Open Source Networking

VoIPowering Your Office with Asterisk: Soothing the Savages with Hold Music

Dave Roberts — Tue, 25 Jul 2006 00:27:09 +0000

Carla Schroder tells you how to configure Asterisk with hold music. Via VoIPPlanet: VoIPowering Your Office with Asterisk: Soothing the Savages with Hold Music.

One of the more fun aspects of running an Asterisk server is choosing your own hold music. Hopefully your callers are not sitting on hold for long periods of time, but as long as they are it's nice to give them something pleasant to listen to. It can be music, inspirational speeches, comedy routines—even Internet radio.

Vyatta to take on Cisco and Juniper

Dave Roberts — Tue, 25 Jul 2006 00:24:34 +0000

Vyatta launched the 1.0 version of its Open Flexible Router today. Via Network World: Vyatta to take on Cisco and Juniper.

The OFR software is available for download from the Vyatta Web site at vyatta.com. Vyatta charges for support and maintenance upgrades with a subscription format. The $500 OFR Professional Subscription includes unlimited software updates and online/e-mail access to Vyatta's technical support group for one year. The $650 Enterprise Subscription includes online and phone support.

After an Exploit: mitigation and remediation

Dave Roberts — Mon, 24 Jul 2006 23:10:05 +0000

SecurityFocus talks about getting hacked: After an Exploit: mitigation and remediation. Frankly, the article seems a bit misnamed to me. Ignore the "after an exploit" part. It's really about prevention and mitigation of particular attacks.

As we all know, prevention, detection and response are our three main lines of defence against threats, with a good administrator putting most focus on prevention. As the old adage goes, "an ounce of prevention is worth a pound of cure" - a 1:16 ratio for the metrically inclined - but there's always going to be the odd occasion where prevention fails, either through a lack of time or a mistake in one's security procedure. In this article we describe a few hardening and alerting methods for Unix servers that help block vectors for various attacks, including two web-based application attacks and the brute-forcing of SSH passwords. The article then looks at what an administrator should do post-compromise. These incidents have been drawn from both honeypots and real systems.

Nagios and Oreon installation in Debian

Dave Roberts — Mon, 24 Jul 2006 22:59:44 +0000

Debianhelp has a nice little tutorial on setting up Nagio and Oreon (a Nagios front-end) in (of course) Debian: Nagios and Oreon (Nagios web frontend) installation in Debian.

Top 100 Network Security Tools

Dave Roberts — Fri, 21 Jul 2006 23:34:26 +0000

Insecure.org has once again updated its list of Top 100 Network Security Tools. Leading tools include Nessus, Wireshark, and Snort.

After the tremendously successful 2000 and 2003 security tools surveys, Insecure.Org is delighted to release this 2006 survey. I (Fyodor) asked users from the nmap-hackers mailing list to share their favorite tools, and 3,243 people responded. This allowed me to expand the list to 100 tools, and even subdivide them into categories. Anyone in the security field would be well advised to go over the list and investigate tools they are unfamiliar with. I discovered several powerful new tools this way. I also will be pointing newbies to this site whenever they write me saying “I don't know where to start”.

Sourcefire targets Indian enterprise market

Dave Roberts — Fri, 21 Jul 2006 23:29:00 +0000

Looks like Sourcefire is starting to enter some emerging markets: Sourcefire targets Indian enterprise market.

Sourcefire Inc. international sales vice-president Allen Male said, “This year, and specifically in 2007, we are going to put a lot of focus on the markets in India and China. India specifically is interesting because of the phenomenal growth and increasing maturity of the enterprise IT and network infrastructure. Most enterprises have had firewalls for a couple of years now and they are starting to realize the benefits of intranet and network monitoring and intrusion prevention - precisely the requirement that Sourcefire can best address.”

Iptables-tutorial, version 1.2

Dave Roberts — Thu, 20 Jul 2006 18:42:56 +0000

Oskar Andreasson recently updated his Iptables Tutorial. The version number is now 1.2.

Asterisk IP PBX addresses vulnerabilities

Dave Roberts — Thu, 20 Jul 2006 18:32:07 +0000

Network World has a bit more on the recently announced Asterisk vulnerabilities: Asterisk IP PBX addresses vulnerabilities. Looks like fixes are in place for all the issues, but people should look to upgrade fairly soon.

The two vulnerabilities found by ISS could make the PBX servers based on open source Asterisk code vulnerable to denial of service attacks. Digium, whose products are based on Asterisk, says it will post a warning to its newsgroup today as well as post a warning on its asterisk.org Web site.

NSF Backs Open Source Wireless Mesh Project

Dave Roberts — Thu, 20 Jul 2006 18:19:48 +0000

Via GigaOM: NSF Backs Open Source Wireless Mesh Project. Looks like the CUWIN folks found some grant money. This is good overall for community wireless development and also for open-source networking.

Earthlink and Tropos might be looking to make millions off of muni wireless, but members of the open source community are hard at work trying to make wireless networking free. And they just got some funds to help their cause. Sascha Meinrath, of the Champaign-Urbana Community Wireless Network, CUWIN, just called me this morning to say his open source wireless mesh project received a $500,000 grant from the National Science Foundation. Sascha says he plans to use the money to add staff, scour the globe for open source partners, and boost research and testing.

Secure your network with Snort intrusion prevention techniques

Dave Roberts — Thu, 20 Jul 2006 18:16:31 +0000

TechRepublic has posted a sample chapter from Sams' Intrusion Detection with Snort.

Overview: This sample chapter, taken from Sams' Intrusion Detection with Snort, discusses some advanced concepts in using Snort as an alternative intrusion prevention device.

Learn why Snort IDS is a smart alternative to intrusion prevention. The process of deploying intrusion prevention is lengthier and requires greater attention to detail than installing an IDS. With Snort, a misconfigured option or rule can affect only the performance of the IDS itself. With an intrusion prevention application, a misconfiguration can literally take down your network.

Securing Your Asterisk Server, Part 1 - The Importance of Passwords

Dave Roberts — Wed, 19 Jul 2006 19:28:33 +0000

At LinuxPlanet, the ever-prolific Carla Schroeder tells us how to help lock down Asterisk: Securing Your Asterisk Server, Part 1 - The Importance of Passwords.

Asterisk@Home ships with a bunch of default passwords that many people know. Moreover, it sends server administration traffic in the clear, rather than over HTTPS. This means that anyone on your local network could easily sniff out all those passwords after you go to the trouble of changing them. OpenSSH should be configured to use RSA key pairs instead of the root system login, which is both more secure and more convenient. Today's and next week's installments will tell all about how to do these things. Disconnect your Asterisk server from the network, and away we go.

Hyperic tries open-source management | Tech News on ZDNet

Dave Roberts — Tue, 18 Jul 2006 15:27:42 +0000

Via ZDNet: Hyperic tries open-source management.

Start-up Hyperic launched an open-source project on Monday around its namesake software, looking to shake up enterprise management software with a low-cost product and an open-source business model.

I hadn't heard of Hyperic before this, but the software sounds interesting. The number of open-source management tools is beginning to expand greatly. It isn't quite clear whether Hyperic is complementary to the existing options or further competition/fragmentation.

SmokePing Adds Great Latency Measurement to the Open Source Monitoring Equation

Dave Roberts — Tue, 18 Jul 2006 15:23:22 +0000

Via InfoWorld: SmokePing Adds Great Latency Measurement to the Open Source Monitoring Equation.

A few months ago, I wrote about Tobias Oetiker's MRTG and RRDTool services -- which are really leading the charge in collecting / visualizing network monitoring data.

Another tool by Oetiker and his colleagues that's seeing a lot of traction these days is SmokePing, a latency measurement tool that uses RRDtool as the database and graphing back-end.

VoIPowering Your Office with Asterisk: SOHO VoIP

Dave Roberts — Tue, 18 Jul 2006 15:20:40 +0000

From VoIP Planet: VoIPowering Your Office with Asterisk: SOHO VoIP.

Today's exciting installment shows how to have both old-fashioned analog phone service and VoIP on the same local network, for small shops with fewer than ten analog phone lines. Scenario: you want to keep your existing analog lines, add VoIP, use Asterisk for your PBX, and have a reasonable upgrade path for future changes and additions.

Asterisk VoIP platform open to DDoS attacks, security firm says - Network World

Dave Roberts — Tue, 18 Jul 2006 14:57:51 +0000

From Network World: Asterisk VoIP platform open to DDoS attacks, security firm says.

...A vulnerability in the Inter-Asterisk eXchange protocol version 2 (IAX2) — used by Asterisk servers to set up and manage calls — could be used to flood an Asterisk IP PBX with bogus calls and make the phone system unavailable, according to the Internet Security Systems (ISS) X-Force Threat Analysis Service, which discovered the bug.