Home » Posts tagged 'piaf' (Page 2)

Tag Archives: piaf

The Most Versatile VoIP Provider: FREE PORTING

Tempus Fugit: Introducing Incredible PBX Alarm Clock for Asterisk and XiVO

So you’re in a hurry and need a quick way to remind yourself of an upcoming appointment. With Siri or your Apple Watch, you can say "Hey Siri, set an alarm for 9 a.m." On an Android phone, just say "OK Google, set an alarm for 9 a.m." And with the Amazon Echo, shout out "Alexa, set an alarm for 9 a.m." But, hey, everyone doesn’t have a fancy smartphone or an Echo. Besides that, they’re not always convenient.

If you have Incredible PBX™ for Asterisk® or XiVO® running in your home or office, it’s even easier. Just pick up any phone and dial *88 plus the time for the alarm using "military time." Dialing *880900 will set an alarm for 9 a.m. and *882100 will set an alarm for 9 p.m. If it’s already later than 9 a.m. when you dial *880900, then the alarm will be set for the following morning at 9 a.m. Doesn’t get any easier than that.

As we mentioned, this new application is primarily for Incredible PBX users, but it will work with any Asterisk server if you have previously installed Telephone Reminders. The Telephone Reminders app is included in all previous releases of Incredible PBX for XiVO, PBX in a Flash, Elastix, CentOS, Scientific Linux, Ubuntu, Debian, and even the Raspberry Pi.

Installing Incredible PBX Alarm Clock on the XiVO Platform

If you’re already using our latest Incredible PBX creation for the XiVO platform, then installation of the Alarm Clock application is a one-minute procedure. If you downloaded Incredible PBX for XiVO after July 13, the Alarm Clock application already is included. Otherwise, log into your server as root and issue the following commands:

cd /root
wget http://incrediblepbx.com/alarms-xivo.sh
chmod +x alarms-xivo.sh
./alarms-xivo.sh

Installing Incredible PBX Alarm Clock on the Other Platforms

As we mentioned, the Alarm Clock application requires an existing setup of Incredible PBX with Telephone Reminders on any of the following platforms: PBX in a Flash, Elastix, CentOS, Scientific Linux, Ubuntu, Debian, or Raspbian for the Raspberry Pi. If you’re using any of these Incredible PBX platforms, simply log into your server as root and issue the following commands to get the Alarm Clock application installed and configured:

cd /
wget http://incrediblepbx.com/alarms4incredible.tar.gz
tar zxvf alarms4incredible.tar.gz
rm -f alarms4incredible.tar.gz
cd /root
./alarms4incredible.sh

A Quick Introduction to Military Time for All of Our Civilian Friends

"Military time" means the day begins at 0001 for 12:01 a.m. The morning ends at 1159 for 11:59 a.m. For P.M. times, they start at 1200 for noon and end at 2359 for 11:59 p.m. Now’s your chance to play soldier in case you missed the draft. Enjoy!

Taking the Incredible PBX Alarm Clock for a Spin

Once you’ve got the Alarm Clock application in place, it’s time for a test drive. Check your watch for the current time and add 2 minutes. Convert the time to military time. Then pick up any phone connected to your PBX and dial *88 plus the four-digit number for the alarm time you calculated. Remember, if you choose a time that has already come and gone for today, your alarm will be scheduled for the corresponding time tomorrow so don’t cut it too close if your watch doesn’t keep perfect time.

For those wanting to learn how to write Asterisk dialplan code, now is a perfect time. The Alarm Clock application was written without a single line of code from any high-level language including PHP. On the XiVO platform, you’ll find the code at the bottom of /etc/asterisk/extensions_extra.d/xivo-extrafeatures.conf.

On the other Incredible PBX platforms, you’ll find the code at the top of /etc/asterisk/extensions_custom.conf. Just search for *88 in the dialplan.

Reviewing Scheduled Alarms with a Web Browser

You can use the Telephone Reminders web application at http://IPaddress/reminders to review alarms which you have scheduled using *88. With Incredible PBX, they look just like other Telephone Reminders which you may have scheduled either using a phone by dialing 123 or using the Telephone Reminders web application.

Originally published: Monday, July 18, 2016





Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

The FUD Factor: Why Does the Asterisk Community Shoot Itself in the Foot?



2015 has been quite the year for the Asterisk® VoIP community. First came the surprise announcement that Sangoma® had acquired FreePBX®. Next, Digium® caved on Asterisk-GUI and adopted FreePBX as their "free" distribution giving Sangoma a virtual monopoly in the Asterisk graphical user interface and aggregation market. And then the fireworks began. There were only two open source and GPL-compliant Asterisk aggregations left: Elastix® and PBX in a Flash™.

We had been on a downhill slide with the Schmoozers for quite a while after their "commercial tech support" for PBX in a Flash morphed into a sales pitch to switch users to the FreePBX Distro. What they left out of the narrative was the fact that the FreePBX Distro is neither open source nor a GPL product. Not only is it laced with NagWare and CrippleWare, but you are prohibited from redistributing or reusing the code. While it’s copyrighted and trademarked up the ying yang, it’s also full of "trade secrets" and GPL code obtained for free from the open source community. So much for the GPL. The Free Software Foundation has long since lost its appetite for lawsuits. Digium has kept a low profile through all of this. That’s probably because they’re now 100% dependent upon FreePBX, an integral component in their morphed AsteriskNOW® product.

If you’ve been involved in the technology business, you already know that the marketing strategy for many companies is full of examples of the traditional Good Cop/Bad Cop routine: beat you up with the bad guy and then let the good guy swoop in to close the deal. With free software, there’s another hurdle. You’ve first got to persuade customers that they really don’t want something for nothing. They’ll be much better off paying for everything: software, add-ons, updates/upgrades, and support. Remember the old adage: "Nobody ever got fired for choosing IBM®." Same song, different verse!

In the Asterisk VoIP community, there’s been another secret ingredient: fear, uncertainty, and doubt. Yes, good old FUD. This strategy relies upon confusing everybody to the point that they throw up their hands and stop believing anything anybody says. Then the good guy swoops in to close the commercial deal for the "safe company." Classic IBM!

With a legal background, we’d be the first to admit that the FUD strategy is difficult to deal with. You’re trying to explain fairly complex technical material in a logical way and all of a sudden you’re bombarded with completely off-the-wall comments that have no basis in fact. If you love Fox News, you’re accustomed to this already. Never mind the images on the screen don’t match the story that’s being told. The point is to make things look worse than they are so that the blonde bombshell can swoop in and say literally anything… and you’ll believe it.

If you watched Tag Team Wrestling as a kid, you’ll appreciate this sales strategy. Here we use one of our employees to publish a position on social media such as Twitter or one of the forums. Then other employees chime in with how brilliant the first employee’s idea really was. Better yet, get a handful of anonymous resellers to join in. This is especially effective when the general public has no clue that these folks are affiliated with the company and its marketing strategy.

If all else fails, bring on the personal attacks. Anyone that doesn’t agree with your position is labeled a troll and the piling on begins from other employees and resellers. Of course, there are always a few that stay above the fray urging everyone to "just get along" for the sake of the Asterisk "community." Classic Rodney King.

In the meantime, we’re watching an already fractured VoIP market that seems headed for oblivion. Have you watched how your kids communicate lately? Do you really think they’re going to be relying on PBXs ten or fifteen years down the road when all of their smartphone calls and messaging are basically free? Did we mention the other elephants in the room: Skype, Hangouts, and FaceTime? America’s Big 3 already provide free worldwide telecommunications and video conferencing with any smartphone or desktop computer. And TV support is becoming commonplace. So… Party On, FUD Masters.

Let’s look at a few examples of how this has played out. The best example is security. No sane IT guy would ever run a VoIP server fully exposed to the Internet without several layers of security including either a hardware or software-based firewall. That’s Networking 101. Yet there was a group of folks in the Asterisk community that, over the course of 10 years, never mentioned firewalls at all… until a few months ago. Guess who? And guess who’s server platform consistently got hacked? The response: FUD, and lots of it. When users began reporting totally compromised servers, "the team" response was disbelief and, of course, a post documenting a vulnerability in PBX in a Flash. The difference? The PBX in a Flash vulnerability still required administrator permission and an admin password for access. But, hey, it was a vulnerability and all vulnerabilities are alike, right? Wrong. Pure FUD but the equal billing of both vulnerabilities on their forum for months presumably achieved the goal of demonstrating that all software has "issues" from time to time.


And then there was the FreePBX Firewall, a recent creation that runs within the FreePBX GUI and is accessible within a web browser without root user permissions. There’s only one catch. A vulnerability in the firewall gave the intruder root access to the server without ever obtaining root user credentials. It doesn’t get much more dangerous than that. And, sure enough, while the developer was at AstriCon crowing about his awards and firewall accomplishments, a root exploit was identified less than a week after the product hit the market. The response? We fixed the only known vulnerability. Well, not so fast. The problem with the design is that users were continually locking themselves out of their own servers because they didn’t quite know what they were doing in implementing the new firewall rules. After bad-mouthing PortKnocker as an overly complex magic incantation, the developer couldn’t quite bring himself to go that route to get users back into their servers. After all, firewalls are supposed to be easy. Instead, he chose to disable the firewall entirely during the first 5 minutes after a server was rebooted. Sounds great, right? Wrong again. Almost any DDOS attack has the potential to crash a server and force a reboot. Guess who gets the easy pass to hack your server after the server comes crashing down? You may be wondering how a root vulnerability occurs when FreePBX runs as the asterisk user. Good question. And the answer is you have to load the encrypted SysAdmin module which reportedly gives itself root permissions to servers. In response… FUD and more FUD.


The latest FUD involves the so-called Module Signature Checking mechanism in FreePBX 12. Sangoma claims it was to protect end-users by throwing up glaring error messages whenever you install or use a FreePBX module that wasn’t produced by (you guessed it!) Sangoma. Our take is it was a not-so-subtle attempt to freeze everyone else out of the FreePBX module development market where Sangoma hopes to make a fortune in license fees and renewal contracts. Dream on. The downside is that, with the exception of a single module to support Digium® phones, there hasn’t been a non-Sangoma module for FreePBX produced in years! The FUD hit the fan when we published (OPTIONAL) code to let administrators remove the module signature checking mechanism if they chose to do so. This meant FreePBX 12 GPL modules worked exactly like those in every previous version of FreePBX. Suddenly, lack of module signatures became a security issue… except in earlier FreePBX releases, of course. What’s particularly disingenuous about this latest FUD attack is that FreePBX 2.11 and prior releases are still in active use. None of those releases even had the option to enable module signature checking whether an administrator wanted it or not. And, of course, all Incredible PBX builds include a preconfigured firewall that blocks all of the bad guys from even seeing your server much less attacking it. But suddenly our giving the administrator the option to use module signature checking has become a critical "security issue" that will cause users to "get hacked and lose money." That’s the Sangoma FUD mentality we’re dealing with folks.

Finally, let’s talk about hardware. Sangoma loves hardware. It is or, more accurately, was their bread and butter. First, they touted their Session Border Controller as the only way to protect an Asterisk server. For the FUD scorecard on SBCs, read our SBC article. And then there are the Asterisk appliances, preconfigured FreePBX Distro boxes running on generic (overpriced) computer platforms. In a recent article, we noted that a $200 Intel® NUC could run circles around the entry-level $579 FreePBX Phone System 50. And, for $500, a high performance Intel NUC could actually run a half-dozen or more Asterisk servers. Didn’t take long for a FreePBX cheerleader to crank up the FUD proclaiming that Intel NUC’s won’t boot:


Of course, if Mr. Messano had bothered to read the Nerd Vittles article, he would have learned that it only took about 10 seconds to apply a BIOS tweak that solved the booting problem forever. But, again, the damage was done. Believe it or not, many casual observers derive much of their technical expertise from 140-character tweets. And some will no doubt conclude that there must be a problem with the Intel hardware. Otherwise, why would some stranger suggest such a thing.

The point of all this is to document why those relying upon Asterisk for their bread and butter would do well to start devising a backup plan. Many in the business, medical, and government communities are reluctant to touch Asterisk with a 10-foot pole and now you know why. Over 500,000 people read Nerd Vittles each year. That’s not to suggest that they all agree with everything we suggest. But you can rest assured that they will continue to hear both sides when these hit-and-run attacks occur. As a CEO in the Asterisk "community," we’d be asking whether this approach is really worth the cost to the shareholders? While the derisive comments of some employees may play well to backslapping coworkers, the long-term consequence of alienating actual decision-makers reading this misleading FUD will be to drive serious customers to other platforms permanently. "Where there’s smoke, there’s probably fire" goes the old saying. And, while Asterisk 13 has proven itself to be a good platform for a business phone system, the end-user alienation and disingenuous FUD ultimately are going to have repercussions for businesses that have chosen to earn a living using Asterisk. As an Asterisk evangelist and a shareholder of Sangoma, we view these developments as unfortunate because the wounds are mostly self-inflicted.

For the rest of the story…

Originally published: Wednesday, November 18, 2015



Need help with Asterisk? Come join the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

FCC and Asterisk Now Provide The Tools Needed to Put an End to Robocalls

One of the biggest jokes in the U.S. telecommunications industry has been the FCC’s Do Not Call List, a convenient source of working phone numbers for all the spammers on Planet Earth to use. Despite the threat of heavy fines, the FCC received 215,000 complaints in 2014 regarding unwanted robocalls and spam texts. In June, the FCC promulgated new rules clarifying that service providers could offer robocall-blocking technologies to consumers and implement market-based solutions that consumers could use to stop unwanted robocalls. Ten days ago, the FCC began publishing a weekly spreadsheet of 10-digit numbers associated with robocallers. And today we are pleased to do our part and provide a simple script which lets you deploy and periodically update the FCC’s RoboCall Blacklist on any Asterisk® 11 or 13 server platform.


Overview. Asterisk 11 and 13 already include a Blacklist feature to block unwanted callers. This functionality also has been integrated into the FreePBX® GUI for many years. Because of the size of the FCC RoboCall Blacklist, however, an indexed, robust database will be necessary to manage this on a busy PBX. With Asterisk 11 and 13, the integrated Asterisk Database now relies upon SQLite 3 with awesome performance. We need a simple way to distinguish FCC RoboCall Blacklist entries from other Blacklist entries that your PBX users have added either by phone using *30 and *32 or using the Blacklist feature in the GUI. In this way, the FCC entries can be replaced each week with a newer list while preserving any user-created Blacklist entries. There were several approaches to implementation discussed, and you can read all about them on the PIAF Forum. We’ve cherrypicked what we think are the best of all worlds employing a single script with some really elegant additions provided by Adam Goldberg and Dick Ollett. We have chosen a methodology that does not require Asterisk to be offline when the script is run so you can run it at any time. The script always makes a backup copy of the last FCC Blacklist just in case the FCC "improves things" and blows the current approach out of the water. You can recover by loading the previous week’s entries using the import-last-fcc-blacklist script. Only when you run the script the first time will you be asked to agree to the license agreement. After that you can incorporate the script into weekly cron jobs and forget about it.

WARNING: The FCC Blacklist now exceeds 200,000 numbers and is no longer recommended for Asterisk implementations!

Installation. Installing the software is easy. Log into your Asterisk server as root and issue the following commands:

cd /root
wget http://incrediblepbx.com/fcc-blacklist.tar.gz
tar zxvf fcc-blacklist.tar.gz
rm -f fcc-blacklist.tar.gz

Update: There’s good news. This software now works with XiVO! Tutorial here.

Operation. After installation, you’ll end up with a copy of the GPL2 license (COPYING) and 2 scripts: import-fcc-blacklist and import-last-fcc-blacklist (described above). Each week, simply run import-fcc-blacklist. After running it once, if you want to add it to /etc/crontab, here’s the command that will do it for you and spread the load on the FCC download site:

echo "$(($RANDOM%60)) $(($RANDOM%24)) * * $(($RANDOM%2 +6 )) root /root/import-fcc-blacklist > /dev/null" >> /etc/crontab

NOTE: For each FCC Blacklist entry that’s added, you’ll get an "Updated database successfully" message. Be patient. It takes about a minute to gobble all of them up. This week Asterisk shows there are 11.597 unique entries: database show blacklist

Redirecting Blacklisted Callers. Some may prefer to redirect blacklisted callers to a destination other than the default "the number is not in service" announcement. You can do this easily by installing the Lenny Blacklist Mod for FreePBX. Download the module from the link provided to your desktop. In the GUI, choose Admin -> Module Admin -> Upload Module. Choose the file you downloaded and click Upload from Hard Disk. Then enable the module and select the Lenny Blacklist Mod button from the GUI’s main status menu. You do NOT have to redirect callers to Lenny although that’s an option worth considering. A working version of Lenny is available at this SIP URI: SIP/2233435945@sip2sip.info

Blocking Anonymous Callers. By default, both scripts block anonymous callers by adding them to your Asterisk Blacklist. If you want to disable this feature, comment out line 37 in both of the scripts before running them.

Another View. Fred Posner’s blog has proffered a different view on the FCC RoboCall BlackList, and it’s something you should consider. We have responded to his article with a few comments that seek to lay out the factors everyone should individually evaluate before implementing anyone else’s blacklist. We also are sympathetic with Fred’s observation that the FCC should take proactive steps to notify affected violators that their number has been placed on the blacklist and provide an opportunity to respond. That’s nothing Allison + Asterisk couldn’t handle with ease. We’d be happy to donate the IVR code.


[soundcloud url="https://api.soundcloud.com/tracks/231404538″ params="auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&visual=true" width="450″ height="340″ iframe="true" /]

Other Helpful Hints. For other tips on getting the most out of this new software, we have a section on the PIAF Forum just for you. It addresses issues such as how to implement a BlackList with providers that deliver calls with 11 digits or that deliver NANPA calls with a +1 prefix. HINT: For providers such as CallCentric and Anveo that deliver calls in these formats, use context=from-pstn-e164-us. Come join the discussion. Enjoy!

11/11 Update. We’re now into the third iteration of the FCC RoboCall Blacklist, and there still appear to be a few problematic entries. For example, the main FedEx Customer Service number (800-Go-FedEx) remains in the blacklist.

To check whether a number is in the list, use this command:

asterisk -rx "database show blacklist/8004633339"

To manually delete an unwanted entry from the list after a database update:

asterisk -rx "database deltree blacklist 8004633339"

Originally published: Monday, November 2, 2015



Don’t forget to List Yourself in Directory Assistance so everyone can find you by dialing 411. And add your numbers to the Do Not Call Registry. Or just call 888-382-1222 from your new number.
 

 



Need help with Asterisk? Come join the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

The Rise and Fall of FreePIX: The 15-Year Journey of an Internet Sensation

NOTE: While on vacation, we dreamed up this fictional company depicting fictitious events to highlight some of the potential pitfalls which could arise when transfers of ownership lead to unanticipated future operational changes. Lawyers get paid to think about this stuff. Today, you get the hypotheticals at no charge. Give them some thought. WARNING: Do NOT visit the .com address associated with our fictional company. It takes NSFW to a whole new level. Similarities to existing companies are purely coincidental. We do not believe the facts depicted apply to any current owner of any company of which we are aware. But the scenario highlights what potentially could happen when a morphing project ultimately is sold to a company with vastly different objectives. We chose FreePIX for our company name because worldwide prior use by numerous entities would make ownership of the mark all but impossible.

Being huge fans of free photography, imagine our surprise upon first learning that the trademark for our new photography site was available. The next decade would see FreePIX.us grow into the largest public site for free storage of photos in the world. The beauty of FreePIX was two-fold. First, storage of an unlimited quantity of photos in any size and format was free. And the web-based GUI to view those photos was second to none. There were no restrictions on usage and no time limitations on free storage. It also provided a simple utility allowing developers to add new photography filters for site-wide use. In short, FreePIX was a photographer’s dream come true. Offload tens of thousands of photos into a high performance web site that’s available to friends and business clients at the click of a web browser button.

Going into our third year in "business" and reality is starting to sink in. People have lots of photos. What used to be one megapixel images have now quadrupled to four. Storage and bandwidth costs have escalated geometrically with the quadrupling of image sizes, but it’s worth it. We love photography. We’ve started to get inquiries from venture capitalists offering to help fund our site in exchange for a percentage interest in the company. No thanks!

We’re starting year five, and the average image now is 8 megapixels. What used to require a dedicated digital camera is now available on every smartphone. Our user base increased ten-fold in just the last year. And I desperately need some additional programming help to keep the web site ahead of the curve. Could also use some networking help to assist in managing the FreePIX storage platform. We’ve obviously got to figure some things out moving forward. Did we mention the storage and bandwidth costs have gone through the ceiling? One of the leading camera companies has made us an offer for the company. It’s not a lot of money, but we could still run the operation even though they would have the final say on future direction. They would simply insert a few ads on the web site to cover the costs. Some favorite commercial photographers of ours have also offered to lend a free hand with the programming and networking chores. Sounds like a good plan!

It’s year six, and our parent company just got sued for copyright infringement because a couple of jerks posted photos owned by some commercial photographers. The plaintiff’s lawyers want a lot of money for a silly mistake, but we obviously are going to need to tighten up and monitor the images that get posted. One of the image filtering apps on the site also looks strikingly similar to a commercial product with an existing patent on the specific filtering methodology. The parent company has brought in their legal team to make some changes.

It’s year seven now, and the parent company says it’s bleeding red ink on what they thought would be a charitable endeavor. And the legal hassles keep on coming. Sounds like FreePIX has been put on the auction block. Lucky for us, one of our commercial photographers has expressed an interest in buying everything, and he’s promised no major operational changes. He has some fresh ideas together with broad experience in the photography business so I think we’re in good shape moving forward. I can hardly believe how talented his programmers are. Looks like smooth sailing lies ahead.

It’s year nine now, and we’ve made further improvements. We now offer a library of commercial photos which can be licensed on the site. Doesn’t impact our free photo storage at all. The new owner now wants to restrict the site to non-commercial entities and to convert all of the photos to lower resolution to conserve disk space and reduce costs. I can’t much blame him. Can you believe commercial photography businesses store all of their work on our site? Doesn’t seem fair that we should foot the bill for their storage and bandwidth when they are competing with our commercial photography business.

We’ve also asked the programmers and lawyers to think of some ways to better insulate us from future copyright and trademark infringement lawsuits. They’ve come up with several ideas. First, we’d require indemnification of our legal expenses by anyone that uses our site. Second, we’d implement license keys for anyone posting images or apps on the site. This gives us a way to flag unauthorized material and warn visitors about the potential risk (as depicted above).1 Third, we’d impose a daily download limit of five images to further conserve our bandwidth. Finally, we’d ban other commercial entities from profiting off our site either with apps or commercial photography. These steps also provide a mechanism to quickly disable images and apps if we spot a problem with an individual poster or if an app competes with our own commercial products. Seems like a fair tradeoff for free photo storage. What’s not to like?

Fast forward to year 15 now. FreePIX has gone through a couple of additional owners. These owners have implemented pay-as-you-go image storage to cover bandwidth costs. Users were given 30 days of "free storage" to remove any photo collections. Only image applications sold by the site owner are now permitted on the site "for legal reasons." All images uploaded to and preserved on the site for more than 30 days become the exclusive, copyrighted property of the site owner.

The current owner has just received a $100 million purchase offer from a porn site that wants to monetize the 10 million registered users of the site. The potential buyer promises to preserve all photo content on the site for at least 30 days and will do nothing during that period to disable license keys or site access by current users. What could possibly go wrong?

Bar Exam Question: Would/should the results be any different with an open source, GPL platform where the owner retains exclusive control over issuance and termination of GPG keys needed to preserve the full functionality of the GPL software and access to the GPL repository with its keys?

Layman’s Translation: What if Dad gave me a shiny, new car but kept the keys?

Short-Term Fix for Incredible PBX GUI Users:

Originally published: Monday, July 27, 2015



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. This image is perfectly safe. WARNING is used only to demonstrate how the FreePIX site might protect itself with unregistered images. []

Decisions, Decisions: Choosing the SOHO Asterisk Platform That’s Best For You

Each year we like to revisit the topic of choosing the best Asterisk® platform for deployment in the home and small business environment. No solution is obviously right for everybody. But we think it’s important to sketch out the relevant factors that need careful evaluation before you begin the installation process.

Our focus today is open source, GPL platforms with Asterisk for home or SOHO deployments. That excludes a broad swath of equally capable commercial or proprietary alternatives including ThirdLane, Switchvox, and FreePBX® Distro as well as many unified communications solutions that do not rely upon the Asterisk telephony engine including FreeSWITCH, ShoreTel, Cisco, 3CX, and many others. If your requirements exceed telephony support for more than a few dozen employees, our recommendation is to hire a consultant that can assist you in that decision-making process.

When It Comes to Hardware, Size Matters!

Even in the telephony world, it’s true. Size Matters! Choosing an Asterisk platform for your home and choosing a telephony platform for a call center are very different beasts. Our traditional recommendation for home and SOHO deployments was to go with dedicated hardware with an appropriately sized Atom processor, RAM, and hard drive. In the words of Bob Dylan, "The Times They Are A Changin’." With the nosedive in Cloud processing costs and the emergence of powerful desktop virtual machine platforms, that may no longer be the smartest solution. First, it puts you in the hardware business which means you’ll have to deal with hardware failures and backups and redundancy. Second, depending upon where you live, it may not be cost-effective to maintain your own server. Electricity and Internet connectivity cost real money above and beyond hardware costs.

For home or SOHO deployments, it also depends upon what other computers already are in use around your house or office. For example, if you have a $2,000 iMac with a $100 backup drive running Carbon Copy Cloner each night, then you’ve already got a fully redundant server platform in place. You really don’t need a dedicated server for telephony to support a handful of telephones. VirtualBox® running any of the Incredible PBX™ solutions is free, and it’s fully capable of meeting your telephony requirements with no additional hardware investment.1 If your iMac’s main drive crashes, you can reboot from the attached USB backup drive with a single keystroke and never miss a beat. For those dead set on running dedicated hardware for your home or SOHO telephone system, there’s really no reason to spend more than $35 for a Raspberry Pi®. With its new quad-core processor and gig of RAM, it can meet or exceed any requirements you may have. Buy a second microSD card for redundancy and call it day as far as hardware is concerned.

If you’d prefer to separate your telephone system from your house or small office, a Cloud-based setup may be a better fit. Our Platinum sponsor, RentPBX,2 offers a worldwide collection of servers and will host your Asterisk-based PBX for $15 a month (Coupon Code: NOGOTCHAS) on a platform that rarely, if ever, goes down. If you like to tinker but also prefer a Cloud solution, consider Digital Ocean ($5 a month for a virtual machine) or Vultr ($2.50 a month) or HiFormance ($13/year). All four support Nerd Vittles with referral revenue which helps us keep the lights on.

NEWS FLASH: RentPBX now offers all of the new Incredible PBX builds with the Incredible PBX GUI. Tutorials available here: CentOS platform or Ubuntu platform. Use the NOGOTCHAS coupon code for $15/mo. pricing.

That’s our latest take on SOHO hardware. If you have additional questions or concerns, come join the PIAF Forum and take advantage of our hundreds of gurus who will give you all of the free advice you could ever want.

I’ve Got My Hardware Platform. Now What?

The next step is choosing an Asterisk telephony platform. That used to be easy. There was Plain Ol’ Asterisk if you were a guru or there was Asterisk@Home if you wanted a GUI to guide you through the telephony maze. Now it’s more complicated. There are a number of different Linux platforms. There are a number of different Asterisk versions. And there are a number of different GUIs that support Asterisk. So let’s work our way down the list starting with the Linux platform.

Choosing the Best Linux Platform for Asterisk

The gold standard for Asterisk servers has always been CentOS, a GPL clone of RedHat Enterprise Linux. It, too, is now owned by Red Hat. The old adage was that nobody ever got fired for recommending IBM. In the Asterisk community, that remains true with CentOS. Unfortunately, CentOS now comes in several flavors. There’s CentOS 6 or CentOS 7 which is a very different beast. For Asterisk deployments, you can’t go wrong with CentOS 6. It works well on the latest dedicated hardware and is supported on all virtual machine platforms.

As with choosing a language, you now have a choice of Linux platforms. There’s RedHat/CentOS, or Debian, or Ubuntu, or even Raspbian for the Raspberry Pi hardware. Unfortunately, the RedHat-CentOS and Debian-Ubuntu-Raspbian platforms have completely different languages, much like French and Spanish. The Linux packages that are included in the platforms also have different names. If you’re a Linux aficionado and you already have a favorite, stick with what you love. If you’re planning to deploy a Raspberry Pi, stick with Raspbian. For everyone else, CentOS 6 still is your best bet for now.

Choosing the Best Asterisk Platform

Believe it or not, there are many organizations still running their telephone systems using Asterisk 1.4 or 1.8 even though Digium support for those platforms ended years ago. In the commercial world, it is not uncommon to see telephone systems that are more than a decade old. With Asterisk, things are quite different. There’s a new version every year. Fortunately, Digium has adopted a new support philosophy and every other release (more or less) now is anointed with the LTS (Long Term Support) moniker. An LTS release gets four years of bug fixes and five years of security updates as opposed to the other releases that come with one year of bug fixes and two years of security updates. It’s still not 10 years, but it’s certainly better than wrestling with Asterisk updates annually.

We think there remains a need to reconsider these timetables. New updates have become so complex that the releases typically are almost two years into their life cycle before there is anyone that treats the releases as anything more than experimental. This was especially true of Asterisk 12 which was a terrific new product that provided dramatic improvements particularly in the SIP area. Unfortunately, it reached end-of-life status before most folks even had an opportunity to use it. Our recommendation remains Asterisk 13 which is an LTS version that’s rock-solid.

Choosing a GPL-Compliant GUI

Most of the GUIs for Asterisk have one primary purpose. They are code generators for the Asterisk telephony engine, nothing more. With each of them, you can turn off your web server after using the graphical user interface, and your phone system will continue to work as designed. The exception to that is Wazo which is an awesome real-time implementation of Asterisk. The only drawback is its steep learning curve.

In the top right sidebar of Nerd Vittles, you’ll find a colorful list of all the Asterisk distributions we support. The good news for you is they’re all free. So take a little time and load up several of them. Kick the tires until you find one that is easy for you to deploy. Our personal favorite remains Incredible PBX® 13-13, but you can’t go wrong with Issabel® or Wazo. Rome wasn’t built in a day so don’t expect to master Asterisk in a couple of hours. We’ve been at it for ten years and still learn something new almost every day. And that’s the fun of it.

A 3-Click Decision Tree for Asterisk

Now that you have the background, we also wanted to provide a simple Decision Tree tool that will guide you through choosing the Asterisk GPL aggregation that best meets your needs. After you’ve made your selections, the utility will point you to the tutorials that will walk you through downloading, installing, and using the platform of your choice. Just click here to get started. Enjoy!

Originally published: Monday, June 22, 2015  Updated: Wednesday, February 21, 2018



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. We will introduce the all-new Incredible PBX GUI platform for VirtualBox next week on Nerd Vittles. If you’re in a hurry, the Pioneer’s Edition now is available with a tutorial to get you started on the PIAF Forum. []
  2. Some of our links refer users to service providers when we find their prices are competitive for the recommended products. Nerd Vittles receives a small referral fee from some of these providers to help cover the costs of our blog. We never recommend particular products solely to generate commissions. However, when pricing is comparable or availability is favorable, we support these providers because they support us. []

View from the Trenches: A Fresh Look at VoIP Project Development in the Cloud

The world of cloud-based computing has profoundly changed over the past year. And today we want to take a fresh look at the cloud landscape for those of you that spend considerable time experimenting or tweaking software applications either for customers or for your own organization.

First, a brief paragraph of history. We began our cloud experiments almost seven years ago when Amazon S3 was still in its infancy. At the time, Amazon S3 was a real bargain even with all its development quirks. The adventure continued when we moved some production level systems to Amazon’s EC2 cloud in early 2013. What we quickly learned was just how expensive cloud computing could be once you reached the end of your "free year" with Amazon. As the cloud options continued to bloom, RentPBX began providing technical and financial assistance to our projects while also offering inexpensive, production-quality VoIP services in the cloud at truly bargain basement prices: $15 a month. That barely covers the electric bill for many folks hosting their own local servers. And RentPBX servers are unique. They don’t commingle other processor-intensive applications on their servers. All of their servers are pure VoIP which makes for an incredibly reliable cloud-based platform. Our special pricing still is available for those using PBX in a Flash and Incredible PBX. Just sign up with the coupon code: NOGOTCHAS. So that’s a little background.

But there are many of us that develop systems and experiment with new offerings as part of our daily routine. We build systems. We tweak systems. We blow up systems. And we start over, sometimes dozens (hopefully not hundreds) of times. To give you an example, our typical Incredible PBX build to support a new platform goes through twenty to thirty iterations before all of the kinks are worked out of the code. And that’s before the software development teams for CentOS, Ubuntu, Asterisk, Apache, SendMail, MySQL, and the Raspberry Pi "improve" anything. A production-quality cloud service really isn’t flexible enough to support this type of activity, and an affordable local server lacks the horsepower to keep setup times reasonable. On occasion, we use a high performance iMac coupled with VirtualBox for development, but that introduces some quirks that typically aren’t found on real world servers.

The good news is that there are two relatively new cloud offerings that fit very well with the requirements needed for rapid application development. We use both of them in slightly different ways so let us share our experience in hopes that it will save many of you some time experimenting.

We can’t say enough good things about Digital Ocean. Despite a few growing pains from time to time, Digital Ocean provides a vast assortment of cloud-based servers scattered all around the world. There are servers in New York, San Francisco, Amsterdam, London, Frankfurt, and even Singapore. You can size your development platform to meet almost any requirement with prices starting at about 5¢ for a 7-hour day of development. That buys you a speedy 512MB/single-CPU platform with 20 gigs of storage and a terabyte of monthly bandwidth. Add a (free) 1GB cache to your build, and it’s the performance equivalent of our $3,000 standalone Dell servers. You can scale up from there to a platform with 64GB of RAM, 20 CPUs, 640GB SSD drive, and 9 terabytes of monthly data transfer for less than $1 an hour. The difference with this platform is you can create a CentOS, Ubuntu, Fedora, FreeBSD, or Debian server of any recent vintage in about one minute. There’s also a vast array of preconfigured applications for the specialists of the world:

Using our referral code, you get $10 of free service while we get a little spiff down the road to keep the Nerd Vittles lights on. Tear down of servers is almost instantaneous, and you simply pay for the time you used. Using the small platform for 90 minutes will set you back a whole penny. Some of our PBX in a Flash users are actually running production-level servers on this platform (which we don’t recommend), and the monthly cost is capped at $5. One of the best kept secrets at Digital Ocean is that you can take snapshots of your builds and store them at little to no cost. We have a dozen of them and have never paid a penny in storage fees. You also have the option of off-site backups for production platforms.

The new kid on the block is CloudAtCost.com. If you’re not into bleeding edge, this probably isn’t the offering for you. But it is dirt cheap. While you can pay by the month, CloudAtCost also has a revolutionary marketing strategy. You can pay for your virtual machine once (almost always at a substantial discount off the listed prices), and you get to use "your server" forever at no additional cost… at least as long as CloudAtCost stays in business. If this sounds like a pyramid scheme, you probably wouldn’t be the first to suggest that. Suffice it to say, their business has grown geometrically over the past year. And they recently announced CloudPRO which lets you pool resources from servers you previously have bought, and use them in much the same way as Digital Ocean but with no additional charges. So here’s today’s pricing:

To put things in perspective, the virtual machine equivalent of Digital Ocean’s smallest setup costs $17.50, ONE TIME! The Big Dog 3 platform with a one-time fee of $560 migrated to CloudPRO would provide you with the capability to create 8 smaller systems (1 CPU, 1GB RAM, and 10GB storage) as desired with no bandwidth limitations forever.1 Download and upload performance is fairly impressive using speedtest-cli:

So what’s the catch. Well, there are some. First, as you might imagine, these folks are much like the fella laying track in front of the steaming locomotive. Will that ever end? You’d better hope not because, when it does, the entire house of cards may come down. While Digital Ocean typically builds virtual machines in under a minute, CloudAtCost turnaround times are close to a day. Once your server is actually working, we’ve had a pretty good experience with the performance quality although there can be rough spots that usually are resolved within a day. The promise, of course, is to get build times down to a minute or two. But, frankly, we’re not holding our breath. As for platform support, there are plenty of options just like with Digital Ocean:

What is this platform good for? In our case, it’s almost perfect for off-site backups. You can judge the web performance for yourself by visiting the backup site for Nerd Vittles, or the PIAF Forum, or Incredible PBX, or PBX in a Flash. Would we use CloudAtCost for production? Not a chance. But for backups and demo servers, it’s AWESOME and CHEAP! If you’re a Nerd Vittles early bird, you can use our coupon code for an additional 20% off: Zu2eXYDYtU.

DEMO SERVER. We’ve actually set up an Incredible PBX server with Google Voice and an IVR of sample applications so you can judge the CloudAtCost performance for yourself. You can even try hacking the IP address if that’s your thing. We always love to test our firewall: nmap -sT -O 162.252.242.229. To try out Allison’s IVR, enter your 10-digit callback number below and then click the Click Here button once. Count to 10 and your phone should be ringing. After you answer the call and press 1, you’ll be connected to the IVR Demo in Canada. Don’t be shy.

Nerd Vittles IVR Demo Options
1 – Call by Name (say “Delta Airlines” or “American Airlines” to try it out)
2 – MeetMe Conference (password is 1234)
3 – Wolfram Alpha (say “What planes are overhead?”)
4 – Lenny (The Telemarketer’s Worst Nightmare)
5 – Today’s News Headlines
6 – Weather Forecast (say the city and state, province, or country)
7 – Today in History
8 – Speak to a Real Person (or maybe just Lenny if we’re out)

Originally published: Cinco de Mayo, 2015



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. forever: as long as CloudAtCost.com stays in business []

Firewalls and Internet Security: Separating FUD and Fiction in the VoIP World

Some of us have spent years developing secure VoIP solutions for Asterisk® that protect your phone bill while bringing Cloud-based solutions within reach of virtually anyone. So it’s particularly disappointing when a hardware manufacturer spreads fear, uncertainty, and doubt in order to peddle their hardware. In this case, it happens to be Session Border Controllers (SBCs). We want you to watch this latest "infomercial" for yourself:


https://youtu.be/Bp_7m64k_ko

To hear Sangoma tell it, every VoIP server protected by merely a firewall is vulnerable to endless SIP attacks unless, of course, you purchase an SBC. And since implementation of Cloud-based servers traditionally limits the ability to deploy an SBC, most Cloud-based VoIP solutions would become vulnerable to SIP attacks. In the words of Sangoma:

And with telecom fraud and PBX hacking on the rise, it’s important to keep your network secure. For most enterprises, it’s not a matter of if-but-when their [sic] network experiences an attack, potentially costing you valuable time and money.

Now Sangoma is touting an article in a blog from the U.K. that begins with the headline "Why Firewalls are not Enough." The purported author is Jack Eagle, who is otherwise unidentified. Not surprisingly, the owner of the blog happens to be a reseller of Sangoma hardware. Here’s what Jack Eagle suggests:

In addition, the inherent function of firewalls is to deny all unsolicited traffic. Whereby, the act of making a phone call is an unsolicited event, thus, firewalls can be counterproductive to an effective VoIP deployment by denying VoIP traffic.

For the benefit of those of you considering a VoIP deployment either locally or in the Cloud using Asterisk, let’s cut to the chase and directly address some of the FUD that’s been thrown out there.

FUD #1: Internet SIP Access Exposes Asterisk to Attack

False. What is true is that unrestricted SIP access to your server from the Internet without a properly secured firewall may expose Asterisk to attack. Perhaps it’s mere coincidence but the only major Asterisk aggregation that still installs Asterisk with an unsecured firewall and no accompanying script, tutorial, or even recommendation to properly lock it down and protect against SIP attacks happens to be from the same company that now wants you to buy a session border controller.

FUD #2: Firewalls Aren’t Designed to Protect Asterisk from SIP Attacks

False. What is true is that the base firewall installation provided in the FreePBX® Distro does not protect against any attacks. In a Cloud-based environment or with local deployments directly exposed to the Internet, that could very well spell disaster. And it has on a number of occasions. The Linux IPtables firewall is perfectly capable of insulating your Asterisk server from SIP attacks when properly configured. With PBX in a Flash and its open source Travelin’ Man 3 script, anonymous SIP access is completely eliminated. The same is true using the tools provided in the latest Elastix servers. And, Incredible PBX servers have always included a secured firewall with simple tools to manage it. Of course, with local VoIP hardware and a hardware-based firewall, any Asterisk server can be totally insulated from SIP attacks whether IPtables is deployed or not. Just don’t open any ports in your firewall and register your trunks with your SIP providers. Simple as that.

FUD #3: SIP Provider Access to Asterisk Compromises Your Firewall

False. Registering a server with SIP or IAX trunk providers is all that is required to provide secure VoIP communications. Calls can flow in and out of your Asterisk PBX without compromising your server or communications in any way. Contrary to what is depicted in the infomercial, there is no need to poke a hole in your firewall to expose SIP traffic. In fact, we know of only one SIP provider that requires firewall changes in order to use their services. Simple answer: use a different provider. Consider how you access Internet sites with a browser from behind a firewall. The connection from your browser to web sites on the Internet can be totally secure without any port exposure in your firewall configuration. Registering a SIP trunk with a SIP provider accomplishes much the same thing. All modern firewalls and routers will automatically handle the opening and closing of ports to accommodate the SIP or IAX communications traffic.

FUD #4: Remote Users Can’t Access Asterisk Without SIP Exposure

False. Over the past several years, we have written about a number of methodologies which allow remote users to securely access an Asterisk server. That’s what Virtual Private Networks and Port Knocking and Remote Firewall Management are all about. All of these solutions provide access without exposing your server to any SIP vulnerabilities! We hope the authors of this infomercial will give these open source tools a careful look before tarnishing the VoIP brand by suggesting vulnerabilities which any prudent VoIP deployment can easily avoid without additional cost. Just use the right products!

Originally published: Thursday, April 23, 2015



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

The Gotcha-Free PBX: Simon Telephonics New SIP Gateway for Google Voice

We promised you that free Google Voice calling in the U.S. and Canada would soon be available on every Asterisk® platform whether the platform supported Asterisk Motif or not. And this week we’re covering the second SIP gateway offering for Google Voice. We introduced Bill Simon’s first Google Voice gateway back in June of 2012. This time around the latest iteration features secure OAUTH authentication so there’s no need to divulge your Google Voice credentials. Once you’ve set up your account on the Simonics Google Voice Gateway site,1 you simply create a standard SIP trunk on your Asterisk server or SIP device of choice, and PRESTO! You get secure authentication to Google Voice without worrying whether Google will drop support for insecure authentication methods such as Asterisk Motif down the road. And you can set all of it up for a one-time setup fee. For Nerd Vittles readers, you get $1 off the current $5.99 fee by using this link. Unlike last week’s GVsip offering, the new Simonics service includes free CallerID name lookups plus the ability to connect multiple devices at multiple sites and communicate between the devices using some clever SIP magic. You also can map incoming calls to any SIP URI rather than just the destination from which you register a Google Voice account. This new gateway is a real winner!

Why do this? There are several reasons aside from the free calls and free phone number. First, Google has warned for years that insecure authentication to Google Voice is going away. It hasn’t yet which is the reason Asterisk Motif logins still work. When Google finally pulls the plug (and they will), your Google Voice days are over using the Asterisk platform. Second, some of the Asterisk aggregations such as Elastix® never supported Google Motif. Hence, free Google Voice calling wasn’t available at all to those using the Elastix platform. That limitation is now a thing of the past. You can create a simple SIP trunk and begin enjoying free Google Voice calling in the U.S. and Canada just like some of the rest of us have been doing for years. Third, Google Voice support was the sole reason that many have stuck with the FreePBX® GUI despite the gotchas. Now you have a choice. Any Incredible PBX™ or Asterisk-GUI™ server now supports Google Voice without your having to worry about constant changes to the Asterisk Motif driver to support refinements at the Google Voice end. Now it’s a pure SIP trunk using pure SIP technology as far as Asterisk is concerned. The only limitation is the one imposed by Google. You need to reside in the United States to use Google Voice even though free calling is available to the U.S. and Canada.

If you have difficulty finding the Google Chat option after setting up a new Google Voice account, follow this tutorial.

1. Using your favorite browser, log in to the Google Voice account you wish to associate with the Simonics SIP gateway. Be sure that you’ve enabled Google Chat in your Google Voice setup.

2. Using a separate tab of your browser, connect to the Simonics Google Voice Gateway site.

3. Go through the steps to register your Google Voice account with the Simonics Google Voice gateway and obtain your credentials.

4a. For those using FreePBX or Elastix, use another tab of your browser to open the GUI interface and create a new SIP trunk using your new SIP login credentials. Replace 8005551212 with your actual Google Voice number and YOUR-SIP-PW with your actual Simonics SIP password in BOTH the PEER Details and Registration String. Add your Google Voice number to the end of the Registration String like this: GV18005551212:YOUR-SIP-PW@gvgw.simonics.com/8005551212

4b. For those using Incredible PBX for Asterisk-GUI, simply download and run our One-Click Installer. You’ll need your Simonics SIP account name and password plus a two-digit dialing prefix to use for outbound calls. It’s that simple!

cd /root
wget http://incrediblepbx.com/simonics-addon.tar.gz
tar zxvf simonics-addon.tar.gz
rm -f simonics-addon.tar.gz
./simonics-addon.sh

Once you’ve finished running the script, your trunk will be up and running. There’s no requirement for steps #5 and #6 with Asterisk-GUI. If desired, jump to Step #7 to set up a SIP URI for your incoming calls.

5. Create an Inbound Route for your incoming calls using the 10-digit number you entered at the end of the Registration String in step #4a.

6. Create an Outbound Route for outgoing calls that should be handled by your Google Voice trunk. The CallerID number will be your Google Voice number. You cannot change it.

7. If you’d prefer to send incoming calls to a designated SIP URI instead of the server that registered with the Simonics gateway, enter the address in the format: pbx@myserver.xyz. For additional details, read our previous article on SIP URIs.

8. Repeat this setup procedure for as many Google Voice accounts as you wish to activate using the steps above. If you’re using Incredible PBX for Asterisk-GUI, remember to edit the script and change the TRUNK=simonics entry to something like TRUNK=simonics2. Also use a unique two-digit dialing prefix for each trunk. Be sure to logout of your previous Google account before repeating the drill. Enjoy!


Don’t forget to List Yourself in Directory Assistance with your new IPkall PSTN number so everyone can find you by dialing 411. And be sure to add your new number to the Do Not Call Registry to block telemarketing calls.

Originally published: Monday, April 13, 2015


Support Issues. With any application as sophisticated as this one, you’re bound to have questions. Blog comments are a terrible place to handle support issues although we welcome general comments about our articles and software. If you have particular support issues, we encourage you to get actively involved in the PBX in a Flash Forums. It’s the best Asterisk tech support site in the business, and it’s all free! Please have a look and post your support questions there. Unlike some forums, ours is extremely friendly and is supported by literally hundreds of Asterisk gurus and thousands of users just like you. You won’t have to wait long for an answer to your question.



Need help with Asterisk? Visit the PBX in a Flash Forum.


 

Special Thanks to Our Generous Sponsors


FULL DISCLOSURE: ClearlyIP, Skyetel, Vitelity, DigitalOcean, Vultr, VoIP.ms, 3CX, Sangoma, TelecomsXchange and VitalPBX have provided financial support to Nerd Vittles and our open source projects through advertising, referral revenue, and/or merchandise. As an Amazon Associate and Best Buy Affiliate, we also earn from qualifying purchases. We’ve chosen these providers not the other way around. Our decisions are based upon their corporate reputation and the quality of their offerings and pricing. Our recommendations regarding technology are reached without regard to financial compensation except in situations in which comparable products at comparable pricing are available from multiple sources. In this limited case, we support our sponsors because our sponsors support us.

BOGO Bonaza: Enjoy state-of-the-art VoIP service with a $10 credit and half-price SIP service on up to $500 of Skyetel trunking with free number porting when you fund your Skyetel account. No limits on number of simultaneous calls. Quadruple data center redundancy. $25 monthly minimum spend required. Tutorial and sign up details are here.

The lynchpin of Incredible PBX 2020 and beyond is ClearlyIP components which bring management of FreePBX modules and SIP phone integration to a level never before available with any other Asterisk distribution. And now you can configure and reconfigure your new Incredible PBX phones from the convenience of the Incredible PBX GUI.

VitalPBX is perhaps the fastest-growing PBX offering based upon Asterisk with an installed presence in more than 100 countries worldwide. VitalPBX has generously provided a customized White Label version of Incredible PBX tailored for use with all Incredible PBX and VitalPBX custom applications. Follow this link for a free test drive!
 

Special Thanks to Vitelity. Vitelity is now Voyant Communications and has halted new registrations for the time being. Our special thanks to Vitelity for their unwavering financial support over many years and to the many Nerd Vittles readers who continue to enjoy the benefits of their service offerings. We will keep everyone posted on further developments.
 



Some Recent Nerd Vittles Articles of Interest…

  1. In addition to substantial technical assistance, Simon Telephonics is also a financial contributor to the Nerd Vittles project. []