For My Security

When the bakery closed during Covid, one reason was Bank of America’s delays in handling of our emergency loan (PPP) request. That’s a different story for another time, but the bottom line is that I moved from Bank of America to a credit union (for both business and personal banking). Recently, the credit union attempted to update their online banking. It’s a disaster and customers have been without access to transfers, bill pay, balances, etc for over 2 weeks....

May 27, 2022 · 2 min · Fred Posner

Freeswitch 1.10.7 Released

The major announcement at ClueCon 2021 was the release of FreeSWITCH 1.10.7. Highlights from this release: fixes for security advisories (upgrade today) support for Debian 11 bug fixes etc There’s a great presentation from Sandro Gauci regarding the story behind some of the vulnerabilities he (and his team) discovered/submitted. Included in his story, is one of my favorite moments from Kamailio World. Read More Enable Security: Killing bugs … one vulnerability report at a time Speaker Deck: Sandro’s slides from ClueCon FreeSWITCH 1....

October 29, 2021 · 1 min · Fred Posner

APIBAN Now Has IPset

APIBAN helps prevent unwanted SIP traffic by identifying addresses of known bad actors before they attack your system. Bad actors are collected through globally deployed honeypots and curated by LOD/APIBAN. APIBAN started from discussions at tech conferences (in particular Kamailio World and Astricon). Most of the attendees had seen increases in malicious SIP traffic and we all thought there should be a way to share the active “bad actors.” When I found myself with some downtime, and with the support of LOD, some honeypots were deployed… and API made to share the data, and APIBAN was born....

October 21, 2021 · 2 min · Fred Posner

Handling Non-SIP Attacks With Kamailio

Recently, I posted about using Kamailio’s PIKE module to help block excessive SIP traffic. This is a great tool for helping your system handle high traffic SIP, such as floods. But, what can you do when someone sends garbage or non-SIP traffic to your system? Kamailio’s SIP parser is handled in the core and was recently upgraded in v5.5 with logging improvements, as well as simplified implementation, static map for header name, and type for parsing....

October 1, 2021 · 3 min · Fred Posner

No, You Cannot Scan My ID

[][1]Tell me about you. On a recent trip to Target, I decided to add some compressed air to my cart. Working in electronics, I find compressed air to be almost a necessity. The servers, computers, switches, and other equipment I use routinely need a good “spritz” of compressed air to keep the dust from accumulating. But I digress. When I went to check out, my cashier advised that I needed to scan my ID to purchase the compressed air. Not just show her my ID, but rather have my driver’s license scanned into their register. This of course allows Target to scan, read, and store my personally identifiable information. Although just someone’s full name fulfills the criteria of personally identifiable information, a Driver’s License barcode and/or magnetic stripe contains much more. By scanning the driver’s license, Target retains my full name, date of birth, address, gender, race, driver’s license number, license information (restrictions, endorsements), organ donation, and issue date. First, let’s look at the obvious… ...

March 29, 2010 · 3 min · Fred Posner