Slightly interested in security?
Do you want to learn more about investigating attacks?
Here is your challenge!
The Honeynet Project has released this years first Scan of the Month challenge! It has many levels and now you can test if you are up to it!
Computerworld in Norway published an article about The Honeynet Project and the Norwegian Honeynet Chapter. This is one of the main tools to learn the tools of how attackers abuse VoIP targets. Her is the Norwegian and English version.
What the heck is the customers Asterisk calling Guatemala about quarter to five in the morning? 1000 calls to Guatemala, but very few actually went through or had any long duration. This was around 11 o’clock in the evening for Guatemala. What was the purpose of this abuse?
It would have been nice to have a tap into this unsecure Asterisk and listen in on the abuse calls. Was this open PBX sold as a gateway to a cash calling card company, or was it used to just free calling for the hacker itself? Ideas and comments are appreciated!
The Norwegian Police are limping after web 2.0 and finally made a website where you can report a crime (only if your wallet, bicycle or mobile phone is stolen). The only stupid thing is that it results in an e-mail sent to another system. But hey, they promise to send a letter in your (snail) mail within 14 days after the report. Great promise when you know only 3% of bicycle thefts are solved.
I think it is great that the police are trying to make it easier for you and me. The only problem is when they also make it easy for the bad guys. The Norwegian police is using the URL to point to graphics and then it is open for you and me to write whatever we want ourselves… great… no wonder this hits the front page on the largest tabloid newspaper (Link in Norwegian).
Browsed through the Internet for the Freedom Fone Project and came over the LinuxMCE. I have been dreaming about a project like this, and was really amazed about the possibilities included already.
They have done a smart thing dividing it up in two parts;
Some of the features:
All these features are knit together into a nice user interface where you only need a remote with three (3) buttons (+ OK and cancel) to operate. And it’s even cooler with a gyro remote control (anyone played with the Nintendo wii??)
What I’m missing for my immediate use:
I have already e-mailed several of my friends who are looking for this and will definely spread the word!
When it is also running on the Asus EEE Top (15,6″ touch screen and can do full HD video) it will be great! Or the even better MSI Wind Top EA 1900 (who makes these names by the way…)
Keep up the good work! The future will be fantastic!
There are not much publicity about this project, so I wanted to explain what it’s all about.The ultimate goal is to make it easy to spread information e.g. people send a SMS and get a call informing them about HIV/AIDS or the weather.
The Freedom Fone is a universal media conveyor, it should take most media input from people (mobile, skype, web, e-mail) and generate output (sms, call, radio, web) in the best possible way.
The limitations are the usual one in Africa. No power, little or no Internet connection, few people to run it, harsh environmental conditions, etc…
Our solution seems easy, but there is some work behind it. Take a standard netbook (asus preferred) and plug in a USB to cellphone (mobigater). Install Ubuntu with Freeswitch and several other tools. Glue it all together with a lot of customization, and BINGO! We have a Freedom Fone Server!
Usage scenarios
An organization wants to spread information about specific topics. We create a SMS word people can send to be called back and informed.
Farmers want to know about the weather and subscribes on a daily or weekly weather forecast.
Ex.pats living abroad wants to help out and makes an informative radio program. This is aired on the local radio station
Others? Please comment!
The snom phone seems to have a built-in brute-force blocker. After a short while it does not even allow me into the web interface. This is a good idea, but can also be misused as a Denial-of-Service (DoS) attack.
Will write more about this phone when I have time.
Just setting up a Cisco UC500 and notice how “old fashioned” the VoIP settings are. The setup still believes that the provider only has one major IP address and one backup. Of course, to have one basic IP address where all traffic is routed to, and make this redudant (through virtual IP or IP take-over), is just fine and will work OK.
The DNS SRV case
If you as a VoIP Service Provider uses DNS SRV, which is designed to give you load sharing and redundancy through DNS, then the Cisco Configuration Assistant misses the point. This assistant, which is almost necessary to get the UC500 unit up and running, does a DNS lookup on the A record and takes this IP into the Access List configuration…. not good… Next time the UC500 registers, it probably uses another server, and the incoming calls are also coming from this. Then the ACL kicks in and blocks the call…
The work-around
For CCA version 1.9 there is an access-list 2 that contains the IP of the SIP server. Expand this list to cover all IP addresses from your VoIP provider. Be careful, since opening this to everybody will open you for both SPiT and possible fraud.
Then GrandCentral has been re-launched as Google Voice.
Look at the interfaces here: or go to www.google.com/voice go get your own account (will be opened for new users within days..)
I’ve heard about the Mikrotik router long before I bought one, and even then it went almost a year before I started playing around with it. Now I’m totally in love, if that is possible! It can do everything!!! EVERYTHING!!
The routerboards are small computers with several networking interfaces, Example the CPU is from 200MHz to 680Mhz and the network interfaces can be up to nine (9) LAN ports built-in and with several possibilities of expanding it further with WLAN on other models. The Mikrotik RouterOS is running on top of this and also works on standard x86 architecture, letting you use it on an existing server!
The routerboards with Mikrotik RouterOS is known for their extreme WLAN! This combination is used in several countries for connecting up rural areas. I’ve seen presentation where it connected two radios 97 kilometers apart on 2.4GHz! Mikrotik has their (proprietary) WLAN protocol with extended timers to allow for extreme ranges. The 802.11 standard would time-out long before the response from the other side.
On the wired side, the Mikrotik supports 10/100 Ethernet and one unit supports 10/100/1000Mbit. I bought a routerboard 450 with five (5) LAN interfaces and I thought that should be enough. Then I discovered all the possibilities with the Mikrotik OS….
They have a recent feature called Ethernet over IP. It sounds slightly stupid, since normally IP is running over Ethernet, not vica versa. But this great feature let’s you bridges two networks (on Layer2) over any IP connection! It allows me to dedicate a port on my local router which logically is on my brothers network 500km away, allowing us to play Xbox directly as we were in the same room and LAN! Perfect! (he has a fiber 10/10Mbit connection, so it is limited to this speed)
The RB450 routerboard
The fifth port is used for sniffing on the interfaces I want to, the fourth is my brothers network (with EoIP), the third is the local LAN, the second is my public network and the first is the WAN interface.. puuhh.. Now I need to order an extra switch so I can trunk several interfaces onto a new switch… (yes, of course the routerboard supports VLAN!)
Besides the EoIP, Mikrotik does PPP, L2TP, PPTP, IPSec and does support a large number of routing protcols (RIP, OSPF, BGP)
