How you do anything is how you do everything

Popular Tags

FusionPBX FreeSWITCH Security Clustering Linux VoIP MariaDB SEO Personal Load Balancing PHP High Availability Joomla Darktable Fail2Ban Nagios Mageia RPM DNS PowerDNS

Looking for RPMs? Set up our RHEL repo.

rpm

Works on CentOS6/7/8 & Alma/Rocky 8/9
Sponsored by OKay Inc

sip-invite-407.jpg

Protecting your PBX against Passwords Leaks

Details
Category: Technology

Before starting, I must say that this exposure has been wide open in FusionPBX since I have memory. It is not a vulnerability, but an exposure; other PBX brands may be affected then.

So, a few months ago, one of my customers told me that one of his carriers had billed an unusually large amount and that he was "hacked".  Sadly, his poor communication skills didn't help, and all we did was change passwords. A few weeks ago, one of my job peers told me something similar, with more time and patience, the issue was that odd calls were terminated while the extension owner (we were able to trace back that) claimed she hadn't used that phone for months. Digging into FreeSWITCH logs, I could find the call logs, but I couldn't find any registration (no on FusionPBX, no in FreeSWITCH CLI).

Besides having a password leak, what happened?

Read more: Protecting your PBX against Passwords Leaks

unifios-server-setup-name.png

Installing Unifi OS on Linux

Details
Category: Technology

So I was asked to install the new UniFi OS on a new brand Linux server. UniFi OS is the new platform from UniFi that lets you control all your UniFi devices, such as routers, switches, and access points. From what I have seen while installing it, the Linux deployment runs a container with podman, making it distribution-agnostic. In this case, I had no control over what Linux distribution to use; as many know, I always prefer a Red Hat-based Linux, but this time I got a Debian.

Read more: Installing Unifi OS on Linux

e164.png

Understanding the E.164

Details
Category: Technology

When you see a number, have you asked if it is a random number?

Short answer: no. There is logic behind it. That logic is written on the E.164. The E.164 is the standard that dictates the nomenclature of the telephone numbers. In this article, I will try to explain the logic of that document easily.

The Structure of the International ITU-T E.164 Number

The first thing to understand is that the numbers are classified into geographical, global services, network, groups, trials. Geographical numbers are the ones that are tied to a specific geographical area (although we already know you can have a New York City number if you live in Los Angeles, but let's bear with this).

Geographical Numbers

The geographical number is composed of decimal digits that form the country code (CC) and the national significant number (NSN). Each country will divide their NSN according to its needs. There are some basic rules:

GN = CC + NDC + SN

  • The total length of the number can not exceed 15 digits.
  • The Country Code (CC) length is between 1 and 3 digits.
  • The National Destination Code (NDC) length depends on the Country Code:
    • four digits if the CC has three digits,
    • five digits if the CC has two digits, or
    • six digits if the CC has one digit.

International Global Services Numbers

International global services number follows these rules:

IGSN = CC + GSN

  • The total length of the number can not exceed 15 digits.
  • The Country Code (CC) length is three digits.
  • The Global Subscriber Number (GSN) can not exceed 12 digits.

International Network Numbers

This kind of number is composed of three code fields as follows:

NN = CC + IC + SN

  • The total length of the number can not exceed 15 digits.
  • The Country Code (CC) length is three digits.
  • The Identification Code (IC) length is from one to four digits.
  • The Subscriber Number (SN) maximum length is 12. However, there is a minimum length that varies:
    • nine digits with a one-digit IC,
    • eight digits with a two-digit IC,
    • seven digits with a three-digit IC, and
    • six digits with a four-digit IC.
  • The length of the IC and SN cannot exceed 12 digits altogether.

International Group Numbers

This kind of numbers is composed of three code fields:

IGN = CC + GIC + SN

  • The total length of the number can not exceed 15 digits.
  • The Country Code (CC) length is three digits.
  • The Group Identification Code (GIC) length is one digit.
  • The Subscriber Number (SN) maximum length is 11.
  • The length of the GIC and SN cannot exceed 12 digits altogether.

Trial Numbers

Trail Numbers have two mandatory and one optional code field as follows:

TN = 991 + TIC + SN

  • The total length of the number can not exceed 15 digits.
  • The first prefix length is three digits, and it always seems to be 991.
  • The Trial Identification Code (TIC) length is one digit.
  • The Subscriber Number (SN) length is 11 digits maximum.
  • The length of the TIC and SN cannot exceed 12 digits altogether.

Country Code Assignation

Canada doesn't get the +1 just for fun, Mexico +52 or Australia +61. There is logic within, and the best way to understand is through this graphic.

country calling codes map

The + Sign

Commonly substituted by 00 in some PBXes, the + sign is a suggestion from the E.123 to indicate that an international prefix is required. This could make a difference, for example:

  • 6138007370, depending on the context, could be an Ottawa, ON number or an Australian one.
  • +6138007370, refers to an Australian number.

The Zero

The zero has a special meaning. Commonly used to identify Global or Service numbers. Depending on the Country, the zero can make a difference between a valid number and an invalid one. For example, +1100XXXYYYY is an invalid geographic number, but it could be a valid service or network number.

I will keep updating this article as I understand more about this subject.

Good luck!

Basic Protection against Telemarketing and Unwanted Calls with FreeSWITCH

Details
Category: Technology

I would be surprised if someone told me they don't get marketing calls. There are many ways to mitigate them, yet they are still here. Implementing the STIR/SHAKEN protocol and rejecting all the non-signed INVITES to your PBX is the best way to minimize a suspicious call. However, at this point, not everybody is signing the calls; therefore, you could have false positives (blocking legitimate calls).

In this article, I will explain how to implement the two recommendations from the CRTC for those PBXes that are not offering an opt-in call filtering system.

Read more: Basic Protection against Telemarketing and Unwanted Calls with FreeSWITCH

OpenID Authentication (OKTA implementation)

Details
Category: Technology

So I was asked to add OKTA authentication to FusionPBX/CoolPBX. Yes! Why not? I have seen more than one customer using OKTA.

The first thing we need to demystify is what OKTA is. OKTA is many things, but for the effects of this article, OKTA is an OpenID implementation (a very popular one). You also need to know that you can't talk about OpenID without talking about OAuth. Yes, it is a little confusing, I highly recommend watching the following video.

Read more: OpenID Authentication (OKTA implementation)

  1. Moving away from the DATE_TRUNC() SQL Clauses
  2. Filesystem Cluster Synchronization with Small Footprint
  3. Syncing the Cache in a FusionPBX Cluster
  4. Setting Multi-Home Servers with Rocky 9

Page 1 of 35

Latest Articles

Do you need some FusionPBX free support? Join this FusionPBX/FreeSWITCH Support Channel.

telegram logo

To know the rules, read the pinned post