The rants and raves of a technogeek
GPL
Open Source has bad reputation in Israel! – Part II
Jan 8th
As if my previous post was’t enough, this week the ever annoying bad rep of Open Source in Israel showed its face yet again. This time, I’m talking about a recent talkback on the thecom.co.il online magazine website. The talkback was related to an article relating to various telecom tenders currently in progress in Israel. As part of the article, the authod mentioned the existance of a new Call Center solution for Asterisk from EasyRun – one of the world’s better known call/contact center solution providers – being in the market for over 15 years now.
Here is a screen shot of the post:
http://www.thecom.co.il/article.php?id=6178
For those not speaking Hebrew, I’ll translate. Talkback number 1 is from Alexander Argov, CEO of Tikal Networks informing the public that Tikal Networks also has a call center solution based on Asterisk, with a link to the demo. In itself, there’s nothing wrong there in my book – however, it would appear that others don’t agree. Number 3 says: “Well, if you are a part of this party, why do you need to advetise in a talkback?”, only to be followed by: “Well, Tikal is a Me-Too as always – nothing new there”. Well, comments will be comments and talkbacks will be talkbacks. However, numbers 6 and 7 are something else. Number 6 excuses Mr. Argov and his Sales VP (a Mr. Harari) as providing poor service and a poor product, warning people not to purchase Tikal based prodcuts. Now, number 7 goes the distance saying: “Selling a product that costs a single shekel for tens of thousends of shekels and giving poor service is something any 7th grade student can do. Don’t touch the solution provided nor any Tikal product”. Number 7 is currently simply stating: “Don’t touch Asterisk, the service is not good”. Number 7 seems to be incapable of distinguishing between the Tikal product line and Asterisk, and for him, they are one and the same. The end result is a bad rep for Asterisk, while the bad rep is actually intended to the solution provider in this case.
It would appear that in Israel, people mix up FreePBX, Asterisk and the solution provider as one and the same. The solution provider goes about saying: “I’m selling an Asterisk product, I’m state of the art!”, using the Asterisk name to leverage the sale. The customer belives that what he’s buying is actually Asterisk, while the only thing he’s actually buying is the integration service and support service. As long as people in Israel don’t realize that Open Source solutions mean: Free Software (Free as in Beer), Paid Support and Professional Services – the situation will remain the same for ever.
Open Source has bad reputation in Israel!
Dec 28th
The Open Source movement had been in existence since the 60′s, and we can surely find its roots somewhere along the hippie culture and movement. While Free-Love had transcended to Free-Code, or to be more exact – Free-Knowledge, the question of the sources for your Open Source is still questionable. Comparing it with the Sixties, it’s easy to compare the various “Free-Love” movements with the various “Open Source Paradigms” of today. While GPL, BSD, MPL, ZPL and others preach for Open Source adaptation – each one took a different path.
While the paths differ, but the end result is more or less the same, all suffer from a serious lack – a bad reputation. While in the early 2000, Open Source usually meant – highly stable, state of the art technology, increased ROI, lowered TCO and most importantly for many – COOL. Coming 2008, Open Source is starting to get a bad rep, due to the ever increasing simplicity of entering the Open Source world.
I started using Linux somewhere around 1994. My first Linux distribution was a Slackware, with a kernel of 1.0.28 – I needed 99 floppy disks in order to install the system, and it took me a few hours to do so. However, I can’t forget my amazement at seeing the X-Windows environment booting up, and more than that, being completely overwhelmed with the fact that I have a fully functional UNIX environment in my house, just like the one I had in my Army office. Now, I basically had no one to teach me this new environment, so, I had to take my UNIX skills (Solaris and AIX) and adopt to Slackware Linux – it took me a few weeks to get around, but I got around and stuck to it ever since.
Now, let’s jump 14 years forward in time. The year is 2008, a graphic based environment for Linux is no longer a myth and it is getting better and better by the day. People are starting to adopt Linux beyond the academic and the ISP market sectors, slowly integrating Linux based distributions (Mandriva, Ubutnu) on to their desktops and notebooks. Linux is become simple and appealing to everybody.
When something becomes easy to use, people make good use of it – a good example is the Asterisk project. Projects such as TrixBox (AKA: AsteriskAtHome), PBXinaFlash, AsteriskNOW and others had made Asterisk into a simple installation product, that can be installed and managed by any half-decent sysadmin. Problem is, while a half-decent sysadmin will do a fair job of maintaining the system, a shitty sysadmin will crap everything to hell. But hell, that is true for almost anything related to computers or technology – there’s nothing new here! Well, there is nothing new and everything is now new. People who were more or less selling shoes 3 years, then 2 years decided to sell ISP routers, then a year ago started selling IP phones, are now selling Asterisk based systems – using these distibutions, while having no idea what they are selling or promoting. For these people, Asterisk is nothing more beyond FreePBX – once encountering deeper issues, will simply abandon the customer – leaving the Open Source product with a bad rap with the, now disappointed, customer.
I want to believe that other places in the world are different, I want to believe that Israel will reach a point in time when this doesn’t happen – however, I guess that only time will tell and I surely hope this will change in Israel.
Get Ready – isrAsterisk 2009 is coming
Dec 21st
It’s been WAY TOO LONG, since isrAsterisk 2007. On January 2007, the first ever Asterisk convention took place in Israel, since then, nothing had really happend in Israel – in terms of community events. It’s high time to have another one, and hopefully, get the ball rolling into a state where we will have one each year.
Unlike the previous event, which was sponsored and controlled fully by Atelis (as no other Asterisk vendor in Israel showed willingness to pitch in) – this event is a true community event. The purpose of the event is to bring the Israeli community into a single location for a few hours, talk about Asterisk, talk about the future of Asterisk, learn from the community and most importantly – meet with the people behind the scenes of the Asterisk community in Israel.
I really hope that this time round we’ll be able to get more funding, as isrAsterisk 2008 never took place due to lack of funding. Who knows, maybe Digium would be willing to add some funds to the fund raiser on the right, and make things easier and faster 
Thoughts of Virtualization – Part III – Multiple Asterisk Gateways
Dec 15th
While this post is titled “Thoughts of Virtualizaiton”, the applications described can be easily applied to non-VM type installations.
Virtualization is a wonderful tool, it enables rapid growth and rapid deployment of new servers and services. However, just like any other platform that tends to grow across the time line, it poses the same annoying issue of managing a large system, especially when dealing with Asterisk based installations.
Let us imagine the following scenario: A Calling Card company while utilizes 8 different Asterisk application servers, are utilizing a single Database servers cluster and are receiving inbound calls from various sources and load balanced across all Asterisk application servers. What I’ve described above is more or less the practice most (if not) all calling card operators deploy. No matter if the usage is A2Billing, MOR, ASTBILL – the methodology is more or less the same.
One of the bigger issues with such an installation is debugging of a running session, more over, the ability to debug a session after it is finished. This situation is caused by a simple, yet annoying issue, we are operating within a “zero-knowledge” system, where we have no precognition of where a specific call will be handled utilizing our cluster. Now, if you are an experienced sysadmin, you would most probably do the following:
- SSH to all your Asterisk servers.
- Tile all consoles on your desktop.
- Start the test – and hope your eyes are fast enough to capture the right gateway.
Well, this is the normal practice with most people – but I have to admit it’s kind of annoying. Now, let’s imagine that we are now building our system from scratch, we’re not using A2Billing or any of the other Open Source products, we simply build our own application framework. So, what do we need to do in order to keep track of our system correctly?
Step 1: Consolidate
Consolidate the messages coming from each of your gateways to a single logging facility. The best track would be to utilize some form of Syslog facility. For example, all the scripts and network services that I develop utilize a clear and concise interface to syslog. I usually re-direct the syslog facility that I use to an external server, thus, I get all the logs on a single syslog file system.
If you are worried about I/O issues on the syslog server, you can always create a “syslog-proxy” using tools such as memcached or others.
Step 2: Identify
Your syslog write function should always include a prefix indicating the name of the generating Asterisk server. For example, have something like the following prefix your syslog entry:
Dec 14 21:51:32 pbx [PBX01/6d6d6423a2244aa71980e5a5b437919e/check_pincode[22537]: agiParameters: check_pincode
While the syslog facility will include your generating hostname, when duplication VM’s, this would be a really good practice.
Step 3: Analyse
Once your logs are consolidated to a single environment, it should be fairly simple for you to go about and analyse these in a pre-defined routine. There is little to gain from analysing the logs on-the-fly, but analysing it every 5/10/15 minutes will prove worthwhile.
Step 4: Audit
Auditing is good – as long as you keep a clear view of what you audit and what you don’t. Audit key points in your application to a database can save you a whole lot of time of debugging – just make sure your audit is clear.
Keep the above in mind and you should be just fine creating any scale of platform.
FBI Claims Asterisk is unsafe – what a load of bull
Dec 9th
After seeing well too many movies about the US and after visiting the US for a few times, many people tend to disrespect the FBI in the USA. While I have much respect for most law enforcement agencies, wherever these are located in the world, I must admit, that the latest warning from the FBI regarding Asterisk borderlines pure hystria and complete misunderstanding of the actual issue.
On Dec 8th, the FBI had issued the following warning:
New Technique Utilizing Private Branch Exchange (PBX) Systems To Conduct Vishing Attacks
The FBI has received information concerning a new technique used to conduct vishingi attacks. The recent attacks were conducted by hackers exploiting a security vulnerability in Asterisk software. Asterisk is free and widely used software developed to integrate PBXii systems with Voice over Internet Protocol (VoIP), digital Internet voice calling services; however, early versions of the Asterisk software are known to have a vulnerability. The vulnerability can be exploited by cyber criminals to use the system as an auto dialer, generating thousands of vishing telephone calls to consumers within one hour.
http://www.ic3.gov/media/2008/081205-2.aspx
Now, after a full weekend of frenzy trying to understand the cryptic warning the IC3 had issues, it was gathered that it is referring to an old time bug, related to Asterisk distributions prior to 1.4.18. Being familiar with the particular bug and the exploitation method – I can say this: They surely have no idea what they are talking about!
The exploitation of the bug requires several pre-requirements:
- A certain IAX2 configuration has to be deployed
- A certain version of Asterisk must be used
- A certain form of dialplan has to be existing
- You Asterisk server needs to be available on the Internet
Now, even when these 4 are met, the exploitation isn’t all that simple and that straight forward. So, in other words, if you are not utilizing any of the above, you can rest assured that your system is fine. In any case, any system is as secured as the dumbest user (in our case developer/sysamdin) who uses it.
Picasa
Twitter
Facebook
LinkedIn
wikipedia
Youtube
RSS