VoIP

Disclaimer: The views expressed in this post are solely my personal views and opinions. These do not necessarily represent the views and opinions of any company or project that I am (or have been) associated with. Back in 2019 (around 3.5 years from this post), I blogged that Sangoma Doesn’t Get Open Source. The post generated a decent amount of discussion and later that year, Dan Jenkins and I sat with Bill Wignall and made commitments about future conferences, handling “open source,” and stopping FUD....

The wonders of troubleshooting SIP never cease. Ever try to open a pcap with sngrep only to get the following error? Couldn't open pcap file XYZ.pcap: unknown file format And then, even though you hate looking at SIP on wireshark, you are left wondering… Why does this file open in Wireshark, but not in sngrep? Well, most of the time, this is because the pcap file is actually compressed. Easy fix....

Well, ITEXPO 2022 has come and gone. I think there were perhaps 2-3 other people at the conference who wore a mask. This said, I did return home without covid… The presentation was interrupted by a fire alarm. Apparently some idiot decided it would be fun to smoke in the bathroom. Wasn’t cool in the 80s, still isn’t cool today. Anyway… Unfortunately, coordination was very lacking at the event and no information regarding extending time made it to any of the presenters/attendees in our room....

Sangoma recently announced that Astricon 2023 will be co-located with ITEXPO in Fort Lauderdale. Here’s their exact announcement: With tremendous excitement, we officially announce the return of an in-person AstriCon. We will ease into the in-person event by co-locating AstriCon at ITEXPO on February 13-17, 2023, in beautiful Fort Lauderdale, Florida. The longest-running open source convention, AstriCon, celebrates open source projects featuring Asterisk and FreePBX. The event will include two tracks, sessions, and an EXPO hall....

Ever get an error like this when running an apt update? The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B4D2D216F1FD7806 or W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://download.jitsi.org stable/ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B4D2D216F1FD7806 W: Failed to fetch https://download....

Generally, when I deploy Kamailio, I use git. Many reasons for this (including being able to quickly apply a patch or fix), but that’s a discussion for another time. If you’ve installed from git and need to add a new module (that hasn’t already been built/installed), the process is very straight forward (and simple). Step 1: Install Dependencies Some modules require libraries to be installed. For example, the jansson module wants the jansson library to be installed....

The major announcement at ClueCon 2021 was the release of FreeSWITCH 1.10.7. Highlights from this release: fixes for security advisories (upgrade today) support for Debian 11 bug fixes etc There’s a great presentation from Sandro Gauci regarding the story behind some of the vulnerabilities he (and his team) discovered/submitted. Included in his story, is one of my favorite moments from Kamailio World. Read More Enable Security: Killing bugs … one vulnerability report at a time Speaker Deck: Sandro’s slides from ClueCon FreeSWITCH 1....

APIBAN helps prevent unwanted SIP traffic by identifying addresses of known bad actors before they attack your system. Bad actors are collected through globally deployed honeypots and curated by LOD/APIBAN. APIBAN started from discussions at tech conferences (in particular Kamailio World and Astricon). Most of the attendees had seen increases in malicious SIP traffic and we all thought there should be a way to share the active “bad actors.” When I found myself with some downtime, and with the support of LOD, some honeypots were deployed… and API made to share the data, and APIBAN was born....

Recently, I posted about using Kamailio’s PIKE module to help block excessive SIP traffic. This is a great tool for helping your system handle high traffic SIP, such as floods. But, what can you do when someone sends garbage or non-SIP traffic to your system? Kamailio’s SIP parser is handled in the core and was recently upgraded in v5.5 with logging improvements, as well as simplified implementation, static map for header name, and type for parsing....

The Pike module in Kamailio provides detection and alerting of “excessive” SIP traffic to your system. Within the module you can configure the rate limit, time period, and amount of time that the IP (ipv4 or ipv6) should be blocked. For example, you can configure your system to say that 30 requests from the same IP within 5 seconds should trigger a block of that IP for 5 minutes. I absolutely love this module and, in my case, Pike more often finds abusive traffic (like dialers) than SIP floods attacks....