- Details
- Category: Technology
Here it goes the first example. The system I need to scrap has a form of username and password to access data. So obviously, the first step is to log into the system by sending data using the HTTP POST method. I did this with these steps.
- Details
- Category: Technology
Availability is one pillar of Information Security; it defines itself as the capability of being accessed by legit users when needed. On the other hand, we have DoS attacks which attack an asset availability. A successful DoS attack will not let a user access an asset when needed.
Exposures to DoS attacks are not the easiest to discover; a vulnerability scan will not report them. A successful DoS attack does not always exploit a vulnerability. DoS attacks are discovered easily by seasoned security practitioners. For example, an attacker could send millions of HTTP requests to a valid URL on a given website. The HTTP request could be valid and legitimate, but what makes it an attack is the excess of it. The HTTP server cannot handle it, therefore when a legit user tries to access it, he will fail; the HTTP server is too busy.
There could be many kinds of DoS attacks. This article will prevent the following:
- When an attacker requests too many times the same URL.
- When an attacker requests too many times different URLs; each type of request may not be considered an attack, but the sum of them it is.
- Details
- Category: Technology
FusionPBX offers a way to remotely reboot your registered endpoints. Of course, those endpoints must honour the SIP signal. However, the problem arises when you have many extensions. Last week, I had the challenge to reboot more than one thousand endpoints, where eight hundred of them were registered in a single server. As you imagine, the clicking way is too much hassle. There should be another way.
Sadly, as of this day, neither FusionPBX 4.2 (the latest stable branch when writing this article) nor FusionPBX 4.3 (August 26th, 2017) offers a simple way to accomplish this task. After reading the code, I found that all elements were there, I just needed to iterate them to send the signals to all the registered endpoints. So I did it, I took the code from the other parts and joined them to produce a script that would reboot all the listed endpoints. And here it is my pull request that hopefully would be accepted in FusionPBX 4.3.
This patch will enable FusionPBX to reboot all the listed endpoints. If you are watching only the endpoints of a tenant and you click on the button, it will only reboot endpoints registered on that endpoint. If you are listing all the endpoints and click on the button, it will reboot all the endpoints in your server.
- Details
- Category: Technology
LinkedIn has shown the world to be a good professional social network. You can have your professional profile or your company profile; leave the social to Facebook. After a while, of reading how to do a PHP code that allows you to authenticate, I didn't find a PHP lib to do that (note that my Google-Fu is very bad, I don't doubt there are some). So, here is how I did it.
The first thing is to be registered as a LinkedIn developer (just like Facebook); I won't talk about how to do this. You will need to create there your application, when you are done you will need an API Key and API secret.
- Details
- Category: Technology
This is not a new question, but I think it is interesting to know how to export a SELECT statement into a CSV formatted file. In this example, I am going to export a FusionBPX CDR format.
SELECT domain_name, direction, caller_id_name, caller_id_number, destination_number, start_stamp, end_stamp, billsec, hangup_cause
INTO OUTFILE 'amfs.csv'
FIELDS TERMINATED BY ','
OPTIONALLY ENCLOSED BY '"'
ESCAPED BY '\\'
LINES TERMINATED BY '\n'
FROM v_xml_cdr
WHERE domain_uuid='f4abf9c1-842f-4408-b923-dd0c94ae86da'
AND start_stamp >= '2015-03-01'
ORDER BY start_stamp;This query exports only selected columns into a file called amfs.csv with the following characteristics:
- fields are delimited by a comma,
- non-numeric fields are enclosed by double quotes "
- if there is a need to escape a character, it will be used the slash \
Now, after executing this SELECT, your next question is to know where the file is. In my case, it was in the /var/lib/mysql/fusionpbx/amfs.csv path, which is the directory where the database is stored.
This file does not contain the field names in the first row. You can edit the file with any file editor and add them. Take them from the SELECT statement, as they are. This is an optional step.
After that, you can use any software such as Microsoft Excel or LibreOffice to open it.
Good Luck!
