Asterisk: Receiving Incoming SMS On Analog or ISDN Landline

The way to tell if an incoming call is an SMS call or a voice call when receiving incoming SMS on an Analog or ISDN line in Asterisk is by reading the callerid.

Normally there is only one Short Message Service Center (SMS Center) which can send you SMS on a fixed line. By looking at its callerId you can know if it is an SMS call.

In the mobile world, nevertheless, we can not consider an SMS as a call, and the cellphone won’t send a SMS directly to the landline phone. What it will do is to hand the SMS to the carrier used by the mobile SMSC, which then will hand it over the SMSC used by the landline carrier.

Asterisk: Manager User Dialplan Permission Escalation

There was an  Asterisk Manager User Dialplan Permission Escalation vulnerability reported by Matt Jordan about Asterisk PBX. This permission escalation bug which made it possible to compromise remote authenticated sessions was considered as a minor severity vulnerability.

Protocols such as the Asterisk Manager Interface, which offer external control, are often able to set and get channel variables which allows the execution of dialplan functions.

We all know of the power of dialplan functions inside Asterisk. Is that power which allows us to build a plethora of Asterisk based applications. When some functions that are allowed to do more (e.g. execute commands, change files, etc.) are executed from an external protocol, the execution could lead to non desirable results, as a privilege escalation.

Asterisk can now inhibit the execution of these functions from external interfaces such as AMI, if live_dangerously in the [options] section of asterisk.conf is set to no. For backwards compatibility, live_dangerously defaults to yes, and must be explicitly set to no to enable this privilege escalation protection.

Asterisk: How To Create A coredump

In order to create a coredump in Asterisk you must compile it with “DEBUG_THREADS” and “DONT_OPTIMIZE” options turned on, remember to start it with:

# /bin/bash /usr/sbin/safe_asterisk

Se the Asterisk start script coredump-dir (DUMPDROP) as you prefer (the default is /tmp).

Now, send a kill -6 signal to the Asterisk process. That should produce a coredump. Don’t forget to read doc/backtrace.txt

Thanks for reading.

 

Asterisk: Monitoring Your E1 or T1 With Nagios

E1 monitoring/T1 monitoring is a need that we have on a daily basis because the client’s business depends on it. Here you have an interesting script in PERL that will allow you to monitor your E1/T1 with Nagios. Passing the name of the port as an argument will allow you to use it even if it is not yet connected to a telco. Using the Nagios Remote Plugin Executor on the Asterisk server you can execute it. Additionally, it will report bad ports to you in order to avoid the guessing process.

 E1/T1 monitoring script in Asterisk

(more…)

Asterisk VoIP Software 12.0.0-beta2 Now Available!

The Asterisk Development Team is pleased to announce the second beta release of Asterisk 12.0.0. You can immediately download this release at http://downloads.asterisk.org/pub/telephony/asterisk/releases

We strongly encourage all interested Asterisk users to participate throughout the testing process. For any issues you might find, please use the issue tracker to report it: https://issues.asterisk.org/jira. We would like you to come to the #asterisk-bugs channel in order to help communicating issues you found. Also, it is also very useful to see successful test reports. You can use the asterisk-dev mailing list for that (http://lists.digium.com).

The next major release in the series of our favorite VoIP software will be Asterisk 12, which will be a Standard release just like it was Asterisk 10.

There are many new features included in this version of Asterisk, besides of a long list of improvements. Just to mention some of them:

  • A new SIP channel driver and accompanying SIP stack named chan_pjsip has been added.
  • The Asterisk REST Interface (ARI) has been added.
  • Major standardization of the Asterisk Manager Interface and its events have occurred within this version.
  • All bridging within Asterisk is now performed using the Asterisk Bridging API, which previously was only used by the ConfBridge application.

And the list continues. For information about the new features, please visit the Asterisk wiki: https://wiki.asterisk.org/wiki/display/AST/Asterisk+12+Documentation

Thank you for your continued support of Asterisk!

Asterisk 11.5.0 Now Available

The Asterisk Development Team has announced the release of Asterisk 11.5.0. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk

The release of Asterisk 11.5.0 resolves several issues reported by the community and would have not been possible without your participation. Thank you!

For a full list of changes in this release, please see the ChangeLog:

http://downloads.asterisk.org/pub/telephony/asterisk/ChangeLog-11.5.0

Thank you for your continued support of Asterisk!