News items for tag asterisk - Koos van den Hout

2015-04-26 Upgrading the homeserver to Ubuntu 10.04 5 years ago
This weekend was about the last weekend that I could have access to Ubuntu 10.04 LTS for upgrading my homeserver greenblatt from Ubuntu 8.04 to Ubuntu 10.04 which will run out of support this month, making it unavailable as an upgrade path. I postponed this for way too long because I expected a lot of work fixing things, especially asterisk which runs our home phone system.

The solution to asterisk was simple: I disabled it and reprogrammed a Gigaset C450IP base to deal with our VoIP provider directly. After all the upgrading is done I'll go fix things with the OpenVox ISDN card in a test machine and when all is stable again I will move things to production.

For the rest it was a matter of typing 'do-release-upgrade' and hope for the best. Reconfiguring packages took the longest and the biggest issue was that the upgrade from Postgres 8.3 to Postgres 8.4 wasn't done automatically but I had to do this myself using the hints from How tu [sic] upgrade Postgresql 8.3 database file to 8.4 - stackoverflow.

The documentation says to do this beforehand but Postgresql 8.4 isn't available before the upgrade and it took a bit of fiddling to have Postgresql 8.3 available after the upgrade. But then pg_upgradecluster ran. It complained about a few tables and the end result I noticed was that those tables were dropped out of the upgrade completely. I re-enabled Postgresql 8.3 and migrated those databases or tables using pg_dump. Not a complete smooth upgrade but I think it went ok.

Tags: , , ,
2015-02-24 More work on getting asterisk to work as an ISDN network terminator on the test server 5 years ago
I dug up all the tools needed to test the isdn setup in the test server: an old sitecom ISDN card with HFC-S chipset, an ISDN cross cable, a fritzbox with external S0 bus and an analog phone set.

It took me a while to get all 3 channels in the ISDN card active in Asterisk, I 'missed' the fact that the oslec echo canceller wasn't loaded due to a module versioning problem. At first it showed:
root@metcalfe:~# lsdahdi
### Span  1: DAHDI_DUMMY/1 "DAHDI_DUMMY/1 (source: HRtimer) 1" (MASTER)
### Span  2: ZTHFC1 "HFC-S PCI A ISDN card 0 [NT] " AMI/CCS
  1 BRI        Clear       (In use)
  2 BRI
  3 BRI
The switch from oslec to mg2 fixed things:
root@metcalfe:~# lsdahdi
### Span  1: ZTHFC1 "HFC-S PCI A ISDN card 0 [NT] " AMI/CCS
  1 BRI        Clear       (In use) (EC: MG2 - INACTIVE)
  2 BRI        Clear       (In use) (EC: MG2 - INACTIVE)
  3 BRI        Hardware-assisted HDLC  (In use)
### Span  2: DAHDI_DUMMY/1 "DAHDI_DUMMY/1 (source: HRtimer) 1" (MASTER)
But whatever I tried: no dialtone. Time to also hook up a SIP phone to initiate calls the other way.
Read the rest of More work on getting asterisk to work as an ISDN network terminator on the test server

Tags: , ,
2013-08-14 (#) 6 years ago
An interesting twist in the microsoft support scam calls: 7 call attempts within 2 seconds. So asterisk can only forward the first 2 calls to the isdn phones in the house and the next five go to voicemail instantly.
sqlite> select src,start,answer,end from cdr where .. order by start;
0016077329064|2013-08-14 13:12:16|2013-08-14 13:12:47|2013-08-14 13:12:53
0016308599364|2013-08-14 13:12:16|2013-08-14 13:12:47|2013-08-14 13:12:52
0015852439807|2013-08-14 13:12:17|2013-08-14 13:12:18|2013-08-14 13:12:40
0017187455293|2013-08-14 13:12:17|2013-08-14 13:12:18|2013-08-14 13:12:23
0016073249764|2013-08-14 13:12:17|2013-08-14 13:12:17|2013-08-14 13:12:23
0016073639777|2013-08-14 13:12:17|2013-08-14 13:12:17|2013-08-14 13:12:22
0016265749227|2013-08-14 13:12:17|2013-08-14 13:12:17|2013-08-14 13:12:22
Bug in the call handling on the scamming side? Nobody was available to be scammed.

Tags: , , ,
2013-05-13 (#) 7 years ago
De laatste tariefsverhoging van KPN voor het vaste net, met als excuus uitleg:
Steeds minder mensen maken gebruik van de vaste telefoon waardoor de kosten per gebruiker stijgen. Daarom zijn wij genoodzaakt om enkele tarieven te verhogen.
maakte het tijd om een portering aan te vragen naar een VoIP aanbieder. Per maand betaal ik voor ISDN1 met belvrij weekend straks EUR 23.43 (was EUR 21.24).

ISDN is een hele mooie technologie, en ik vind het jammer om er minder mee te doen, maar de tarieven zijn dusdanig dat het de moeite is om met VoIP te gaan bellen. SIP geeft me zeker bij een provider die het goed implementeert en weet dat er mensen asterisk gebruiken vergelijkbare signalering en informatie. Een Internet aansluiting willen we toch altijd wel hebben dus de telefonie kan daar ook overheen.

Tags: , ,
2013-05-03 (#) 7 years ago
Upside of using asterisk for the home telephony: it's quite easy to browse the call detail records and do some calculations on them. So when our fixed line provider came with yet another price increase it was time to shop around for better options. And comparing rates is a lot easier when you have an exact log of how many calls for how long to which destinations were made in the previous months.

I'll miss the high level of control and call-progress indication ISDN offers, but prices for SIP accounts are a lot better and call-progress for SIP is comparable to ISDN.

Tags: , ,
2013-03-03 (#) 7 years ago
Interesting new twist between all the attempts to reach Palestinian cell phone numbers: one try to reach the US embassy in The Hague. I guess someone attempting to abuse my SIP server thought maybe just international calls are blocked and used a number which is easy to find from abroad. Incoming audio was recorded, but it's a recording of pure silence.

Tags: , , ,
2013-02-25 (#) 7 years ago
New attempts to get a call out via the unauthenticated SIP context on my asterisk testserver, this time attempts to get connected to +96277xxxxxxx numbers. These are Orange Jordan mobile phone numbers. The originating IPs are also in Jordan so I guess the attacker is waiting for the mobile phone to ring.

Tags: , , ,
2012-12-23 (#) 7 years ago
Vandaag een PTT Ericsson model 51 DTMF geleerd met behulp van de DTMF omzetter van met ondersteuning voor PTT Ericsson model 51. Een wandtoestel wat een ontwerp is uit 1951. Het toestel wat we onderhanden hadden had een productiedatum 'VII 1964', vermoedelijk dus juli 1964. De PTT W65 is de opvolger hiervan.

Na het werkend krijgen van de DTMF omzetter hebben we het toestel aangesloten op een Cisco ATA 186 die gekoppeld is met de asterisk testcentrale zodat we de sprekende klok in asterisk en het weerbericht in asterisk konden bellen. En natuurlijk de telefoon laten rinkelen!

Tags: , , ,
2012-10-09 (#) 7 years ago
I just found Intercept Service with Jane Barbe where ElmerCat has put a lot of time and energy into saving, splitting and digitizing phone phreaking recordings. My first thought was to take the Jane Barbe recordings and set up a few intercepts of my own. Maybe for playing with the people who try to break in to my asterisk testserver or (more constructive) to set up a Jane Barbe intercept service which can be used on Collectors*Net.
Found (unsurprisingly) via "1000 Abstract Machines" ... and a New Generation of Phone Phreaks? - The History Of Phone Phreaking.

Update: Ok, using the 'Jane Barbe' digits in Asterisk isn't very hard. Download the .mp3 files from soundcloud and convert them to the asterisk .gsm format:
$ mkdir janebarbe
$ sox JB-0-neutral.mp3 -r 8000 -c 1 janebarbe/0.gsm
$ sox JB-is-not-in-service.mp3 -r 8000 -c 1 janebarbe/is-not-in-service.gsm 
$ sox JB-the-number-you-have-reached.mp3 -r 8000 -c 1 janebarbe/the-number-you-have-reached.gsm
And put that entire janebarbe directory in the directory where asterisk expects the digit files for language 'janebarbe' which is /usr/share/asterisk/sounds/digits/janebarbe/ in the 'old' directory structure and /usr/share/asterisk/sounds/janebarbe/digits/ in the 'new' directory structure. Look at Asterisk multi-language - for details on directory structures.

Using the digits is now simple, a test:
exten => s,1,Answer()
exten => s,n,Wait(1)
exten => s,n,Playback(digits/janebarbe/the-number-you-have-reached)
exten => s,n,Set(CHANNEL(language)=janebarbe)
exten => s,n,SayDigits(1234567890)
exten => s,n,Playback(digits/janebarbe/is-not-in-service)
exten => s,n,Hangup
Will have Jane Barbe telling you what you expect. This can be used as an invalid-number intercept.

Tags: , , , , ,
2012-08-26 (#) 7 years ago
Ik heb een echte originele T65 draaischijftelefoon te pakken gekregen. Productiedatum april 1985. Ik ga hem nog schoonmaken. In een simpele test kwam ik al gauw achter een te verwachten probleem: de ATA die ik gebruik voor VoIP experimenten, een cisco ata 186, snapt geen pulsedialing. Maar voor inkomende gesprekken is deze telefoon al goed genoeg. Misschien handig voor inkomende gesprekken op Collectors*Net!

Later viel me trouwens iets op aan de productiedatum: in juni 1978 hadden we thuis al een telefoon met druktoetsen en dtmf. Maar dtmf ondersteuning werd in Nederland gefaseerd ingevoerd, toen ik in 1984 stage liep bij kpn telecom waren er nog electromechanische centrales in Utrecht die geen dtmf ondersteuning hadden.

Update 2012-08-28: Een echte T65 draaischijftelefoon is voor iedereen bereikbaar: bij de webwinkel van het Staatsbedrijf der Posterijen, Telegrafie en Telefonie zijn ze te koop. Prachtige website met de nodige Nederlandse telefoonhistorie met een knipoog.

Tags: , , ,
2012-01-11 (#) 8 years ago
Post-mortem overview of a broken-into asterisk install: Asterisk hack post-mortem - Tom Keating tncnet. Nice article, showing how researching a system after a break-in can go from one strange thing to another. Using asterisk .call files to make calls is an interesting new approach to me.

Interesting patterns in trying to reach mobile numbers in the Middle-East. Patterns I have seen several times before on an asterisk server. Keep it safe, especially on asterisk where this can cost real money.

Found via @teamcymru on twitter.

Tags: , , ,
2012-01-06 (#) 8 years ago
More attempts to reach Palistinian telephone numbers (+972) via my SIP server, exactly like the attempts last July to reach Palestina mobile numbers. But the upstream audio is the same professional-sounding voice as I heard last December trying to reach a US number. An interesting combination of factors.

So I'm asking the lazywebs: does someone recognize this voice?
Listen to audio attachment:
MP3 media: Wrong number incoming golden voice (rightclick, select save-as to download)

Tags: , , ,
2011-12-09 (#) 8 years ago
Another weird thing recorded on the SIP honeypot: Something which to me sounds like a recording of a voice artist (or 'golden voice'). It was an attempt to use the server from a Palestinian IP to reach +1-404-260-5390, a US phone number for a conferencing system. The recording is attached: note that the audio is very choppy, probably due to packet-loss between the originator in Palestina and my server.
Listen to audio attachment:
MP3 media: Wrong number incoming golden voice (rightclick, select save-as to download)

Tags: , , ,
2011-11-28 (#) 8 years ago
Like in July, attempts to reach Jawwal telecom mobile numbers in Palestina via an asterisk server. But this time with incoming audio, I hear kids in the background and some talking. Very garbled: lots of packet loss on the line and the audio clips. So somebody got a bit of a disappointment when this route for free calls wasn't working out.

Tags: , , ,
2011-07-24 (#) 8 years ago
Most of the attempts at toll fraud through an asterisk server set to catch and record these are lately for a number matching +97259xxxxxxx which according to Telephone numbers in Israel - Wikipedia is a 'Jawwal' mobile number in Palestina. Interesting... not a really expensive call to make but I can imagine a certain interest in hard-to-trace calls to that part of the world, especially since these seem to be routed via Israel. According to the explanation on Telephone numbers in the Palestinian territories - Wikipedia +970 is also the country code for Palestina but it depends on which country you are calling from whether +970, +972 or both work. Politics in phone numbers. The +970 route was never tried via my asterisk.

Tags: , , ,
2011-07-18 (#) 8 years ago
First good catch after updating the scripts for capturing the audio on attempts at toll fraud through an asterisk server, some calls with incoming audio logged to disk, and some with absolute silence. The calls with audio have serious noise in the background, my best guess is airco noise. But some typing can be heard, some other sounds and one even with a word at the end. I added some audio from that last one.

Boiler-room type telecoms fraud operation? You decide!

What this does mean to me is that someone is actually doing real work to find opportunities for routing calls without paying. This is not an automated script, this is an actual person doing the work.
Listen to audio attachment:
MP3 media: Wrong number airco noise (rightclick, select save-as to download)

Tags: , , ,
2011-07-15 (#) 8 years ago
I updated the scripts for capturing the audio on attempts at toll fraud through an asterisk server so there is some call progress sound before the 'wrong number' recording is played. I also switched from MixMonitor to Monitor which saves incoming and outgoing audio separately, so it is easier (for me) to check the incoming audio for interesting bits.

This is what the asterisk code now looks like:
exten => _00.,1,Set(filename=${STRFTIME(${EPOCH},,%Y%m%d-%H%M%S)})
exten => _00.,n,Monitor(wav,wrongnum-${filename})
exten => _00.,n,Playback(wrong/callprogress)
exten => _00.,n,Goto(wrongnumber,s,1)
And you can hear what the 'caller' would hear in the attached mp3 file.
Listen to audio attachment:
MP3 media: Wrong number capture (rightclick, select save-as to download)

Tags: , , ,
2011-06-13 (#) 8 years ago
I captured some audio in asterisk using the MixMonitor command, like:
exten => _00.,1,Set(filename=${STRFTIME(${EPOCH},,%Y%m%d-%H%M%S)})
exten => _00.,n,NoOp(${CHANNEL} tried to reach ${EXTEN} logging to wrongnum-${filename})
exten => _00.,n,MixMonitor(wrongnum-${filename})
exten => _00.,n,Goto(wrongnumber,s,1)
But I wanted to listen to the audio. Which turned out to be a bit of searching. In the end I found the right sox call:
$ play -e signed -r 8000 -b 16 -c 1 keep-20110604-184522.raw


 File Size: 647k      Bit Rate: 128k
  Encoding: Signed PCM    
  Channels: 1 @ 16-bit   
Samplerate: 8000Hz       
Replaygain: off         
  Duration: 00:00:40.42  

In:58.3% 00:00:23.55 [00:00:16.87] Out:188k  [!=====|=====!] Hd:0.0 Clip:0    
Converting to a .wav to process in audacity is easy too:
$ sox -e signed -r 8000 -b 16 -c 1 keep-20110604-184522.raw wrongnum-20110604-184522.wav

Tags: , , ,
2011-04-21 (#) 9 years ago
Just had a call with a caller-id in Djibouti and when I answered I heard a short beep followed by silence and the word "Goodbye" clearly from an Alison recording as available in Asterisk.

I guess at least a voip server somewhere in Djibouti has an abuse problem.

Tags: , , ,
2011-03-11 (#) 9 years ago
Voor het weerbericht in Asterisk gebruik ik nu festival open source speech synthesis (spraak generator). Ik heb voor de aardigheid eens gespeeld met de demo-versie van Cepstral text-to-speech en dat klinkt stukken beter. Als ik iets serieuzer dan 'demo scriptje' text to speech zou willen zou ik wel cepstral aanschaffen en gebruiken.

Tags: ,
  Older news items for tag asterisk ⇒
, reachable as PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews