In this economic, certifications have been a useful weapon to prof others your skills. There is not doubt about that. Certifications are also useful to get your dreamed work (if you know how to play well that card) but not everybody plays fair.
When looking for a job you will see many posts asking for certified people, if you are lucky you will be contacted back asking for more details and to show the certifications you are claiming. However, not everybody is fair; some employers just need your certificate to show them in a call for proposal to win a bid. So this is a problem, how you as a professional can show your credentials without being fooled. Here it is where the digital badges are useful.
Before I forget this, today I had an emergency call from one of my dearest customers and friends. This conference room was having choppy sound, but strange it was, it only happened when the call came from the PSTN network (through an external profile), all local registered endpoints were okay. His scenario was the following:
For those who don't know, conference room are very handy. They allow to talk among many endpoints at the same time, it is like being in the same room.
So here it is how I fixed it.
Network Operation is a pretty area where you can get a lot of experience, and one topic that comes to my mind right away is the prioritizing issue. Prioritizing will be always a topic to talk about, especially if staff is overloaded and requests never stop arriving. One of the things you will face are big fishes (aka VIP) asking to get their things done right away versus what sometimes it really matters. In all my experience, I remember a very particular moment dealing with what it needs to be prioritized versus a VIP request. It was in 2009 and we were managing a huge network: 5000 users for a federal government entity, the SAT (the Mexican Revenue Agency, the one who collects taxes).
Today I have published in OKay's RPM repository RPMs for FreeSWITCH 1.6.9. FreeSWITCH is a complete VoIP switch that works on many platforms, including Centos 6 and Centos 7. This is one of the biggest packages I have ever done; there are more than 1720 hours of work behind to make it work. When updating, you will notice it will download many libraries, most part of them not available anywhere.
The big difference on my RPM's is there are more sub-packages, for example, you can install only freeswitch-cli if you only need fs_cli command; Centos 6 RPMS for 32 and 64 bits are available with video support; I have imported a patch that fixes mod_nibblebill, in some situations leg b won't hang up and it will produce money losses. I have been updating some other dependencies such as VLC and MPG123 with latest stable if you were using my RPM's you will notice more updates as well.
Because libyuv is now part of the core, these RPMs are compiled with video support. Yes, you read it well, both Centos 6 and 7 with video support.
For those asking about FreeSWITCH changelog, this is the list published by them:
New features that were added:
Improvements in build system, cross platform support, and packaging:
The following bugs were squashed:
RPM's are available for Centos 6 and 7. And you can find it if you type yum search freeswitch.
MPG123 1.23.4 is now available in OKay's RPM repository since today. The mpg123 distribution contains a real time MPEG 1.0/2.0/2.5 audio player/decoder for layers 1,2 and 3 (most commonly MPEG 1.0 layer 3 aka MP3), as well as re-usable decoding and output libraries. Among others, it works on GNU/Linux, MacOSX, the BSDs, Solaris, AIX, HPUX, SGI Irix, OS/2 and Cygwin or plain MS Windows.
Some changes from older releases are:
RPM's are available for Centos 6 and 7. And you can find it if you type yum search mpg123.
Syncthing 0.13.7 RPMs for Mageia Cauldron (6) are now available since today. Syncthing is a complete synchronization, multi-platform solution to have same files in your devices. It is like a Peer-to-Peer.
Syncthing is an excellent option if you have at least one road warrior involved. Since there is no warranty of a public IP or even a static IP, Syncthing architecture allows clients to bypass NAT's and allow file exchange. The good thing of Syncthing is it is available not only on Linux and Windows but Android as well. You can have in sync important files in your mobile or tablet.
Syncthing 0.13.x is not compatible with 0.12.x. You must update all your devices. Backport for Mageia 5 is more difficult as it seems. I am not able to reproduce it in the build system. Mageia 5 has Golang 1.4 which it is not compatible with Syncthing 0.13.x.
As part of my commitment with Mageia, I will try to keep this package as updated as possible. The team from Syncthing are very responsive and they release new versions very often. At the time when writing this article, Mageia Cauldron 6 is in version freeze; this means we will need to wait for a little until the big system administrators let the new RPM in.
RPM's are available for Mageia Cauldron (6), I will be working to backport to Mageia 5 as soon as possible. You can install it if you type urpmi syncthing.
Last week while I was sending some emails, I realized that nobody was even answering the read acknowledge. It was very strange. After doing some tests with Hotmail I realized all emails was being flagged as SPAM. But no way It could be such garbage, there were handwritten emails. After a while of debugging, I realized that I was missing my SPF records in my DNS server.
SPF records are an anti-SPAM technique that allows mail servers to verify that the sender server is authorized to send emails using your domain name. For example, if you get a letter from Britney Spears with some free tickets, there is no way you can know if such tickets are coming from an official source by just having the envelope on your hands. SPF records allow you to know and verify that at least the origin is authorized to send emails using a specific domain name.
If you check the image in this article, it will show you in a simple way how the verification takes place. This verification is done by the target server, not by your SMTP email server.
SPF records will help you to minimize your exposure to an impersonification attack. It is not a final solution as if you have a vulnerable email server or malware installed on your personal computer, the email sent using your email will seem to be a valid one in the eyes of the other target mail servers.
The ISO 27000 is a generic way to call a set of ISO standards about a security. In this article, I am going to describe how we did in one of my jobs to get the Certification for the Information Security Management System specified in the ISO 27001 (and it is closely linked with ISO 27002).
First, we need to describe and make clear what is a Management System. According to ISO, a Management System is a set of procedures an organization needs to follow in order to meet its objectives. The use of a well deployed Management Systems warrants that every request, incident, issue (or any name you want to put) will be processed always the same way with the same established quality. A Management System uses what it is called the Deming Cycle which it states a continuous improvement of all processes involved.
Another concept we need to establish before starting to tell this tale is what is a process. For me, a process is a sequence of interdependent and linked procedures which, at every stage, consume one or more resources (employee, time, energy, machines, money, etc) to convert inputs (data, material, parts, etc) into outputs. These outputs then serve as inputs for the next stage until a known goal or end result is reached. I won't cover in this article how to document a process, but don't lose the idea that you will need to document. The ISMS is all about documenting and keeping records, and not only the ISMS, any management system in general.
So, when you start defining your ISMS take in mind that you will need to back up all your statements. You will need the use of Security & Vulnerability Assessments or in the worst case a letter from the CEO accepting involved risks. The CEO is the ultimate responsible of the ISMS. We will talk about that later.
The asset is just another concept it comes to my mind. For me, an asset is anything that has a value to the business. An asset has a value property that will play a crucial role in this process. I will talk about that later.
Ah! before I forget. If you are pursuing the ISO 27001 certification, you must know that certification is given to an organization with a specific business process.
With this concepts, I will start telling what happened those glory days.
Since a while, the modern web browser has what it is called the cache. A web browser cache is just space on your computer where you store your latest object if those objects are requested your computer won't need to download them again, instead, it gets from the cache; local storage will be always faster than downloading from the Internet. Now think on your website, and think on all the CSS, JS and image files you are using (GIF, JPEG, PNG, WEBP, etc.); imagine all the time that can be saved when your guesses visit the second page on your website.
Apache has a very nice feature (turned off by default), that compresses the content of the page. Instead of sending the raw HTML file, it does a gzip or deflate compression and it sends a smaller file. It is faster to load a 2 kB file than a 10 kB. And as a consequence, this improves your loading time.
Again, don't forget that Google rewards fastest websites, in other words, it improves your SEO.
In this post, I'm going to show you how to configure the .htaccess file to maximize local cache utilization.
Syncthing 0.13.5 RPMs for Mageia Cauldron (6) are now available since today. Syncthing is a complete synchronization, multi-platform solution to have same files in your devices. It is like a Peer-to-Peer.
A conventional cache can not optimally store videos from sites like youtube or google video; the main reason is that this kind of sites use different server names to store the same cache (eg ak1.ad.youtube.com, ak2.ad.youtube.com, etc..) and this decreases the frequency of a URL avoiding early entry to the cache. There is no guarantee that two consecutive visits to the same contendo use the same address to access the object in the video. The following procedure describes how to tell Squid cache to perform online video.
Voptech VI200X phones are very useful IP phones.
Sometimes, especially when recycling your phone, you do not have the password for the web console. However the phone is fully recoverable by following these steps:
Syncthing 0.13.4 RPMs for Mageia Cauldron (6) are now available since today. Syncthing is a complete synchronization, multi-platform solution to have same files in your devices. It is like a Peer-to-Peer.
As part of my commitment with Mageia, I will try to keep this package as updated as possible. The team from Syncthing are very responsive and they release new versions very often. At the time when writing this article, Mageia Cauldron 6 is in version freeze; this means we will need to wait a little until the big system administrators let the new RPM in.
Some mobiles wrongly do call forwarding and generate a 302 code that confuses Freeswitch. Then FreeSWITCH sends the call through the public context. The number is connected only if the destination number also belongs to the current PBX, which it is an error. The following workarround corrects this behavior.
Change the values to your needs.
<extension name="(\d+)" continue="false"> <condition field="context" expression="public"/> <condition field="destination_number" expression="(\d )"> <action application="set" data="domain=22.214.171.124"/> <action application="set" data="domain_name=126.96.36.199"/> <action application="set" data="call_direction=inbound"/> <action application="bridge" data="sofia/gateway/gwname/$1"/> </condition> </extension>
<extension name="(\d+)" continue="false">
<condition field="context" expression="public"/>
<condition field="destination_number" expression="(\d )">
<action application="set" data="domain=188.8.131.52"/>
<action application="set" data="domain_name=184.108.40.206"/>
<action application="set" data="call_direction=inbound"/>
<action application="bridge" data="sofia/gateway/gwname/$1"/>
This dial plan must be placed at the end of all plans for incoming calls.
Read about IT, Migration, Business,
Money, Marketing and other subjects.
Some subjects: FusionPBX, FreeSWITCH, Linux, Security, Canada, Cryptocurrency, Trading.