///////////////////////////////////////////////////////////////////////////
//
// DNSBL - Spam IP address checker.
// Copyright (C) 2011 Alexey A.Znayev
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see .
//
// Alexey A.Znayev, znaeff@mail.ru, http://xbsoft.org, http://xbsoft.ru
//
///////////////////////////////////////////////////////////////////////////
// This file contains public class DNSBL
// This class performs IP address check in spam blocking lists as described
// on http://ru.wikipedia.org/wiki/RBL
class DNSBL {
private $_aCheckers = array( // list of checkers available for individual checking
'spamhaus' => array('.zen.spamhaus.org', true), //available for group checking with 'all' key
'spamcop' => array('.bl.spamcop.net', true), //available for group checking with 'all' key
'dsbl' => array('.list.dsbl.org', false), //not available for group checking with 'all' key
'ordb' => array('.relays.ordb.org', false), //not available for group checking with 'all' key
'sorbs' => array('.dnsbl.sorbs.net', false), //not available for group checking with 'all' key
'njabl' => array('.dnsbl.njabl.org', false) //not available for group checking with 'all' key
); // AZ - 1. Key 'all' is illegal
// AZ - 2. Most of spammer IP addresses is covered by 'spamhaus' & 'spamcop' (and they are fast),
// some of the rest may not work sometimes, you can make them group checking available after individual testing
private $_sDefaultChecker = 'spamhaus';
///////////////////////////////////////////////////////////////////////////
// CheckSpamIP - check IP for spam in checkers : given, default or all available for group checking (may be slow)
// parameters:
// string $ip - ip address
// string $checker - checker name or 'all' or nothing
// returns:
// true when IP exitsts in spam-lists of $checker or at least one of all checkers
// false when not or when ip address is local or not correct
public function CheckSpamIP($ip, $checker = ''){
if(empty($ip)) return false;
if(preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $ip) != 1) return false;
$octets = explode('.', $ip);
if($octets[0] == '127') return false;
if($octets[0] == '10') return false;
if($octets[0] == '192' && $octets[0] == '168') return false;
if($octets[0] == '169' && $octets[0] == '254') return false; // ms windows
if((int)$octets[0] > 255 || (int)$octets[1] > 255 || (int)$octets[2] > 255 || (int)$octets[3] > 255 ) return false;
$ret_val = false;
$PTR = implode(array_reverse($octets), '.');
if($checker === 'all'){
foreach(array_values($this->_aCheckers) as $c){
if($c[1]){
$ret_val = $ret_val || $this->_CheckDNSAnswer(dns_get_record($PTR . $c[0], DNS_A));
}
if($ret_val) break;
}
}else if(array_key_exists($checker, $this->_aCheckers)){
$ret_val = $this->_CheckDNSAnswer(dns_get_record($PTR . $this->_aCheckers[$checker][0], DNS_A));
}else{
$ret_val = $this->_CheckDNSAnswer(dns_get_record($PTR . $this->_aCheckers[$this->_sDefaultChecker][0], DNS_A));
}
return $ret_val;
}
///////////////////////////////////////////////////////////////////////////
// GetCheckers - gets list of available checker names
// returns:
// array of strings
public function GetCheckers(){
return array_keys($this->_aCheckers);
}
///////////////////////////////////////////////////////////////////////////
// GetGroupCheckers - gets list of checker names available for group checking with 'all' key
// returns:
// array of strings
public function GetGroupCheckers(){
$ret_val = array();
foreach(array_keys($this->_aCheckers) as $k) if($this->_aCheckers[$k][1]) array_push($ret_val, $k);
return $ret_val;
}
///////////////////////////////////////////////////////////////////////////
// GetDefaultChecker - gets default checker name
// returns:
// string
public function GetDefaultChecker(){
return $this->_sDefaultChecker;
}
///////////////////////////////////////////////////////////////////////////
// SetDefaultChecker - sets default checker name
// parameters:
// string $new_checker - new default checker name
// returns:
// true when success
// false when failed ($new_checker is not in the list of available checker names)
public function SetDefaultChecker($new_checker){
if(array_key_exists($new_checker, $this->_aCheckers)){
$this->_sDefaultChecker = $new_checker;
return true;
}else{
return false;
}
}
///////////////////////////////////////////////////////////////////////////
// EnableGroupChecking - sets checker available for group checking
// parameters:
// string $checker - checker name
// returns:
// true when success ($checker is included)
// false when failed ($checker is not in the list of available checker names)
public function EnableGroupChecking($checker){
if(array_key_exists($checker, $this->_aCheckers)){
$this->_aCheckers[$checker][1] = true;
return true;
}else{
return false;
}
}
///////////////////////////////////////////////////////////////////////////
// DisableGroupChecking - sets checker not available for group checking
// parameters:
// string $checker - checker name
// returns:
// true when success ($checker is excluded)
// false when failed ($checker is not in the list of available checker names)
public function DisableGroupChecking($checker){
if(array_key_exists($checker, $this->_aCheckers)){
$this->_aCheckers[$checker][1] = false;
return true;
}else{
return false;
}
}
// private methods
///////////////////////////////////////////////////////////////////////////
// _CheckDNSAnswer - checks DNS-server answer for 127.0.0.* values
// returns:
// true when success
// false when failed
private function _CheckDNSAnswer($dns_answer){
if(!is_array($dns_answer)) return false;
$len = count($dns_answer);
if($len <= 0) return false;
for($i=0; $i<$len; $i++){
$obj = $dns_answer[$i];
if(!(is_object($obj) || is_array($obj))) return false;
$ip_str = $obj['ip'];
if(!is_string($ip_str)) return false;
$pos = strpos($ip_str, '127.0.0.');
if($pos !== false) return true;
}
return false;
}
} // end of class DNSBL
?>
IP Telephony – bits and pieces
https://blog.fabian-affolter.ch
primary Fedora and some negligibilities...hauptsächlich Fedora und ein paar Nebensächlichkeiten...Sun, 24 Sep 2023 10:11:42 +0000en-UShourly1https://wordpress.org/?v=4.9.25Investigating VoIP ressources
https://blog.fabian-affolter.ch/investigating-voip-ressources/
https://blog.fabian-affolter.ch/investigating-voip-ressources/#respondSat, 03 Mar 2012 10:28:11 +0000http://fabian-affolter.ch/blog2/?p=2106Continue reading →]]>Let’s run some test on a VoIP test environments with the tools of SIPvicious. The test setup contains the listed items:
It seams that svmap.py is a bit limited in detecting soft-phone. The client with Empathy was not found with svmap.py.
According to the SIPvicious tutorial the next step is to use svwar.py to identify the extensions.
alpine-sip:~$ svwar.py 10.0.0.10
ERROR:TakeASip:SIP server replied with an authentication request for an unknown extension. Set --force to force a scan.
WARNING:root:found nothing
In both cases the issue seams to be based on "Bad user = SIP/2.0 401". At the moment I have no idea how to by pass this without modifying the source code.
]]>
https://blog.fabian-affolter.ch/investigating-voip-ressources/feed/0nmap scripts for VoIP analyses
https://blog.fabian-affolter.ch/nmap-scripts-for-voip-analyses/
https://blog.fabian-affolter.ch/nmap-scripts-for-voip-analyses/#respondSat, 03 Sep 2011 10:22:56 +0000http://fabian-affolter.ch/blog2/?p=1928Continue reading →]]>The standard installation of nmap on Fedora contains already plenty of scripts which can be used with NSE.
All scripts are located at /usr/share/nmap/scripts.
The first step is to add SIP support for nmap. Switch to the nselib directory and download the dependencies for sip-brute.
cd /usr/share/nmap/nselib
sudo wg et http://nmap.org/svn/nselib/sip.lua
sudo wg et http://nmap.org/svn/nselib/creds.lua
The same with sip-brute but sip-brute goes to another directory.
cd /usr/share/nmap/scripts
sudo wg et http://nmap.org/svn/scripts/sip-brute.nse
The last step is to update the plugin database of nmap.
sudo nmap --script-updatedb
Starting Nmap 5.51 ( http://nmap.org ) at 2011-09-03 10:40 CEST
NSE: Updating rule database.
NSE: Script Database updated successfully.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.35 seconds
Let’s run nmap against the server.
sudo nmap -sU -p 5060 10.0.0.12 --script=sip-brute
Starting Nmap 5.51 ( http://nmap.org ) at 2012-09-03 10:41 CEST
baduser-8402 badpass-3944
Nmap scan report for 10.0.0.12
Host is up (0.0051s latency).
PORT STATE SERVICE
5060/udp open|filtered sip
| sip-brute:
| Accounts
| No valid accounts found
| Statistics
|_ Perfomed 50010 guesses in 187 seconds, average tps: 285
Nmap done: 1 IP address (1 host up) scanned in 187.21 seconds
]]>https://blog.fabian-affolter.ch/nmap-scripts-for-voip-analyses/feed/0Dial pattern in Outbound Route
https://blog.fabian-affolter.ch/dial-pattern-in-outbound-route/
https://blog.fabian-affolter.ch/dial-pattern-in-outbound-route/#respondWed, 22 Jun 2011 21:45:06 +0000http://fabian-affolter.ch/blog2/?p=1865FreePBX can configured to use a dial pattern to select a specific route. Let’s say that you want to select a route with a “9” then the configuration has to look like shown in the image below.
]]>https://blog.fabian-affolter.ch/dial-pattern-in-outbound-route/feed/0Wartemusik bei FreePBX einrichten
https://blog.fabian-affolter.ch/wartemusik-bei-freepbx-einrichten/
https://blog.fabian-affolter.ch/wartemusik-bei-freepbx-einrichten/#respondSat, 12 Feb 2011 11:18:29 +0000http://fabian-affolter.ch/blog2/?p=1668Continue reading →]]>Bei einem Heim- oder SOHO-Telefonsystem ist die Wartemusik sicher nicht die wichtigste Funktion. Wenn aber Anrufer nur Stille wahrnehmen, dann könnte es für sie so wirken, wie wenn die Verbindung getrennt wurde. Bei FreePBX ist bereits standardmässig Wartemusik verfügbar. Es kann jedoch auch eine eigene Sammlung hinzugefügt werden.
Wenn das Module “Music on Hold” verfügbar ist, kann unter “Internal Options & Configuration” und dann über “Music on Hold” eigene Musik-Dateien hinzuzufügt und entfernt werden. Mit Vorteil wird nur Musik verwendet, welche unter einer freien Lizenz steht, sonst muss geklärt werden, ob Abgaben entrichtet werden müssen.
]]>https://blog.fabian-affolter.ch/wartemusik-bei-freepbx-einrichten/feed/0tcpdump für SIP-Verkehr
https://blog.fabian-affolter.ch/tcpdump-fur-sip-verkehr/
https://blog.fabian-affolter.ch/tcpdump-fur-sip-verkehr/#respondThu, 25 Nov 2010 23:00:27 +0000http://fabian-affolter.ch/blog2/?p=1595In einem älteren Posting habe ich die Möglichkeit betrachtet, wie der SIP-Verkehr mit Wireshark aufgezeichnet werden kann. Mit tcpdump kann nur der Verkehr aufgezeichnet werden und später mit Wireshark aufgezeichnet werden.
]]>https://blog.fabian-affolter.ch/tcpdump-fur-sip-verkehr/feed/0E60 und Elastix
https://blog.fabian-affolter.ch/e60-und-elastix/
https://blog.fabian-affolter.ch/e60-und-elastix/#respondTue, 23 Nov 2010 22:30:07 +0000http://fabian-affolter.ch/blog2/?p=1589Damit ich das nächste Mal nicht mehr suchen muss, wenn ich die Konfiguration des E60 gelöscht habe.
Profile name: default
Service profile: IETF
Default access point: Home
Public user name: 2000@192.168.1.2
Use compression: No
Registration: Always on
Use security: No
Proxy server
Proxy server address: 192.168.1.2
Realm: asterisk
User name: 2000
Password: 12345 oder das Passwort
Allow loose routing: Yes
Transport type: UDP
Port: 5060
Registar server
Registrar server address: 192.168.1.2
Realm: -
User name: -
Password: -
Transport type: UDP
Port: 5060
]]>https://blog.fabian-affolter.ch/e60-und-elastix/feed/0Home made headset for a Cisco IP Phone 7960
https://blog.fabian-affolter.ch/home-made-headset-for-a-cisco-ip-phone-7960/
https://blog.fabian-affolter.ch/home-made-headset-for-a-cisco-ip-phone-7960/#respondSun, 21 Nov 2010 09:02:35 +0000http://fabian-affolter.ch/blog2/?p=1587Continue reading →]]>A headset for a Cisco IP Phone 7960 would be nice but those headset are expensive. A home made-one is sufficient for your need. There is a good tutorial available to do it. I do not need a connection box, I just want to attach the headset to the phone.
A headset with 3.5 mm connectors
RJ-10 connector 4-pin/4-pin
3 heat shrink tubes
some tools (Soldering gun, )
10 min
Now plug the headset in your headset jack and you are ready to go. The headset for 8 CHF (6$) wins no beauty contest. The author of this description makes no warranty of any kind. Use at your own risk.
]]>https://blog.fabian-affolter.ch/home-made-headset-for-a-cisco-ip-phone-7960/feed/0Empathy und Fedora Talk
https://blog.fabian-affolter.ch/empathy-und-fedora-talk-2/
https://blog.fabian-affolter.ch/empathy-und-fedora-talk-2/#respondMon, 01 Nov 2010 22:39:03 +0000http://fabian-affolter.ch/blog2/?p=1545Vor wenigen Tage habe ich mich über Empathy und Fedora Talk ausgelassen. Nun eine grössere Aktualisierung später und die Oberfläche von Empathy hat sich ein bisschen geändert.
]]>https://blog.fabian-affolter.ch/empathy-und-fedora-talk-2/feed/0voipgateway.org und Asterisk
https://blog.fabian-affolter.ch/voipgateway-org-und-asterisk/
https://blog.fabian-affolter.ch/voipgateway-org-und-asterisk/#respondSun, 31 Oct 2010 13:19:21 +0000http://fabian-affolter.ch/blog2/?p=1549Continue reading →]]>Mit eine Soft-Phone lässt sich das Freecall-Netzwerk sehr einfach nutzen. Die Einrichtung für eine Soft-PBX ist nicht viel komplizierter.
Folgende Einstellungen funktionieren bei mir ohne nennenswerte Probleme.
]]>https://blog.fabian-affolter.ch/voipgateway-org-und-asterisk/feed/0voipgateway.org
https://blog.fabian-affolter.ch/voipgateway-org/
https://blog.fabian-affolter.ch/voipgateway-org/#respondSun, 31 Oct 2010 10:47:04 +0000http://fabian-affolter.ch/blog2/?p=1551Continue reading →]]>Viele VoIP-Provider in der Schweiz sind dem Freecall Network angeschlossen. Die Konfiguration eines Konto für die mobile Nutzung mit Ekiga, bespielsweise eines von phonestar.ch, ist denkbar einfach.
Der Server ist voipgateway.org, der Benutzername ist die eigenen Telefonnummer und das Passwort. Benutzername und Passwort sollte seit der Anmeldung bekannt sein.