> the list detailing the problem. >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> App_rpt-users mailing list >>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> >>>>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> and scroll down to the bottom of the page. Enter your email address >>>>>>> and press the "Unsubscribe or edit options button" >>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>> the list detailing the problem. >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> App_rpt-users mailing list >>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> >>>>>>> To unsubscribe from this list please visit >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>> press the "Unsubscribe or edit options button" >>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>> the list detailing the problem. >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> App_rpt-users mailing list >>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> >>>>>>> To unsubscribe from this list please visit >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>> press the "Unsubscribe or edit options button" >>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>> the list detailing the problem. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -- >>>>>> Tim >>>>>> _______________________________________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlink.org >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> >>>>>> To unsubscribe from this list please visit >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>> press the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>> >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>> >>>> -- >>>> -- >>>> Tim >>>> >>>> _______________________________________________ >>>> App_rpt-users mailing list >>>> App_rpt-users at lists.allstarlink.org >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> >>>> To unsubscribe from this list please visit >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> and scroll down to the bottom of the page. Enter your email address and >>>> press the "Unsubscribe or edit options button" >>>> You do not need a password to unsubscribe, you can do it via email >>>> confirmation. If you have trouble unsubscribing, please send a message to >>>> the list detailing the problem. >>>> >>> >>> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kc2irv at gmail.com Wed Jun 7 20:56:58 2017 From: kc2irv at gmail.com (Joe Moskalski) Date: Wed, 7 Jun 2017 16:56:58 -0400 Subject: [App_rpt-users] RTCM Simulcast and 9.6 MHz Phase locking In-Reply-To: References: <0d88c7df-42bf-4baa-2f85-507bcb276783@kuggie.com> <167348058.6106852.1494267089695@mail.yahoo.com> <497E313D-B351-4A59-ACF7-D3485E6C38E6@bryanfields.net>

Message-ID: That is correct. Unfortunately the Leo Bodnar unit doesn't provide that. On Wed, Jun 7, 2017 at 2:44 PM, Pierre Martel wrote: > So It would be good, now from what Info I have, I will still need another > gps for the nmea and 1 pps to feed the rtcm? > > > Le mer. 7 juin 2017 ? 03:46, Joe Moskalski a ?crit : > >> I purchased one of those units about 2 months ago and they work extremely >> well. I have used it to allow the use of Motorola Maxtrac's and GM300's for >> simulcast operation by externally injecting a 14.4 MHz reference into the >> radio from this unit. >> if you want a ready-made solution that will give you GPS locked accuracy >> and is programmable to just about any frequency you would need than this is >> it. >> >> On Tue, Jun 6, 2017 at 5:00 PM, Pierre Martel wrote: >> >>> after reading on gps locked clock and pll found this. >>> http://www.leobodnar.com/shop/index.php?main_page=product_ >>> info&cPath=107&products_id=234 >>> >>> Low-jitter GPS-locked precision frequency reference >>> 450 Hz to 800 MHz output >>> >>> this could be usefull to steer about any radio model no? >>> >>> Is it worth the time and money to try with this device? >>> >>> Le ven. 12 mai 2017 ? 17:39, Pierre Martel a >>> ?crit : >>> >>>> A big thanks Tim. I feel less uneducated ;-) Will have to get a look at >>>> this.. >>>> >>>> 2017-05-12 12:03 GMT-04:00 Tim Sawyer : >>>> >>>>> Political Correctness Gone Mad. ? >>>>> >>>>> Actually it's Programmable Clock Generator Module. >>>>> >>>>> K >>>>> >>>>> On Thu, May 11, 2017 at 8:38 PM Pierre Martel >>>>> wrote: >>>>> >>>>>> I know there is always the one that ask the obvious question but, >>>>>> what is a pcgm? >>>>>> >>>>>> >>>>>> Le lun. 8 mai 2017 ? 23:10, Tim Sawyer a ?crit : >>>>>> >>>>>>> The PCGM were noisy. I know of a case where a ham using one was shut >>>>>>> down by the site owner. Seems the PCGM was emitting a interfering signal on >>>>>>> high band, around 158 Mhz. >>>>>>> >>>>>>> On Mon, May 8, 2017 at 1:33 PM, Bryan Fields >>>>>>> wrote: >>>>>>> >>>>>>>> I've been following this with some interest. One of the >>>>>>>> fundamental issues with the PCGM was the master clock going to the radio >>>>>>>> was unable to be modulated. This made low frequency signals (PL) distort, >>>>>>>> and digital PL was even worse. >>>>>>>> >>>>>>>> Typically most radios use two point modulation, with modulation on >>>>>>>> the reference oscillator. When you add an external reference you loose >>>>>>>> this. >>>>>>>> >>>>>>>> Some base stations are designed to do two point modulation even on >>>>>>>> an external clock, the Quantar for example. This station will even phase >>>>>>>> lock it's PL and DPL generation if provided a 1 PPS in addition to a clock. >>>>>>>> >>>>>>>> If we could inject modulation into the clock generator simulcast >>>>>>>> performance would vastly improve. I'd be interested to see your design to >>>>>>>> see if this would be a possibility. >>>>>>>> >>>>>>>> Thoughts? >>>>>>>> >>>>>>>> -- >>>>>>>> Bryan Fields >>>>>>>> M: +1-727-409-1194 <(727)%20409-1194> >>>>>>>> >>>>>>>> On May 8, 2017, at 14:15, Reid Brandon >>>>>>>> wrote: >>>>>>>> >>>>>>>> Hi Joe, >>>>>>>> I got a page with a pic of a man that rotated around saying >>>>>>>> DOWNLOAD NOT FOUND. >>>>>>>> Try again!? >>>>>>>> Tks Reid >>>>>>>> >>>>>>>> >>>>>>>> On Sunday, May 7, 2017 12:25 PM, Pierre Martel >>>>>>>> wrote: >>>>>>>> >>>>>>>> >>>>>>>> I am very interrested in all this project. My email is VE2PF @ >>>>>>>> VE2MRC dot com! >>>>>>>> >>>>>>>> what radio did you used for the project? >>>>>>>> >>>>>>>> Thanks for sharing! >>>>>>>> >>>>>>>> Pierre >>>>>>>> VE2PF >>>>>>>> >>>>>>>> >>>>>>>> 2017-05-07 12:32 GMT-04:00 Kevin Custer : >>>>>>>> >>>>>>>> Joe, >>>>>>>> >>>>>>>> Why not consider do it as an article for Repeater Builder? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Kevin >>>>>>>> >>>>>>>> >>>>>>>> On 5/7/2017 3:13 AM, Joe Moskalski wrote: >>>>>>>> >>>>>>>> I wanted to throw this email out to the group for all those who >>>>>>>> want to simulcast with the RTCM. For those who don't know, in order to make >>>>>>>> the RTCM suitable for simulcast you must have a more accurate 9.6 MHz clock >>>>>>>> for the RTCM in order to ensure the audio sounds acceptable in the overlap >>>>>>>> areas. I did this a few months ago using 9.6 MHz OCXO's. This worked >>>>>>>> reasonably well. Not as well as I would have liked but the system was very >>>>>>>> usable, but of course I wanted it to be better. Since the PCGM >>>>>>>> (Programmable Clock Generation Module) is no longer available, I decided to >>>>>>>> roll my own as some say. >>>>>>>> I created a PLL circuit that can accept a 10 MHz, 1 MHz or 100 KHz >>>>>>>> reference input and produce a phase locked 9.6 MHz out for the RTCM. I have >>>>>>>> been testing this over the past few days and it has made an great >>>>>>>> improvement in the audio quality in the overlap. The quality of the audio >>>>>>>> in the overlap areas sounds very, very good, it's very similar to what I >>>>>>>> expect to hear in commercial simulcast systems. My circuit is heavily based >>>>>>>> off of an old Motorola MSF5000 HSO PLL circuit that I was able to adapt and >>>>>>>> modify to my needs. There are other uses for this circuit that make it >>>>>>>> attractive for simulcasting but I wont get into them here. I am will to >>>>>>>> share my schematic and bill of materials (digikey) with anyone. Please send >>>>>>>> me an email and I will be willing to share all of my information on the >>>>>>>> project. >>>>>>>> >>>>>>>> >>>>>>>> ______________________________ _________________ >>>>>>>> App_rpt-users mailing list >>>>>>>> App_rpt-users at lists.allstarlin k.org >>>>>>>> >>>>>>>> http://lists.allstarlink.org/c gi-bin/mailman/listinfo/app_rp >>>>>>>> t-users >>>>>>>> >>>>>>>> >>>>>>>> To unsubscribe from this list please visit http://lists.allstarlink.org/c >>>>>>>> gi-bin/mailman/listinfo/app_rp t-users >>>>>>>> >>>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>>> press the "Unsubscribe or edit options button" >>>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>>> the list detailing the problem. >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> App_rpt-users mailing list >>>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> >>>>>>>> To unsubscribe from this list please visit >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> and scroll down to the bottom of the page. Enter your email address >>>>>>>> and press the "Unsubscribe or edit options button" >>>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>>> the list detailing the problem. >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> App_rpt-users mailing list >>>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> >>>>>>>> To unsubscribe from this list please visit >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>>> press the "Unsubscribe or edit options button" >>>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>>> the list detailing the problem. >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> App_rpt-users mailing list >>>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> >>>>>>>> To unsubscribe from this list please visit >>>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>>> press the "Unsubscribe or edit options button" >>>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>>> the list detailing the problem. >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> -- >>>>>>> Tim >>>>>>> _______________________________________________ >>>>>>> App_rpt-users mailing list >>>>>>> App_rpt-users at lists.allstarlink.org >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> >>>>>>> To unsubscribe from this list please visit >>>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>>> press the "Unsubscribe or edit options button" >>>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>>> the list detailing the problem. >>>>>> >>>>>> _______________________________________________ >>>>>> App_rpt-users mailing list >>>>>> App_rpt-users at lists.allstarlink.org >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> >>>>>> To unsubscribe from this list please visit >>>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>>> and scroll down to the bottom of the page. Enter your email address and >>>>>> press the "Unsubscribe or edit options button" >>>>>> You do not need a password to unsubscribe, you can do it via email >>>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>>> the list detailing the problem. >>>>> >>>>> -- >>>>> -- >>>>> Tim >>>>> >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>>> >>>> >>>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit http://lists.allstarlink.org/ >>> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >>> the page. Enter your email address and press the "Unsubscribe or edit >>> options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >>> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/ >> cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >> the page. Enter your email address and press the "Unsubscribe or edit >> options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From dshaw at ke6upi.com Wed Jun 7 23:16:26 2017 From: dshaw at ke6upi.com (David KE6UPI) Date: Wed, 7 Jun 2017 16:16:26 -0700 Subject: [App_rpt-users] Install scripts Message-ID: Hello, I'm looking for install scripts for Debian. I'm using a cloud base VM server and wanted to see if I can in Dial RC1 on it. Thanks, David KE6UPI -------------- next part -------------- An HTML attachment was scrubbed... URL: From nessenj at jimsoffice.org Wed Jun 7 23:25:16 2017 From: nessenj at jimsoffice.org (Jim Nessen) Date: Wed, 7 Jun 2017 23:25:16 +0000 Subject: [App_rpt-users] Install scripts In-Reply-To: References: Message-ID: May want to start here https://github.com/AllStarLink/DIAL Looks like it provides a script to install onto an existing Debian box. Jim, K6JWN ________________________________________ From: App_rpt-users on behalf of David KE6UPI Sent: Wednesday, June 7, 2017 4:16 PM To: APP RPT Subject: [App_rpt-users] Install scripts Hello, I'm looking for install scripts for Debian. I'm using a cloud base VM server and wanted to see if I can in Dial RC1 on it. Thanks, David KE6UPI From shawpbx at gmail.com Wed Jun 7 23:28:19 2017 From: shawpbx at gmail.com (David Shaw) Date: Wed, 7 Jun 2017 16:28:19 -0700 Subject: [App_rpt-users] Install scripts In-Reply-To: References: Message-ID: Thanks Jim, I should have known. I wasn't thinking. David -- Thanks, David "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one." Thomas Jefferson On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen wrote: > May want to start here https://github.com/AllStarLink/DIAL > > Looks like it provides a script to install onto an existing Debian box. > > Jim, K6JWN > ________________________________________ > From: App_rpt-users on > behalf of David KE6UPI > Sent: Wednesday, June 7, 2017 4:16 PM > To: APP RPT > Subject: [App_rpt-users] Install scripts > > Hello, I'm looking for install scripts for Debian. I'm using a cloud base > VM server and wanted to see if I can in Dial RC1 on it. > > Thanks, David > KE6UPI > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Wed Jun 7 23:41:19 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Wed, 7 Jun 2017 18:41:19 -0500 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: I was just looking at the install script has anyone tried this with centos 7? Loren Tedford (KC9ZHV) Phone: Fax: Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Wed, Jun 7, 2017 at 6:28 PM, David Shaw wrote: > Thanks Jim, I should have known. I wasn't thinking. > > David > > > > -- > Thanks, David > > "Laws that forbid the carrying of arms...disarm only those who are neither > inclined nor determined to commit crimes. Such laws make things worse for > the assaulted and better for the assailants; they serve rather to encourage > than prevent homicides, for an unarmed man may be attacked with greater > confidence than an armed one." > Thomas Jefferson > > On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen wrote: > >> May want to start here https://github.com/AllStarLink/DIAL >> >> Looks like it provides a script to install onto an existing Debian box. >> >> Jim, K6JWN >> ________________________________________ >> From: App_rpt-users on >> behalf of David KE6UPI >> Sent: Wednesday, June 7, 2017 4:16 PM >> To: APP RPT >> Subject: [App_rpt-users] Install scripts >> >> Hello, I'm looking for install scripts for Debian. I'm using a cloud base >> VM server and wanted to see if I can in Dial RC1 on it. >> >> Thanks, David >> KE6UPI >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/c >> gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >> the page. Enter your email address and press the "Unsubscribe or edit >> options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From shawpbx at gmail.com Wed Jun 7 23:45:57 2017 From: shawpbx at gmail.com (David Shaw) Date: Wed, 7 Jun 2017 16:45:57 -0700 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: Hey Loren, Looks like Debian. Sorry David -- Thanks, David "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one." Thomas Jefferson On Wed, Jun 7, 2017 at 4:41 PM, Loren Tedford wrote: > I was just looking at the install script has anyone tried this with centos > 7? > > Loren Tedford (KC9ZHV) > Phone: > Fax: > Email: lorentedford at gmail.com > Email: KC9ZHV at KC9ZHV.com > http://www.lorentedford.com > http://www.kc9zhv.com > http://forum.kc9zhv.com > http://hub.kc9zhv.com > http://Ltcraft.net > http://voipham.com > > On Wed, Jun 7, 2017 at 6:28 PM, David Shaw wrote: > >> Thanks Jim, I should have known. I wasn't thinking. >> >> David >> >> >> >> -- >> Thanks, David >> >> "Laws that forbid the carrying of arms...disarm only those who are >> neither inclined nor determined to commit crimes. Such laws make things >> worse for the assaulted and better for the assailants; they serve rather to >> encourage than prevent homicides, for an unarmed man may be attacked with >> greater confidence than an armed one." >> Thomas Jefferson >> >> On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen >> wrote: >> >>> May want to start here https://github.com/AllStarLink/DIAL >>> >>> Looks like it provides a script to install onto an existing Debian box. >>> >>> Jim, K6JWN >>> ________________________________________ >>> From: App_rpt-users on >>> behalf of David KE6UPI >>> Sent: Wednesday, June 7, 2017 4:16 PM >>> To: APP RPT >>> Subject: [App_rpt-users] Install scripts >>> >>> Hello, I'm looking for install scripts for Debian. I'm using a cloud >>> base VM server and wanted to see if I can in Dial RC1 on it. >>> >>> Thanks, David >>> KE6UPI >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >> >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/c >> gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >> the page. Enter your email address and press the "Unsubscribe or edit >> options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From petem001 at gmail.com Thu Jun 8 00:47:35 2017 From: petem001 at gmail.com (Pierre Martel) Date: Thu, 08 Jun 2017 00:47:35 +0000 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: at the beginning of the script it is stated that it is for debian. And line 11 make it obvious. apt-get install unzip -y Centos is based on RHEL so it use yum as a package manager, debian based use apt. It could work on a Ubuntu or other debian derivative but will definitly wont work on a Red Hat derivative. Le mer. 7 juin 2017 ? 19:46, David Shaw a ?crit : > Hey Loren, Looks like Debian. Sorry > > David > > > > -- > Thanks, David > > "Laws that forbid the carrying of arms...disarm only those who are neither > inclined nor determined to commit crimes. Such laws make things worse for > the assaulted and better for the assailants; they serve rather to encourage > than prevent homicides, for an unarmed man may be attacked with greater > confidence than an armed one." > Thomas Jefferson > > On Wed, Jun 7, 2017 at 4:41 PM, Loren Tedford > wrote: > >> I was just looking at the install script has anyone tried this with >> centos 7? >> >> Loren Tedford (KC9ZHV) >> Phone: >> Fax: >> Email: lorentedford at gmail.com >> Email: KC9ZHV at KC9ZHV.com >> http://www.lorentedford.com >> http://www.kc9zhv.com >> http://forum.kc9zhv.com >> http://hub.kc9zhv.com >> http://Ltcraft.net >> http://voipham.com >> >> On Wed, Jun 7, 2017 at 6:28 PM, David Shaw wrote: >> >>> Thanks Jim, I should have known. I wasn't thinking. >>> >>> David >>> >>> >>> >>> -- >>> Thanks, David >>> >>> "Laws that forbid the carrying of arms...disarm only those who are >>> neither inclined nor determined to commit crimes. Such laws make things >>> worse for the assaulted and better for the assailants; they serve rather to >>> encourage than prevent homicides, for an unarmed man may be attacked with >>> greater confidence than an armed one." >>> Thomas Jefferson >>> >>> On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen >>> wrote: >>> >>>> May want to start here https://github.com/AllStarLink/DIAL >>>> >>>> Looks like it provides a script to install onto an existing Debian box. >>>> >>>> Jim, K6JWN >>>> ________________________________________ >>>> From: App_rpt-users on >>>> behalf of David KE6UPI >>>> Sent: Wednesday, June 7, 2017 4:16 PM >>>> To: APP RPT >>>> Subject: [App_rpt-users] Install scripts >>>> >>>> Hello, I'm looking for install scripts for Debian. I'm using a cloud >>>> base VM server and wanted to see if I can in Dial RC1 on it. >>>> >>>> Thanks, David >>>> KE6UPI >>>> _______________________________________________ >>>> App_rpt-users mailing list >>>> App_rpt-users at lists.allstarlink.org >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> >>>> To unsubscribe from this list please visit >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> and scroll down to the bottom of the page. Enter your email address and >>>> press the "Unsubscribe or edit options button" >>>> You do not need a password to unsubscribe, you can do it via email >>>> confirmation. If you have trouble unsubscribing, please send a message to >>>> the list detailing the problem. >>> >>> >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >>> >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Bryan at bryanfields.net Thu Jun 8 01:11:25 2017 From: Bryan at bryanfields.net (Bryan Fields) Date: Wed, 7 Jun 2017 21:11:25 -0400 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: References:

Message-ID: <3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> On 5/10/17 3:19 PM, Steve Zingman wrote: > That is a leftover "mandated" from above. It will be disabled in the RC. I can confirm debian/debian via ssh on port 222 (!) is now part of a well known scanner/malware tool and identified as allstarlinux. This has been brute forcing a number of dial installs on HamWAN. They install a script that tests CPU and looks to either install a bitcoin miner or network scanner. The RPi's got the network scanner :) 73's -- Bryan Fields 727-409-1194 - Voice http://bryanfields.net From shawpbx at gmail.com Thu Jun 8 01:44:32 2017 From: shawpbx at gmail.com (David Shaw) Date: Wed, 7 Jun 2017 18:44:32 -0700 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: So it wouldn't install on OpenVM. I can't find the kernel headers. I'll check with the hosting site.. I loaded Debian 7.0 i386.. Thanks, David -- Thanks, David "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one." Thomas Jefferson On Wed, Jun 7, 2017 at 4:28 PM, David Shaw wrote: > Thanks Jim, I should have known. I wasn't thinking. > > David > > > > -- > Thanks, David > > "Laws that forbid the carrying of arms...disarm only those who are neither > inclined nor determined to commit crimes. Such laws make things worse for > the assaulted and better for the assailants; they serve rather to encourage > than prevent homicides, for an unarmed man may be attacked with greater > confidence than an armed one." > Thomas Jefferson > > On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen wrote: > >> May want to start here https://github.com/AllStarLink/DIAL >> >> Looks like it provides a script to install onto an existing Debian box. >> >> Jim, K6JWN >> ________________________________________ >> From: App_rpt-users on >> behalf of David KE6UPI >> Sent: Wednesday, June 7, 2017 4:16 PM >> To: APP RPT >> Subject: [App_rpt-users] Install scripts >> >> Hello, I'm looking for install scripts for Debian. I'm using a cloud base >> VM server and wanted to see if I can in Dial RC1 on it. >> >> Thanks, David >> KE6UPI >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/c >> gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >> the page. Enter your email address and press the "Unsubscribe or edit >> options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From iabarryyy at gmail.com Thu Jun 8 01:45:19 2017 From: iabarryyy at gmail.com (Barry Buelow) Date: Wed, 7 Jun 2017 20:45:19 -0500 Subject: [App_rpt-users] Anyone doing HF remote base using hamlib? Message-ID: <199f6acb-787a-76b2-e75d-de44384c1c88@gmail.com> I'd be interested in asking some questions off-list. Thanks Barry w0iy From mhebert1975 at gmail.com Thu Jun 8 01:46:31 2017 From: mhebert1975 at gmail.com (Michael Hebert) Date: Wed, 7 Jun 2017 20:46:31 -0500 Subject: [App_rpt-users] Anyone doing HF remote base using hamlib? In-Reply-To: <199f6acb-787a-76b2-e75d-de44384c1c88@gmail.com> References: <199f6acb-787a-76b2-e75d-de44384c1c88@gmail.com> Message-ID: Yes, I had a ic-7000 setup Michael KD5DFB On Jun 7, 2017 8:45 PM, "Barry Buelow" wrote: > I'd be interested in asking some questions off-list. > > Thanks > > Barry w0iy > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/c > gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bdboyle at bdboyle.com Thu Jun 8 01:55:14 2017 From: bdboyle at bdboyle.com (Bryan D. Boyle) Date: Wed, 7 Jun 2017 21:55:14 -0400 Subject: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? In-Reply-To: <3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> Message-ID: <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> Based on tests that the security research arm of my company has run (well-known IT company that's been around for over a century...), the elapsed time that a system exposed to the network is discovered, probed, and if well-known vulnerable ports are detailed (and the scum or nation states who do this keep records), then attempted to be pwned is somewhere between a minute to a half hour. Just for giggles, i spun up a pi with a sip server enabled connected to a second port on my router and started a tail -f on the messages file and grepped for the sip daemon. routed the sip port on my external router to the pi, a sat back. (there was no route from the pi to my internal network) 3 minutes till the first probe. 15 till the attempted pwning. SIP was the only inbound port opened. I just watched...and went on for an hour (no, they didn't take over the system, only ate up bandwidth, of which I am pretty ok with being on FTTH). It's all automated. don't even need human intervention for the probe, just to select the attack vectors when the automated system pops a live port selection. Default SSH is NO guarantee. Allowing root access from an interactive login from the net port deserves to be punished. Bogus user passwords that are guessable should be cause for your isp to turn off your connection. Moving to a different port is just attempted security through obscurity. Open ports from the outside inbound that allow anyone on the network to connect will be probed and attempts (DoS, null sled, buffer overruns, etc) to subvert your system as a c&c node, bitcoin miner, email spam relay, porn repository, or whathaveyou is the goal. After doing this since 1988 or so, it's only the frequency that it happens that's changing, not that it's happening. fail2ban is a good stopgap measure for ports that you positively HAVE to have exposed. router firewall enabled and locked down? good. iptables set up properly? passwords NOT based on dictionary words or used for your other online activities? yeah, it's a pain. the alternative is your system being taken over and used for other purposes while you sleep. Lots more you can do. the basic mantra you should have is: "That which is not expressly permitted is prohibited". -- Bryan CISSP/CEH/CISM Sent from my iPhone 6S...No electrons were harmed in the sending of this message. -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Thu Jun 8 07:12:19 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Thu, 8 Jun 2017 02:12:19 -0500 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: David actually what i was referring to was going through and finding the packages for yum instead of apt-get.. I was considering downsizing one of my nodes out at the data center.. That's why i was asking if anyone has converted this to centos 7 yet.. I will try and see if i get enough time to play with it and see if i can find equivalent packages to make allstarlink work in centos 7 but no promises.. Loren Tedford (KC9ZHV) Phone:618-553-0806 Fax: 1-618-551-2755 Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Wed, Jun 7, 2017 at 8:44 PM, David Shaw wrote: > So it wouldn't install on OpenVM. I can't find the kernel headers. I'll > check with the hosting site.. I loaded Debian 7.0 i386.. > > Thanks, David > > > > -- > Thanks, David > > "Laws that forbid the carrying of arms...disarm only those who are neither > inclined nor determined to commit crimes. Such laws make things worse for > the assaulted and better for the assailants; they serve rather to encourage > than prevent homicides, for an unarmed man may be attacked with greater > confidence than an armed one." > Thomas Jefferson > > On Wed, Jun 7, 2017 at 4:28 PM, David Shaw wrote: > >> Thanks Jim, I should have known. I wasn't thinking. >> >> David >> >> >> >> -- >> Thanks, David >> >> "Laws that forbid the carrying of arms...disarm only those who are >> neither inclined nor determined to commit crimes. Such laws make things >> worse for the assaulted and better for the assailants; they serve rather to >> encourage than prevent homicides, for an unarmed man may be attacked with >> greater confidence than an armed one." >> Thomas Jefferson >> >> On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen >> wrote: >> >>> May want to start here https://github.com/AllStarLink/DIAL >>> >>> Looks like it provides a script to install onto an existing Debian box. >>> >>> Jim, K6JWN >>> ________________________________________ >>> From: App_rpt-users on >>> behalf of David KE6UPI >>> Sent: Wednesday, June 7, 2017 4:16 PM >>> To: APP RPT >>> Subject: [App_rpt-users] Install scripts >>> >>> Hello, I'm looking for install scripts for Debian. I'm using a cloud >>> base VM server and wanted to see if I can in Dial RC1 on it. >>> >>> Thanks, David >>> KE6UPI >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >> >> >> > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorentedford at gmail.com Thu Jun 8 08:13:17 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Thu, 8 Jun 2017 03:13:17 -0500 Subject: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? In-Reply-To: <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> Message-ID: Bryan What about the use of UFW?? I have been using ufw in place of iptables started that about 4 years ago.. Is their a known risk from ufw rather iptables?? I thought they had similar characteristics.. Loren Tedford (KC9ZHV) Phone:618-553-0806 Fax: 1-618-551-2755 Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Wed, Jun 7, 2017 at 8:55 PM, Bryan D. Boyle wrote: > Based on tests that the security research arm of my company has run > (well-known IT company that's been around for over a century...), the > elapsed time that a system exposed to the network is discovered, probed, > and if well-known vulnerable ports are detailed (and the scum or nation > states who do this keep records), then attempted to be pwned is somewhere > between a minute to a half hour. > > Just for giggles, i spun up a pi with a sip server enabled connected to a > second port on my router and started a tail -f on the messages file and > grepped for the sip daemon. routed the sip port on my external router to > the pi, a sat back. (there was no route from the pi to my internal network) > > 3 minutes till the first probe. 15 till the attempted pwning. SIP was > the only inbound port opened. I just watched...and went on for an hour > (no, they didn't take over the system, only ate up bandwidth, of which I am > pretty ok with being on FTTH). It's all automated. don't even need human > intervention for the probe, just to select the attack vectors when the > automated system pops a live port selection. > > Default SSH is NO guarantee. Allowing root access from an interactive > login from the net port deserves to be punished. Bogus user passwords that > are guessable should be cause for your isp to turn off your connection. > Moving to a different port is just attempted security through obscurity. > Open ports from the outside inbound that allow anyone on the network to > connect will be probed and attempts (DoS, null sled, buffer overruns, etc) > to subvert your system as a c&c node, bitcoin miner, email spam relay, porn > repository, or whathaveyou is the goal. > > After doing this since 1988 or so, it's only the frequency that it > happens that's changing, not that it's happening. > > fail2ban is a good stopgap measure for ports that you positively HAVE to > have exposed. router firewall enabled and locked down? good. iptables > set up properly? passwords NOT based on dictionary words or used for your > other online activities? yeah, it's a pain. the alternative is your system > being taken over and used for other purposes while you sleep. > > Lots more you can do. the basic mantra you should have is: "That which is > not expressly permitted is prohibited". > -- > Bryan CISSP/CEH/CISM > Sent from my iPhone 6S...No electrons were harmed in the sending of this > message. > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jerutley at gmail.com Thu Jun 8 12:26:43 2017 From: jerutley at gmail.com (Jeremy Utley) Date: Thu, 8 Jun 2017 07:26:43 -0500 Subject: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? In-Reply-To: References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> Message-ID: <014d01d2e052$7d557ba0$780072e0$@gmail.com> UFW is really just a front-end for iptables. You give instructions to UFW, it does the correct IPTables lines to make it happen. Firewalld on CentOS 7 is the same way. Any network firewalling tool on Linux is going to be IPTables under the hood. Jeremy, NQ0M From: App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] On Behalf Of Loren Tedford Sent: Thursday, June 8, 2017 3:13 AM To: Users of Asterisk app_rpt Subject: Re: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? Bryan What about the use of UFW?? I have been using ufw in place of iptables started that about 4 years ago.. Is their a known risk from ufw rather iptables?? I thought they had similar characteristics.. Loren Tedford (KC9ZHV) Phone:618-553-0806 Fax: 1-618-551-2755 Email: lorentedford at gmail.com Email: KC9ZHV at KC9ZHV.com http://www.lorentedford.com http://www.kc9zhv.com http://forum.kc9zhv.com http://hub.kc9zhv.com http://Ltcraft.net http://voipham.com On Wed, Jun 7, 2017 at 8:55 PM, Bryan D. Boyle > wrote: Based on tests that the security research arm of my company has run (well-known IT company that's been around for over a century...), the elapsed time that a system exposed to the network is discovered, probed, and if well-known vulnerable ports are detailed (and the scum or nation states who do this keep records), then attempted to be pwned is somewhere between a minute to a half hour. Just for giggles, i spun up a pi with a sip server enabled connected to a second port on my router and started a tail -f on the messages file and grepped for the sip daemon. routed the sip port on my external router to the pi, a sat back. (there was no route from the pi to my internal network) 3 minutes till the first probe. 15 till the attempted pwning. SIP was the only inbound port opened. I just watched...and went on for an hour (no, they didn't take over the system, only ate up bandwidth, of which I am pretty ok with being on FTTH). It's all automated. don't even need human intervention for the probe, just to select the attack vectors when the automated system pops a live port selection. Default SSH is NO guarantee. Allowing root access from an interactive login from the net port deserves to be punished. Bogus user passwords that are guessable should be cause for your isp to turn off your connection. Moving to a different port is just attempted security through obscurity. Open ports from the outside inbound that allow anyone on the network to connect will be probed and attempts (DoS, null sled, buffer overruns, etc) to subvert your system as a c&c node, bitcoin miner, email spam relay, porn repository, or whathaveyou is the goal. After doing this since 1988 or so, it's only the frequency that it happens that's changing, not that it's happening. fail2ban is a good stopgap measure for ports that you positively HAVE to have exposed. router firewall enabled and locked down? good. iptables set up properly? passwords NOT based on dictionary words or used for your other online activities? yeah, it's a pain. the alternative is your system being taken over and used for other purposes while you sleep. Lots more you can do. the basic mantra you should have is: "That which is not expressly permitted is prohibited". -- Bryan CISSP/CEH/CISM Sent from my iPhone 6S...No electrons were harmed in the sending of this message. _______________________________________________ App_rpt-users mailing list App_rpt-users at lists.allstarlink.org http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From shawpbx at gmail.com Thu Jun 8 12:30:42 2017 From: shawpbx at gmail.com (David Shaw) Date: Thu, 8 Jun 2017 05:30:42 -0700 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: Hey Loren, I didn't see to many apt-get(s) in the script folders. A couple of files where apt-get installs. Didn't look too bad. David -- Thanks, David "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one." Thomas Jefferson On Thu, Jun 8, 2017 at 12:12 AM, Loren Tedford wrote: > David actually what i was referring to was going through and finding the > packages for yum instead of apt-get.. I was considering downsizing one of > my nodes out at the data center.. That's why i was asking if anyone has > converted this to centos 7 yet.. I will try and see if i get enough time to > play with it and see if i can find equivalent packages to make allstarlink > work in centos 7 but no promises.. > > Loren Tedford (KC9ZHV) > Phone:618-553-0806 <(618)%20553-0806> > Fax: 1-618-551-2755 <(618)%20551-2755> > Email: lorentedford at gmail.com > Email: KC9ZHV at KC9ZHV.com > http://www.lorentedford.com > http://www.kc9zhv.com > http://forum.kc9zhv.com > http://hub.kc9zhv.com > http://Ltcraft.net > http://voipham.com > > On Wed, Jun 7, 2017 at 8:44 PM, David Shaw wrote: > >> So it wouldn't install on OpenVM. I can't find the kernel headers. I'll >> check with the hosting site.. I loaded Debian 7.0 i386.. >> >> Thanks, David >> >> >> >> -- >> Thanks, David >> >> "Laws that forbid the carrying of arms...disarm only those who are >> neither inclined nor determined to commit crimes. Such laws make things >> worse for the assaulted and better for the assailants; they serve rather to >> encourage than prevent homicides, for an unarmed man may be attacked with >> greater confidence than an armed one." >> Thomas Jefferson >> >> On Wed, Jun 7, 2017 at 4:28 PM, David Shaw wrote: >> >>> Thanks Jim, I should have known. I wasn't thinking. >>> >>> David >>> >>> >>> >>> -- >>> Thanks, David >>> >>> "Laws that forbid the carrying of arms...disarm only those who are >>> neither inclined nor determined to commit crimes. Such laws make things >>> worse for the assaulted and better for the assailants; they serve rather to >>> encourage than prevent homicides, for an unarmed man may be attacked with >>> greater confidence than an armed one." >>> Thomas Jefferson >>> >>> On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen >>> wrote: >>> >>>> May want to start here https://github.com/AllStarLink/DIAL >>>> >>>> Looks like it provides a script to install onto an existing Debian box. >>>> >>>> Jim, K6JWN >>>> ________________________________________ >>>> From: App_rpt-users on >>>> behalf of David KE6UPI >>>> Sent: Wednesday, June 7, 2017 4:16 PM >>>> To: APP RPT >>>> Subject: [App_rpt-users] Install scripts >>>> >>>> Hello, I'm looking for install scripts for Debian. I'm using a cloud >>>> base VM server and wanted to see if I can in Dial RC1 on it. >>>> >>>> Thanks, David >>>> KE6UPI >>>> _______________________________________________ >>>> App_rpt-users mailing list >>>> App_rpt-users at lists.allstarlink.org >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> >>>> To unsubscribe from this list please visit >>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>> and scroll down to the bottom of the page. Enter your email address and >>>> press the "Unsubscribe or edit options button" >>>> You do not need a password to unsubscribe, you can do it via email >>>> confirmation. If you have trouble unsubscribing, please send a message to >>>> the list detailing the problem. >>> >>> >>> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit http://lists.allstarlink.org/c >> gi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of >> the page. Enter your email address and press the "Unsubscribe or edit >> options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/ > cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of > the page. Enter your email address and press the "Unsubscribe or edit > options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From szingman at msgstor.com Thu Jun 8 13:07:36 2017 From: szingman at msgstor.com (Steve Zingman) Date: Thu, 8 Jun 2017 09:07:36 -0400 Subject: [App_rpt-users] What is the "debian" user in the DIAL distro? In-Reply-To: <3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> Message-ID: <4fa882be-d6cf-c0c8-a48a-0768bdce0cbe@msgstor.com> I am checking to see how far back a "force" update will go. I can force the node to execute a script, though it's checked for by cron once a day. On 6/7/2017 9:11 PM, Bryan Fields wrote: > On 5/10/17 3:19 PM, Steve Zingman wrote: >> That is a leftover "mandated" from above. It will be disabled in the RC. > I can confirm debian/debian via ssh on port 222 (!) is now part of a well > known scanner/malware tool and identified as allstarlinux. > > This has been brute forcing a number of dial installs on HamWAN. They install > a script that tests CPU and looks to either install a bitcoin miner or network > scanner. The RPi's got the network scanner :) > > 73's From bdboyle at bdboyle.com Thu Jun 8 13:27:27 2017 From: bdboyle at bdboyle.com (Bryan D. Boyle) Date: Thu, 8 Jun 2017 09:27:27 -0400 Subject: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? In-Reply-To: <014d01d2e052$7d557ba0$780072e0$@gmail.com> References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> <014d01d2e052$7d557ba0$780072e0$@gmail.com> Message-ID: you beat me to it. thanks! -- Bryan Sent from my iPhone 6S...No electrons were harmed in the sending of this message. > On Jun 8, 2017, at 08:26, Jeremy Utley wrote: > > UFW is really just a front-end for iptables. You give instructions to UFW, it does the correct IPTables lines to make it happen. Firewalld on CentOS 7 is the same way. Any network firewalling tool on Linux is going to be IPTables under the hood. > > Jeremy, NQ0M > > From: App_rpt-users [mailto:app_rpt-users-bounces at lists.allstarlink.org] On Behalf Of Loren Tedford > Sent: Thursday, June 8, 2017 3:13 AM > To: Users of Asterisk app_rpt > Subject: Re: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? > > Bryan What about the use of UFW?? I have been using ufw in place of iptables started that about 4 years ago.. Is their a known risk from ufw rather iptables?? I thought they had similar characteristics.. > > Loren Tedford (KC9ZHV) > Phone:618-553-0806 > Fax: 1-618-551-2755 > Email: lorentedford at gmail.com > Email: KC9ZHV at KC9ZHV.com > http://www.lorentedford.com > http://www.kc9zhv.com > http://forum.kc9zhv.com > http://hub.kc9zhv.com > http://Ltcraft.net > http://voipham.com > > On Wed, Jun 7, 2017 at 8:55 PM, Bryan D. Boyle wrote: > Based on tests that the security research arm of my company has run (well-known IT company that's been around for over a century...), the elapsed time that a system exposed to the network is discovered, probed, and if well-known vulnerable ports are detailed (and the scum or nation states who do this keep records), then attempted to be pwned is somewhere between a minute to a half hour. > > Just for giggles, i spun up a pi with a sip server enabled connected to a second port on my router and started a tail -f on the messages file and grepped for the sip daemon. routed the sip port on my external router to the pi, a sat back. (there was no route from the pi to my internal network) > > 3 minutes till the first probe. 15 till the attempted pwning. SIP was the only inbound port opened. I just watched...and went on for an hour (no, they didn't take over the system, only ate up bandwidth, of which I am pretty ok with being on FTTH). It's all automated. don't even need human intervention for the probe, just to select the attack vectors when the automated system pops a live port selection. > > Default SSH is NO guarantee. Allowing root access from an interactive login from the net port deserves to be punished. Bogus user passwords that are guessable should be cause for your isp to turn off your connection. Moving to a different port is just attempted security through obscurity. Open ports from the outside inbound that allow anyone on the network to connect will be probed and attempts (DoS, null sled, buffer overruns, etc) to subvert your system as a c&c node, bitcoin miner, email spam relay, porn repository, or whathaveyou is the goal. > > After doing this since 1988 or so, it's only the frequency that it happens that's changing, not that it's happening. > > fail2ban is a good stopgap measure for ports that you positively HAVE to have exposed. router firewall enabled and locked down? good. iptables set up properly? passwords NOT based on dictionary words or used for your other online activities? yeah, it's a pain. the alternative is your system being taken over and used for other purposes while you sleep. > > Lots more you can do. the basic mantra you should have is: "That which is not expressly permitted is prohibited". > -- > Bryan CISSP/CEH/CISM > Sent from my iPhone 6S...No electrons were harmed in the sending of this message. > > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From szingman at msgstor.com Thu Jun 8 13:29:33 2017 From: szingman at msgstor.com (Steve Zingman) Date: Thu, 8 Jun 2017 09:29:33 -0400 Subject: [App_rpt-users] Security was Re: What is the "debian" user in the DIAL distro? In-Reply-To: References:

<3b010926-b549-5a5d-ff22-df1b8080f3ae@bryanfields.net> <6C114097-2223-4197-ACD4-6A87F02B7A66@bdboyle.com> <014d01d2e052$7d557ba0$780072e0$@gmail.com> Message-ID: <3d99129f-7619-80ed-e8a5-5349ecf90601@msgstor.com> Updated images will use Shorewall to "frontend" iptables On 6/8/2017 9:27 AM, Bryan D. Boyle wrote: > you beat me to it. > > thanks! > -- > Bryan > Sent from my iPhone 6S...No electrons were harmed in the sending of > this message. > > > > On Jun 8, 2017, at 08:26, Jeremy Utley > wrote: > >> UFW is really just a front-end for iptables. You give instructions >> to UFW, it does the correct IPTables lines to make it happen. >> Firewalld on CentOS 7 is the same way. Any network firewalling tool >> on Linux is going to be IPTables under the hood. >> >> Jeremy, NQ0M >> >> *From:* App_rpt-users >> [mailto:app_rpt-users-bounces at lists.allstarlink.org] *On Behalf Of >> *Loren Tedford >> *Sent:* Thursday, June 8, 2017 3:13 AM >> *To:* Users of Asterisk app_rpt > > >> *Subject:* Re: [App_rpt-users] Security was Re: What is the "debian" >> user in the DIAL distro? >> >> Bryan What about the use of UFW?? I have been using ufw in place of >> iptables started that about 4 years ago.. Is their a known risk from >> ufw rather iptables?? I thought they had similar characteristics.. >> >> >> Loren Tedford (KC9ZHV) >> >> Phone:618-553-0806 >> >> Fax: 1-618-551-2755 >> Email: lorentedford at gmail.com >> >> Email: KC9ZHV at KC9ZHV.com >> >> http://www.lorentedford.com >> >> http://www.kc9zhv.com >> >> http://forum.kc9zhv.com >> >> http://hub.kc9zhv.com >> >> http://Ltcraft.net >> >> http://voipham.com >> >> On Wed, Jun 7, 2017 at 8:55 PM, Bryan D. Boyle > > wrote: >> >> Based on tests that the security research arm of my company has >> run (well-known IT company that's been around for over a >> century...), the elapsed time that a system exposed to the >> network is discovered, probed, and if well-known vulnerable ports >> are detailed (and the scum or nation states who do this keep >> records), then attempted to be pwned is somewhere between a >> minute to a half hour. >> >> Just for giggles, i spun up a pi with a sip server enabled >> connected to a second port on my router and started a tail -f on >> the messages file and grepped for the sip daemon. routed the sip >> port on my external router to the pi, a sat back. (there was no >> route from the pi to my internal network) >> >> 3 minutes till the first probe. 15 till the attempted pwning. >> SIP was the only inbound port opened. I just watched...and went >> on for an hour (no, they didn't take over the system, only ate up >> bandwidth, of which I am pretty ok with being on FTTH). It's all >> automated. don't even need human intervention for the probe, >> just to select the attack vectors when the automated system pops >> a live port selection. >> >> Default SSH is NO guarantee. Allowing root access from an >> interactive login from the net port deserves to be punished. >> Bogus user passwords that are guessable should be cause for your >> isp to turn off your connection. Moving to a different port is >> just attempted security through obscurity. Open ports from the >> outside inbound that allow anyone on the network to connect will >> be probed and attempts (DoS, null sled, buffer overruns, etc) to >> subvert your system as a c&c node, bitcoin miner, email spam >> relay, porn repository, or whathaveyou is the goal. >> >> After doing this since 1988 or so, it's only the frequency that >> it happens that's changing, not that it's happening. >> >> fail2ban is a good stopgap measure for ports that you positively >> HAVE to have exposed. router firewall enabled and locked down? >> good. iptables set up properly? passwords NOT based on >> dictionary words or used for your other online activities? yeah, >> it's a pain. the alternative is your system being taken over and >> used for other purposes while you sleep. >> >> Lots more you can do. the basic mantra you should have is: "That >> which is not expressly permitted is prohibited". >> -- >> >> Bryan CISSP/CEH/CISM >> >> Sent from my iPhone 6S...No electrons were harmed in the sending >> of this message. >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> and scroll down to the bottom of the page. Enter your email >> address and press the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via >> email confirmation. If you have trouble unsubscribing, please >> send a message to the list detailing the problem. >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> and scroll down to the bottom of the page. Enter your email address >> and press the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a >> message to the list detailing the problem. > > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From petem001 at gmail.com Thu Jun 8 14:03:49 2017 From: petem001 at gmail.com (Pierre Martel) Date: Thu, 08 Jun 2017 14:03:49 +0000 Subject: [App_rpt-users] Install scripts In-Reply-To: References:

Message-ID: Not all hosting site permit the installation of kernel module like Dahdi, si check with then before going further. Le jeu. 8 juin 2017 ? 08:30, David Shaw a ?crit : > Hey Loren, I didn't see to many apt-get(s) in the script folders. A couple > of files where apt-get installs. Didn't look too bad. > > David > > > > -- > Thanks, David > > "Laws that forbid the carrying of arms...disarm only those who are neither > inclined nor determined to commit crimes. Such laws make things worse for > the assaulted and better for the assailants; they serve rather to encourage > than prevent homicides, for an unarmed man may be attacked with greater > confidence than an armed one." > Thomas Jefferson > > On Thu, Jun 8, 2017 at 12:12 AM, Loren Tedford > wrote: > >> David actually what i was referring to was going through and finding the >> packages for yum instead of apt-get.. I was considering downsizing one of >> my nodes out at the data center.. That's why i was asking if anyone has >> converted this to centos 7 yet.. I will try and see if i get enough time to >> play with it and see if i can find equivalent packages to make allstarlink >> work in centos 7 but no promises.. >> >> Loren Tedford (KC9ZHV) >> Phone:618-553-0806 <(618)%20553-0806> >> Fax: 1-618-551-2755 <(618)%20551-2755> >> Email: lorentedford at gmail.com >> Email: KC9ZHV at KC9ZHV.com >> http://www.lorentedford.com >> http://www.kc9zhv.com >> http://forum.kc9zhv.com >> http://hub.kc9zhv.com >> http://Ltcraft.net >> http://voipham.com >> >> On Wed, Jun 7, 2017 at 8:44 PM, David Shaw wrote: >> >>> So it wouldn't install on OpenVM. I can't find the kernel headers. I'll >>> check with the hosting site.. I loaded Debian 7.0 i386.. >>> >>> Thanks, David >>> >>> >>> >>> -- >>> Thanks, David >>> >>> "Laws that forbid the carrying of arms...disarm only those who are >>> neither inclined nor determined to commit crimes. Such laws make things >>> worse for the assaulted and better for the assailants; they serve rather to >>> encourage than prevent homicides, for an unarmed man may be attacked with >>> greater confidence than an armed one." >>> Thomas Jefferson >>> >>> On Wed, Jun 7, 2017 at 4:28 PM, David Shaw wrote: >>> >>>> Thanks Jim, I should have known. I wasn't thinking. >>>> >>>> David >>>> >>>> >>>> >>>> -- >>>> Thanks, David >>>> >>>> "Laws that forbid the carrying of arms...disarm only those who are >>>> neither inclined nor determined to commit crimes. Such laws make things >>>> worse for the assaulted and better for the assailants; they serve rather to >>>> encourage than prevent homicides, for an unarmed man may be attacked with >>>> greater confidence than an armed one." >>>> Thomas Jefferson >>>> >>>> On Wed, Jun 7, 2017 at 4:25 PM, Jim Nessen >>>> wrote: >>>> >>>>> May want to start here https://github.com/AllStarLink/DIAL >>>>> >>>>> Looks like it provides a script to install onto an existing Debian box. >>>>> >>>>> Jim, K6JWN >>>>> ________________________________________ >>>>> From: App_rpt-users on >>>>> behalf of David KE6UPI >>>>> Sent: Wednesday, June 7, 2017 4:16 PM >>>>> To: APP RPT >>>>> Subject: [App_rpt-users] Install scripts >>>>> >>>>> Hello, I'm looking for install scripts for Debian. I'm using a cloud >>>>> base VM server and wanted to see if I can in Dial RC1 on it. >>>>> >>>>> Thanks, David >>>>> KE6UPI >>>>> _______________________________________________ >>>>> App_rpt-users mailing list >>>>> App_rpt-users at lists.allstarlink.org >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> >>>>> To unsubscribe from this list please visit >>>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>>>> and scroll down to the bottom of the page. Enter your email address and >>>>> press the "Unsubscribe or edit options button" >>>>> You do not need a password to unsubscribe, you can do it via email >>>>> confirmation. If you have trouble unsubscribing, please send a message to >>>>> the list detailing the problem. >>>> >>>> >>>> >>> >>> _______________________________________________ >>> App_rpt-users mailing list >>> App_rpt-users at lists.allstarlink.org >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >>> >>> To unsubscribe from this list please visit >>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >>> scroll down to the bottom of the page. Enter your email address and press >>> the "Unsubscribe or edit options button" >>> You do not need a password to unsubscribe, you can do it via email >>> confirmation. If you have trouble unsubscribing, please send a message to >>> the list detailing the problem. >>> >> >> >> _______________________________________________ >> App_rpt-users mailing list >> App_rpt-users at lists.allstarlink.org >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users >> >> To unsubscribe from this list please visit >> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and >> scroll down to the bottom of the page. Enter your email address and press >> the "Unsubscribe or edit options button" >> You do not need a password to unsubscribe, you can do it via email >> confirmation. If you have trouble unsubscribing, please send a message to >> the list detailing the problem. >> > > _______________________________________________ > App_rpt-users mailing list > App_rpt-users at lists.allstarlink.org > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users > > To unsubscribe from this list please visit > http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and > scroll down to the bottom of the page. Enter your email address and press > the "Unsubscribe or edit options button" > You do not need a password to unsubscribe, you can do it via email > confirmation. If you have trouble unsubscribing, please send a message to > the list detailing the problem. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Bryan at bryanfields.net Thu Jun 8 18:41:52 2017 From: Bryan at bryanfields.net (Bryan Fields) Date: Thu, 8 Jun 2017 14:41:52 -0400 Subject: [App_rpt-users] Debian Allstar Linux Image (DIAL) vulnerability Message-ID: <27d2ee9f-cc07-1e99-1008-8e9695697227@bryanfields.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Debian Allstar Linux Image (DIAL) vulnerability AllStarLink, Inc June 8, 2017 Summary A critical vulnerability has been found in DIAL permitting a remote attacker log into the node and gain local user shell. This vulnerability exists because the DIAL default install has a default user account with a static password. An attacker could exploit this vulnerability by connecting remotely to a node and logging in by using the credentials for this default user account. AllStarLink has released new x86 and arm install images which remove this default account by default. No privilege escalation has been found. Affected Releases DIAL x86 DIAL arm (Raspberry Pi) Workarounds Depending on release remove the following user accounts: pi - arm debian - x86 Example code to disable and remove accounts: x86: 'passwd -d debian' 'userdel -r debian' arm: 'passwd -d pi' 'userdel -r pi' Further an acl or firewall can be used to restrict remote ssh access to the node. Exploitation and Public Announcements A well known scanning tool has added "allstarlinux" to it's exploit scanning tools. Exploited systems have been found to engage in bitcoin mining, SIP termination or further scanning. If a node has been exploited AllStarLink recommends a re-imaging of the system. Fixed Releases Users should upgrade to the current RC1 release. arm - http://dvswitch.org/files/DIAL/amd64-i386-DIAL-RC1.tar.gz x86 - http://dvswitch.org/files/DIAL/RAT_RC1.tar.gz Further notes The older centos based ACID distribution has not been checked to determine if it's affected by this vulnerability. ACID has been depreciated and unsupported since 2015. All ACID users should migrate immediately to DIAL. The AllStarLink app_rpt mailing list provides a discussion forum and access to the admin and development teams. We encourage all users to join and participate. http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users Status of this Notice This notice provides information for the community. Distribution of this notice is unlimited. Copyright Copyright (C) AllStarLink, Inc (2017). All Rights Reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZOZpwAAoJEGE5oGFSxpFAy8IP/37XXJYK/3RFjtm6tV1+HUYk haB3H3fMi0MpEH2j4q1OlWyo1QGJKXt73L01m8c2K/O5cT3TvFhc/VzSOugwB1R1 xVWAzm1gycBKzDRe535cdyih4NEVCzZixlH8crs2s1JxSq1xQKMojdc+g3v0ogGn 8PywTlUqAHMrCfmqmouZcVPferV4mNvlYkcglJm2ZYLnSnW3BEIEHrYqGfWReoXB rJ1hAtY7tJlqHaJ6woBcslkE0RljEB+VI0HK96FBUeGDJwW1w/Hy6pEN0SbOvOtY r19INGoEjgN55U1Mnkbnc8hH4HtycWDqVIUDfyBIlB+pqjOlj0Vmx0XUB6x0Fzkf rh6WzFLib8AAEZMjMyt439mWB2LLh/X+6mP+zmaYdJIZtOEXZZCj0QhOh6p36ZD9 rVBYB4OJnxQ5a7FvNr0k44GTc/VxmG8M8hNoXDD91HNJPOdQQUFTA5O9YcvR7z7x FZ5moFCYbIL/Iut5OIXv+ZTu18czb66etX4hkbp5wZkyJRNaWZZ29b94j68S8Pr/ r5qxlDHVSdV5i7VpU1tmc66E7XaqVX4A3bXdeVUSIGi6T7FI68w2ZMjJcor6ZhTg gjBncLFoBiEEETM4kDS+3ro3JT9R86s6BdnvoZ1PYrpoNW830pgXx6tj6VXOgvrS VTF5N7Y0nTFyp6nSF+5c =KD2I -----END PGP SIGNATURE----- From Bryan at bryanfields.net Thu Jun 8 18:47:00 2017 From: Bryan at bryanfields.net (Bryan Fields) Date: Thu, 8 Jun 2017 14:47:00 -0400 Subject: [App_rpt-users] To All DIAL Users from AllStarLink Admin Team Message-ID: <6500d152-0934-42a2-bae7-79544481dc95@bryanfields.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 All DIAL users, The AllStarLink administrative team has identified a vulnerability in DIAL. These details are available in a separate notice. In part to mitigate this, we have identified a way to fix this via the well known user account. We propose to to script and execute code which should fix this issue on any nodes connected to the ASL network. What will this script do? This script will disable all the "pi" and "debian" users, killall process running by these users and then logout of the node. Once this is complete ASL will no longer have remote access to the node. What if I don't want this done to my node? Change the login or restrict login via ssh for the pi and debian users. You may also email the admin team with your node numbers to opt-out. Why is the admin team taking these actions? Why not allow people to fix their own nodes? The admin team believes most users of DIAL are generally radio users first, and Linux administrators second. Many may not know what issues this can cause on their system and the admin team believes this will mitigate any problems end users may have mitigating this on their own. Any user is free to opt-out and respond to this issue in their own way if they so choose. What if I'm running ACID? ACID is unsupported and quite outdated. We encourage all ACID users to migrate to DIAL. What if I'm using another distribution or have compiled AllStar from source? It's likely you're unaffected and have the skills to maintain your node securely on your own. What if my box is compromised? If your node is compromised we suggest a complete re-install. From the exploits we have seen in the wild, none have root or done anything other than scanning/bitcoin mining. We have see the attackers download the asterisk config files so it would be wise to change any passwords you may have. We suspect this is looking to exploit SIP call termination for profit. What if I have questions not answered here? Please post them to the AllStarLink mailing list. Note: you must be subscribed to post. http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users When will this action take place? The ASL admin team is expecting to do this at 0000 UTC June 10, 2017 Status of this Notice This notice provides information for the community. Distribution of this notice is unlimited. Copyright Copyright (C) AllStarLink, Inc (2017). All Rights Reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZOZukAAoJEGE5oGFSxpFAeLEQALpM6xXUBKYPJkg0A2hBvliO XaacHft445/UHDku6U+1+U3SBXaqePmkjLZHrvW9leXoNxX3uhrqudj/VihYl8t2 O3o+jl056SeQWwwEP10u0dFgUgqcSPpOjl2z8DrKQOJgTp7M/NxCBIJZolaQLih2 AtF/FQWD0BVhml5ngdzq6NwuvSqL/wsf+WgwxKCTjh8zZA6VnRhCgg2+khxD2rgp TWWnQ6uyLrUijVINyS2U0+TCWobQ+NDkAm6acRXpgPzn63ufvfSrqfEWWEeOlGkq qxjkrrTg5jZwKvUBruNtqnOt+3TZa4r1vin51VtgRll0pRfUWl6cHPBUHoziM4it FlJUGLJg1fnqBWOiYi6R58QddK5sffaDO7UTmTJKb6TOGsS86iF4nu2p2TgPJL8z TxQkaLx7+/3VhJ+6ZlV1T82Ma9bzb+P3WLasRiOPYiazXoQXaKSuaLJ9u/yZKp2r P03O2KKIZ9pw1a5KikkJvJoCzfOkOTesvYxJPdt5iRffMW9S6wS+M0ixCCjrZF+V ylCcUjs2lu+dh5PkG7rzY42xKYZLL97YmYEzE8OzmX0m6tK4yN6cgjlFL7/fyCpD wZN+3d0Nc/PZzRyHE2c71s48yGfT54ZxwEVT319BIyeNd03AMSdrcohod9OHmP2W snoffMWy6An+zHv8uY0u =K4be -----END PGP SIGNATURE----- From nessenj at jimsoffice.org Thu Jun 8 19:08:04 2017 From: nessenj at jimsoffice.org (Jim Nessen) Date: Thu, 8 Jun 2017 19:08:04 +0000 Subject: [App_rpt-users] To All DIAL Users from AllStarLink Admin Team In-Reply-To: <6500d152-0934-42a2-bae7-79544481dc95@bryanfields.net> References: <6500d152-0934-42a2-bae7-79544481dc95@bryanfields.net> Message-ID: Great write up, thank you! Jim, K6JWN ________________________________________ From: App_rpt-users on behalf of Bryan Fields Sent: Thursday, June 8, 2017 11:47 AM To: Users of Asterisk app_rpt Subject: [App_rpt-users] To All DIAL Users from AllStarLink Admin Team -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 All DIAL users, The AllStarLink administrative team has identified a vulnerability in DIAL. These details are available in a separate notice. In part to mitigate this, we have identified a way to fix this via the well known user account. We propose to to script and execute code which should fix this issue on any nodes connected to the ASL network. What will this script do? This script will disable all the "pi" and "debian" users, killall process running by these users and then logout of the node. Once this is complete ASL will no longer have remote access to the node. What if I don't want this done to my node? Change the login or restrict login via ssh for the pi and debian users. You may also email the admin team with your node numbers to opt-out. Why is the admin team taking these actions? Why not allow people to fix their own nodes? The admin team believes most users of DIAL are generally radio users first, and Linux administrators second. Many may not know what issues this can cause on their system and the admin team believes this will mitigate any problems end users may have mitigating this on their own. Any user is free to opt-out and respond to this issue in their own way if they so choose. What if I'm running ACID? ACID is unsupported and quite outdated. We encourage all ACID users to migrate to DIAL. What if I'm using another distribution or have compiled AllStar from source? It's likely you're unaffected and have the skills to maintain your node securely on your own. What if my box is compromised? If your node is compromised we suggest a complete re-install. From the exploits we have seen in the wild, none have root or done anything other than scanning/bitcoin mining. We have see the attackers download the asterisk config files so it would be wise to change any passwords you may have. We suspect this is looking to exploit SIP call termination for profit. What if I have questions not answered here? Please post them to the AllStarLink mailing list. Note: you must be subscribed to post. http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users When will this action take place? The ASL admin team is expecting to do this at 0000 UTC June 10, 2017 Status of this Notice This notice provides information for the community. Distribution of this notice is unlimited. Copyright Copyright (C) AllStarLink, Inc (2017). All Rights Reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJZOZukAAoJEGE5oGFSxpFAeLEQALpM6xXUBKYPJkg0A2hBvliO XaacHft445/UHDku6U+1+U3SBXaqePmkjLZHrvW9leXoNxX3uhrqudj/VihYl8t2 O3o+jl056SeQWwwEP10u0dFgUgqcSPpOjl2z8DrKQOJgTp7M/NxCBIJZolaQLih2 AtF/FQWD0BVhml5ngdzq6NwuvSqL/wsf+WgwxKCTjh8zZA6VnRhCgg2+khxD2rgp TWWnQ6uyLrUijVINyS2U0+TCWobQ+NDkAm6acRXpgPzn63ufvfSrqfEWWEeOlGkq qxjkrrTg5jZwKvUBruNtqnOt+3TZa4r1vin51VtgRll0pRfUWl6cHPBUHoziM4it FlJUGLJg1fnqBWOiYi6R58QddK5sffaDO7UTmTJKb6TOGsS86iF4nu2p2TgPJL8z TxQkaLx7+/3VhJ+6ZlV1T82Ma9bzb+P3WLasRiOPYiazXoQXaKSuaLJ9u/yZKp2r P03O2KKIZ9pw1a5KikkJvJoCzfOkOTesvYxJPdt5iRffMW9S6wS+M0ixCCjrZF+V ylCcUjs2lu+dh5PkG7rzY42xKYZLL97YmYEzE8OzmX0m6tK4yN6cgjlFL7/fyCpD wZN+3d0Nc/PZzRyHE2c71s48yGfT54ZxwEVT319BIyeNd03AMSdrcohod9OHmP2W snoffMWy6An+zHv8uY0u =K4be -----END PGP SIGNATURE----- _______________________________________________ App_rpt-users mailing list App_rpt-users at lists.allstarlink.org http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button" You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem. From tom at tomh.us Thu Jun 8 19:13:41 2017 From: tom at tomh.us (Tom Hayward) Date: Thu, 8 Jun 2017 12:13:41 -0700 Subject: [App_rpt-users] Debian Allstar Linux Image (DIAL) vulnerability In-Reply-To: <27d2ee9f-cc07-1e99-1008-8e9695697227@bryanfields.net> References: <27d2ee9f-cc07-1e99-1008-8e9695697227@bryanfields.net> Message-ID: On Thu, Jun 8, 2017 at 11:41 AM, Bryan Fields wrote: > A critical vulnerability has been found in DIAL permitting a remote > attacker log into the node and gain local user shell. > > This vulnerability exists because the DIAL default install has a > default user account with a static password. An attacker could > exploit this vulnerability by connecting remotely to a node and > logging in by using the credentials for this default user account. I appreciate the formality of this notice, but this "vulnerability" isn't exactly a secret. The instructions for reproducing it are FAQ #2 :-) http://docs.allstarlink.org/drupal/node/170 Hopefully it is now obvious to everyone that this password should be changed before deploying the node. I wonder if it might be best to disable password login in ssh by default. The user could place their key on the filesystem after netinstall or flashing the SD card. Tom KD7LXL From lorentedford at gmail.com Thu Jun 8 21:29:43 2017 From: lorentedford at gmail.com (Loren Tedford) Date: Thu, 8 Jun 2017 16:29:43 -0500 Subject: [App_rpt-users] Install scripts In-Reply-To: References: