Telephony Fraud – Further Analysis

Following yesterday’s post, I’ve decided to take another set of data – this time following the start of the year, with a specific data profile. What is the profile? I will describe:

  1. The honeypot server in this case was a publically accessible Kamailio server
  2. The honeypot changed its location and IP every 48 hours, over a period of 2 weeks
  3. The honeypot was always located in the same Amazon AWS region – in this case N.California
  4. All calls were replied to with a 200 OK, followed by a playback from an Asterisk server

In this specific case, I wasn’t really interested in the attempted numbers, I was more interested to figure out where attacks are coming from. The results were fairly surprising:

The above table shows a list of attacking IP numbers, the number of attempts from each IP number – and the origin country. For some weird reason, 97% of potential attacks originated in Western Europe. In past years, most of the attempts were located in Eastern European countries and the Far-East, but now this is Mainland Europe (Germany, France, Great Britain).

Can we extrapolate from it a viable security recommendation? absolutely not, it doesn’t mean anything specific – but it could mean one of the following:

  1. The number of hijacked PBX systems in mainland Europe is growing?
  2. The number of hijacked Generic services in mainland Europe is growing?
  3. European VoIP PBX integrators are doing a lousy job at securing their PBX systems?
  4. European VPS providers pay less attention to security matters?

If you pay attention to the attempts originating in France, you would notice a highly similar IP range – down right to the final Class-C network, that is no coincidence, that is negligence.

Now, let’s dig deeper into France and see where they are attempting to dial:

So, on the face of it, these guys are trying to call the US. I wonder what are these numbers for?

Ok, that’s verizon… let’s dig deeper…

Global Crossing? that is interesting… What else is in there???

 

So, all these attempts go to Landlines – which means, these attempts are being dialed most probably into another hijacked system – in order to validate success of finding a newly hijacked system.

Well, if you can give me a different explanation – I’m all open for it. Also, if any of the above carriers are reading this, I suggest you investigate these numbers.

 

 

Goodbye Elastix – we will miss you

Last week marked a sad point in the history of Open Source, the highly acclaimed and established Asterisk distribution was taken down from the Internet, leaving all of its users, followers, eco-system, resellers, integrators and more with a gigantic void to be filled.

While the void will be filled at some point, I can’t but help but observe the joy and cheerfulness of the proprietary telecommunications industry, as 3CX had rapidly taken over the Elastix business in such brutal manner. According to the various discussions in the Open Source community, the entire thing was cause by, a so called “violation of copyright” or “violation of IP” of some sort, within the Open Source communities. In the past, as far as I know, when various distributions or projects violated each other’s copyright, they would notify one another – and would ask to rectify the situation. Apparently, this hadn’t happened here – or if it happened, it wasn’t published in an open manner – as you would expect.

One of the things that the community started shouting was: “Elastix had been trixboxed”. Honestly, I don’t see the similarity between the two cases. When fonality acquired trixbox, they had a clear indication of where they are going. This is not 3CX acquired Elastix, this is 3CX obliterated Elastix. This is something completely different – and with major personas in the open source community indicating that a certain, well known and renowned, Open Source persona was involved in this happening, I can only be highly offended by the everlasting stench of people’s own ambition and personal hatred towards things that are not their own.

I admit it, I never really used Elastix in my projects, I found it to be bloated, inflated with software that shouldn’t be there, too slow for my taste and with a lack of proper project leadership, patches went in and out like crazy. Yet, I can’t argue with their success and the acceptance of the product around the world. I remember being at VoIP2Today in Madrid only a few weeks ago, and there were Elastix boxes sitting on tables. Yes, Elastix wasn’t my first choice for an Office PBX, but yes, they were a choice – the idea of a commercial company coming in and removing that choice off the table – is just annoying and troubling at the same time.

My hope is that some Elastix developers will simply post the entire source code to Github or some other public repository, slapping a BSD/MIT license on their work – telling the world: “Here is our creation, the proprietary daemons decided it should die – but no one can kill an idea!” – and Elastix will keep on living in the Open Source like other projects. If the world will forget it, then so be its fate – but if the world needs it, let the world take it in two hands and raise it up to the sky and say: “You shall not die!”

 

Where will Asterisk be in your future?

A dear friend, the CEO of fone.do, Mr. Moshe Meir had written a blog post on the fone.do blog. The title is: “Is there a future for Asterisk?

I have a different take on the thing. I think that Moshe is simply asking the wrong question. He should be asking “What is the role of Asterisk in your future?”.

I know Moshe personally, and I’m shocked by the short sighting of his question. Asterisk was born, initially as a PBX – it has evolved to much more than that. Last year, in my presentation, I showed a slide of a large elephant, with various blind people feeling it around – trying to ascertain what an elephant is. Asterisk is that elephant, it will be what you want it to be. You want it to be a PBX, so be it. You want it to be a Video gateway, so be it. You want it to be a services control point for your OTT application, so be it. You decide!

As technologists and visionaries, it is our job to look ahead into the future and think: “What is the next step? where will we be in 5 years from now, in 7 years from now?” – that is called visionary, pioneering, disrupting and most importantly, exceptional. You want to know what the future of Asterisk will be? look at what you need, that is where it will go. Was always the case, and will always be the case.

Yes, I use Kamailio, OpenSIPS, FreeSwitch and other tools. Yes, I’ve used OpenRTC, EasyRTC, Kurento and others. Yes, we still use them and YES – WE USE ASTERISK, and we will most probably keep using Asterisk for our needs – where it fits the best and assumes the task to the best of its ability. This is why every year we come to Astricon, this is why every year we join the DevCon, this is why every year we make it our business to keep track of whats going on in the core. Moshe, you are forgetting, we are not drivers, we are mechanics – we build and fix things. Tony Stark in Iron Man 3 says: “I’m a mechanic” later on the child replies “You’re a mechanic, fix it” – here’s my challenge to you – “FIX IT!” – make it better, make it stronger, make it into the thing you love and want.

One more thing Moshe, and this is something for you to think about – when you write a blog post, on a blog that has no way of allowing its readers to comment or participate in any form, you should not write opinion posts. Opinions are meant for people who can interact and respond.

** EDIT: You can comment to this post via facebook, at: http://on.fb.me/1QQQ18Q

The GUI Game

A recent post on the Elastix community page yielded the following:

Guayaquil, Ecuador, May 4th 2015 – PaloSanto Solutions, the company behind the Elastix Project, has established today a GIT repository for the development of a brand and distro agnostic GUI for unified communications servers. Additionally it conceives multi-tenancy.

The project will be independent and will start off with the mutiltenant GUI from Elastix MT. Currently this development is focused on using Asterisk as the telephony manager at its core, however, the project seeks to establish the basis for the inclusion of other projects that currently exist in the industry like FreeSwitch.

This project will be initially hosted and moderated by PaloSanto Solutions; it is an idea together with the PBX in a Flash team.

“We believe that by using Elastix GUI to kick off the project will help in assimilating it faster”, said PBX in a Flash’s CEO, Ward Mundy. “PaloSanto Solutions’ decision to create a GIT repo for development cooperation is also important because it will attract new actors to the project that will enhance its functionality”, he added.

“Since the release of Elastix MT we believed that there is the possibility to continue revolutionizing unified communications, and to establish tools that had not been integrated before”. Said Edgar Landivar, CEO of Elastix. “With the establishment of this repo we hope to establish a standard in the industry that will replace the concept of VoIP PBX”, he concluded.

The project is available today at https://github.com/elastixmt/elastix-mt-gui, and rules are being set regarding contributions to the development so that all interested people can join immediately.

Well, I think that I can understand where Elastix/PIAF are going with this. For a while now, I’ve seen various communications and rants roaming the community, regarding the way the FreePBX GUI is dominating the “Distro Market” – so to speak.

In general, I see this as a good thing, as it means that people will start re-focusing on technology. On the other side, we will end up – again – with the normal Open Source/Commercial debates (should we do? why shouldn’t we do?).

I know that people are going to jump me for what I’m about to say right now, but since the introduction of Asterisk 13 and ARI, the gaps between Asterisk and FreeSWITCH are rapidly closing in my book. I’ve already deployed several systems using ARI – and I don’t use a GUI at all. FreePBX in my book had become a large set of code, assembled partially by people who know what they are doing and partially not. With the Sangoma buy-out, I suspect that we’ll see more and more “Sangoma Centric” modules and features – and that’s normal. Same will apply to the Palo Santo alternative, as it becomes more and more acceptable by the market.

Is it truly the destiny of an Open Source product? to become dominated by their creators? to become a mere vessel of their creators to market their solutions and services. A recent conversation I had with a prospective client went somewhat sour, with me at a loss of answers to a very simple question. The client asked me: “Is there a FreePBX high availability solution? – one that is off the shelf”, my responses were these:

  • You can use the Schmoozecom High Availability solution
  • You can use the Digium High Availability solution
  • You can use the Xorcom High Availability solution

He replied – “What? isn’t there an Open Source alternative? something that had been tested and verified?” – my answer was: “We can always use Linux-HA, Heartbeat, mond and other Open Source tools to create the solution. But it won’t be as slick and neat as the commercial solutions, simply because that requires time.

About 9 years ago, Digium had a product called “Asterisk Business Edition”. The business edition was a highly regressed version of Asterisk, with slightly less features, aimed at being an Enterprise Grade product to work against. Digium realized fairly fast that the product had no place and had abandoned it several years later. Open source is about choice, make your choice, aid others is making a choice – but don’t take our freedom for choice. In my view, the distributions should target themselves to be “Market Aggregators”, not “Market Shapers” or “Market Makers” – this is not the stock market and no wolves den. The Asterisk Exchange is a good idea, if Digium would turn that into something that is embedded into AsteriskNOW and allows people to buy and install, directly from the UI, that would be a winner.

The Apple Store and Google Play became a success not because Apple or Google promoted them, they were made into success by the developers and people who wrote new things. Asterisk, FreeSwitch, Kamailio, OpenSIPS, FreePBX, Asterisk GUI – at least as see it, should be regarded as platforms for innovation, the things that make us go: “Hmmm…. interesting”, the immortal “Facsinating” comment made Mr. Spock.

Just my 0.02$ on the issue…

Wake Up !

Confession – I love sleeping! Who am I kidding, if I could sleep for 14 hours a day, I would – I truly love to sleep. Don’t get me wrong, I’m not a lazy person, I’m what you would call a slow starter – for me, waking up in the morning was always a big issue. When I was younger (early 20s), my dad would comment – “if you would have been paid to sleep, you’d be a millionaire”. And that was so true, I had a good job in a start-up company, I was traveling the world – and yet, sleeping was always my favorite thing.

Time passed on (20 years to be more exact) and I became a CEO of my company and father to 2 amazing daughters. One thing that kids taught me: from this point onward, sleeping is a luxury. I remember that my wife and I joyed as our young one started sleeping full nights, suddenly, we had our proper nights sleep back to us. And indeed, quickly I tried resuming my old sleeping habits – I still like to snooze the morning off during the weekend.

About 2 weeks ago, shortly after turning 40, I’ve realized something fairly scary – I’m wasting much of my time sleeping, there is so much more to do. So, amazingly enough, I started going to the office at the early hour of 6:30AM. Amazingly enough, no traffic, so I reach my office at around 7AM. Suddenly I discovered: “Wait a minute, I have more time – I need to plan it better”. So, I sat down with a pen and paper, and wrote a list of bullets points that I would like to cover on a daily basis. This was the list I made:

  • Open Source Projects: PHPARI Coding, Asterisk Lab, Kamailio Lab
  • Tech Studies: PaaS platforms, Openstack, Android Development
  • General Administration: Accounting, Price Quotes, Billing, etc
  • Actual Work: Write code, Write Spec documents, etc.

I shortly realized: “That’s a bloody long list, impossible to cover all of it in one day – so focus”. So, I decided to split my day among the passions, not the subjects. So, now my day looks like this:

  • 2 Hours – Open Projects related (every day something different)
  • 2 Hours – General Administration and shit
  • 1 Hour –  Daily catch up with the guys
  • 1 Hour – Learn something new (every day something different)
  • 30 Minutes – Lunch
  • 5 Hours – Actual Work

Yes, it’s a very busy schedule – but what I’ve learned is that if I start early, I’m able to push more into the day – my evening becomes more relaxed. I even end up with enough time to sit down and write a blog post about how I optimized my time.

I’m dying to know, out of the readers of my blog, I’d love to read about your schedule – what are able to accomplish in one day of work?