Ubuntu 9.10 + Asterisk + Asterisk-GUI Installation

Software used:
  • Ubuntu 9.10 Karmic
  • Asterisk 1.4.30-rc2
  • libpri
  • dahdi drivers/tools 2.2.1
  • asterisk-gui 2.0
I settled for a 1.4 asterisk instead of 1.6 because I was having issues making asterisk-gui work with asterisk.

Now for the steps:

1. Install necessary prerequisites

sudo apt-get install linux-headers-$(uname -r) build-essential autoconf automake autotools-dev bison flex libncurses5-dev libssl-dev libtool subversion svn-buildpackage libxml2-dev
and create working folder
sudo mkdir /usr/src/asterisk
sudo cd /usr/src/asterisk

2. Download necessary files
sudo wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-1.4.30-rc2.tar.gz
sudo wget http://downloads.asterisk.org/pub/telephony/libpri/releases/libpri-
sudo wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/releases/dahdi-linux-complete-2.2.1+2.2.1.tar.gz
sudo svn co http://svn.digium.com/svn/asterisk-gui/branches/2.0 asterisk-gui

3. Unpack the packages
sudo tar -xvf asterisk-1.4.30-rc2.tar.gz
sudo tar -xvf libpri-
sudo tar -xvf dahdi-linux-complete-2.2.1+2.2.1.tar.gz

4. Install libpri
cd libpri-
sudo make clean
sudo make
sudo make install

5. Install dahdi-linux
cd ..
cd dahdi-linux-complete-2.2.1+2.2.1
sudo make
sudo make install

6. Asterisk
cd ..
cd asterisk-1.4.30-rc2
sudo make clean
sudo ./configure
sudo make install
sudo make samples
sudo make config

7. Now for the web interface, Asterisk-GUI
cd ../asterisk-gui
sudo make clean
sudo ./configure
sudo make
sudo make install

8. Before you can finally use the web interface, you need to make some minor configuration.
sudo vim /etc/asterisk/http.conf

and make the following changes:

bindaddr= or your IP Server

9. Add the manager account
sudo vi /etc/asterisk/manager.conf

and make the following changes

enabled = yes
webenabled = yes
port = 5038
bindaddr = or your IP Server

at the bottom of the file, add the following config:

secret = yourpassword
read = system,call,log,verbose,command,agent,user,config
write = system,call,log,verbose,command,agent,config

10. Open the web interface at

System Status

Add/Edit User

Windows 2003 RAID1 mini HOW TO (recovering from a failed drive) - Part 2

Recovering from a failed drive is simple. You just have to remove the mirror and add a mirror to the new drive.

Recovering from a failed secondary drive

1. In Disk Management, right click your first partition and choose Remove Mirror...

2. Do the same to other partitions.

3. Now, with the new drive in place, build the new mirror as described in the first part of this how to.

Recovering from a failed primary drive

You need to get your hands dirty a bit.

1. Open up your server's casing and remove the failed drive (primary disk)

2. Move the second drive to the first SATA/IDE port (where the primary drive was previously connected)

3. Start up the server, boot normally. Disk Management will look something like this:
Notice the Missing status on the mirror drive. We removed the mirror and moved it to become the primary drive. Thus, the missing status.

4. Right click on the first partition in Disk 0 and choose Remove Mirror...

Do the same to other partitions.

5. The following prompt may appear because the mirror drive is missing. It is safe to just click OK.

6. Disk Management should look something like this.

7. You can now proceed to Adding a mirror as described in the first part of this how to.

Windows 2003 RAID1 mini HOW TO - Part 1

This step-by-step article describes how to mirror the system and boot partition in Windows Server 2003. This scenario is based on the assumption that the system and boot files are located on disk 0 and that disk 1 is unallocated space.

First some definition:

RAID 1 mirroring is an arrangement of hard disks that creates an exact copy (or mirror) of a set of data on two or more disks. This is useful when read performance or reliability are more important than data storage capacity.

  • At least two hard-disk drives; IDE, small computer system interface (SCSI), or mixed architecture is permissible.
  • The second drive must be at least the size of the volume on which the operating system boot and system files reside to permit mirroring.
  • The Windows Server 2003 system and boot files must reside on the same volume to be mirrored.


  • To add a mirror to the primary drive for redundancy so that when either of the drive fails, quick recovery can be done.

There are two parts in this process -- Converting your Disks to Dynamic Disks and Adding the Actual Mirror.

Converting to Dynamic Disks


1. Right click on My Computer on your desktop and click Manage. Under Storage, click Disk Management.

2. Right click on Disk0 and choose Convert to Dynamic Disk...

3. Tick Disk0 and Disk1 and click OK.

4. Review the disks to be converted, click Convert to proceed.

5. The next menu is a warning that other operating systems installed on any volumes on any disks can no longer start. Make sure that you are not dual booting other operating systems. Click Yes to proceed.

6. Now for the final confirmation. Click Yes to proceed.

7. Click OK when prompted. This will restart your server.

8. At this point, new drivers where installed to support the dynamic disks. You will now be prompted to restart - AGAIN.

9. That completes the process of converting to dynamic disks. You can now proceed to adding actual mirror.

Adding the Mirror

On my primary drive, I have setup pre-setup two partitions. One for the operating system and program files and another for my data. We are going to mirror both.

1. Go to Disk Management as described in the previous process.

2. Right click on the first partition and click Add Mirror..

3. Select the second drive (Disk 1), then click Add Mirror.

4. The partition will now sync to the second drive. Notice that the mirrored partition will now be color coded. It will look something like this.

5. Repeat the same step to the second partition.

When the sync-ing process is done. You now have a RAID 1 system when means, you have 1 parity. Your data is safe even if 1 drive fails.

Part 2 of this mini HOW TO will discuss on how to recover from a failed drive.


Untangle UTM IPS Update Script

This script will generate an .sql file from emergingthreats.net ready for dumping to Untangle Postgres database. Although this script may not be needed as Untangle will auto-update itself, but for those who want to be cutting-edge, this script is for you. You will have to manually update the table by:

psql -e -f newrules.sql uvm postgres

Now for the script:

#! /bin/bash
# John Homer H Alvero
# Feb 13, 2010

# Change to working directory
cd /root/emergingthreats



/usr/bin/wget http://www.emergingthreats.net/version.txt

if [ "$?" -ne "0"  ];  then
  # failed download - abort run

exec < version.txt

exec < oldversion.txt

if [ ${CURRENTVERSION} -eq ${OLDVERSION} ];  then 
    echo "same release available - checking next for updates to exceptions"
    rm -f version.txt* 


  echo "new version available"

  rm -f $RULEFILE
  /usr/bin/wget http://www.emergingthreats.net/rules/$RULEFILE

  if [ "$?" -ne "0"  ];  then
    echo "failed retrieve of new files - exiting"
    exit 3

  mv version.txt oldversion.txt
  rm -f version.txt* 

  # Process file now

  echo "delete from n_ips_rule where Category = 'EmergingThreat';">newrules.sql
  RACK=( )
  DATA=`psql -c "SELECT settings_id from n_ips_settings;" uvm postgres`  
  for d in $DATA
    if [ -z "$(echo  "$d"                |\
      sed 's/[0-9]//g;s/[0-9]//g;s/\.//'  \
        )" ] ; then 
      RACK=`echo " $RACK $d" `


  exec <$RULEFILE
  while read RULES
    CHAR1=`echo $RULES|awk '{print substr($0,1,1)}'`
    WORD1=`echo $RULES|awk '{print $1}'`
    if [ "$CHAR1" = "#" ]; then
      DESCRIPTION=`echo $RULES|awk '{gsub(/\047/,"");print substr($0,1,60)}'`
    elif [ "$WORD1" = "alert" ]; then

      RULE=`echo -e $RULES|awk '{sub(/alert /,"");gsub(/\047/,"");print}'`

      SID=`echo $RULES|awk '{FS=";";;print $(NF-1)}'|awk '{sub(/sid:/,"");sub(/;/,"");print $0}'`

      for r in $RACK
        echo -e "INSERT INTO n_ips_rule (rule_id, rule, sid, name, category, description, live, alert, log, settings_id)" \
         " VALUES ( $CUSTOMSID, \047$RULE\047,  $SID , \047$NAME\047, \047$CATEGORY\047," \
         " \047$DESCRIPTION\047, \047$LIVE\047, \047$ALERT\047, \047$LOGGING\047, \047" \
         "$r\047);"     >>newrules.sql


echo "Done generating SQL"
echo "Load SQL with psql -e -f newrules.sql uvm postgres"
You can also view the file from here.

e-RPTS RFI Vulnerability

About E-RPTS

(from the website)
An Open Source solution for Real Property Taxation in the Philippines

Part of the eLGU-eGOV set of packages developed by NCC for Local Government Units(LGU), e.g. municipalities. Other eLGU packages are eBPLS (Business Permits & Licensing) and eTOMS (Treasury Operations Management).

eRPTS web- and GIS-ready application that maintains a database of properties and owners for LGUs that is consistent with the Provincial & National government standards. It also generates reports that allows LGUs to improve their monitoring of compliance and revenue generation.

This is a critical vulnerability since the software is being implmented on each of Philippine government's Local Government Units and could expose sensitive data such as tax records and other business related details.

The vulnerability

in the file:


line 20: require($_PHPLIB["libdir"] . "common.inc");
line 21: require($_PHPLIB["libdir"] . "constants.php");
line 22: require($_PHPLIB["libdir"] . "setup.inc");
line 23: require($_PHPLIB["libdir"] . "session.inc");
line 24: require($_PHPLIB["libdir"] . "auth.inc");
line 25: require($_PHPLIB["libdir"] . "perm.inc");
line 26: require($_PHPLIB["libdir"] . "db_mysql.inc");
line 27: require($_PHPLIB["libdir"] . "tr_rpts.inc");
line 28: require($_PHPLIB["libdir"] . "ct_split_mysql.inc");
line 29: require($_PHPLIB["libdir"] . "page.inc");
line 30: require($_PHPLIB["libdir"] . "template.inc");

This code is vulnerable to Remote File Include vulnerability by going to


For this vulnerability to work, register_globals must be set to on and allow_URL_fopen set to on.


You should disable allow_url_fopen in the php.ini file:

allow_url_fopen = 'off'

The setting can also be disabled in apache's httpd.conf file:

php_flag  allow_url_fopen  off

This is actually an old PHPLIB vulnerability found here [1]. Unfortunately, developers of E-RPTS failed to update to the latest PHPLIB version.

Bug Discovered by:
John Homer Alvero


Cisco Router Provider / Subscriber Configuration

Configuration sample for Cisco networking. One end is the provider and another end is a subscriber. The provider's end is using a Cisco 2651XM while the subscriber's end is using a Cisco 805 router.

First, configuration of the provider's side:

Current configuration : 3467 bytes
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname CiscoHost
enable secret 5 $1$JGXe$Y2vHtRP89namalZbyeMG./
enable password 7 104D010A0618
username root password 7 0449030F15400D1A5A
ip subnet-zero
no ip domain-lookup
ip name-server
ip name-server
interface FastEthernet0/0
 description connected to EthernetLAN
 ip address x.x.x.197
 duplex auto
 speed auto
interface Serial0/0
 no ip address
 encapsulation frame-relay IETF
 frame-relay lmi-type ansi
interface Serial0/0.200 point-to-point
 description Link to upstream provider
 bandwidth 2048
 ip address x.x.x.2
 frame-relay interface-dlci 200 IETF
interface Serial0/0.201 point-to-point
 description frame-relay to Site1
 ip address
 frame-relay interface-dlci 201 IETF
interface Serial0/0.205 point-to-point
 description frame-relay to Site2
 ip address
 frame-relay interface-dlci 205 IETF
interface FastEthernet0/1
 no ip address 
interface Serial0/1
 no ip address
 description This interface is for another carrier's backhaul
 encapsulation frame-relay IETF
 frame-relay lmi-type ansi
interface Serial0/1.25 point-to-point
 description frame-relay link to Site3
 ip address
 frame-relay interface-dlci 25 IETF
interface Serial0/1.30 point-to-point
 description frame-relay link to Site4
 ip address
 frame-relay interface-dlci 30 IETF
ip classless
ip route
ip route x.x.x.224
ip route x.x.x.232
ip route x.x.x.240
ip route x.x.x.248
ip route x.x.x.0
ip route x.x.x.8
ip route x.x.x.16
ip route x.x.x.24
no ip http server
ip pim bidir-enable

line con 0
 exec-timeout 0 0
 password 7 1511021A0725
line aux 0
line vty 0 4
 exec-timeout 0 0
 password 7 02050D300809
 login authentication local

Now for the subcriber's configuration:
Using 1540 out of 32762 bytes
version 11.2
no service password-encryption
service udp-small-servers
service tcp-small-servers
hostname Site1
enable secret 5 $1$38vT$uCzNqai0a69mBYhyadqnS/
enable password secretpassword
interface Ethernet0
 ip address x.x.x.17
 no ip route-cache
 no ip mroute-cache
interface Serial0
 no ip address
 encapsulation frame-relay IETF
 frame-relay lmi-type ansi
interface Serial0.100 point-to-point
 description frame-relay link to Upstream provider
 ip address
 frame-relay interface-dlci 200 IETF
interface Serial1
no ip classless
ip route
line con 0
 exec-timeout 2 0
 password secretpassword
line aux 0
 password secretpassword
 transport input all
line vty 0 4
 password secretpassword

Note that your frame-relay provider will be the one to assign the DLCI. Take note of the DLCI as this is an important key in the configuration. This guide should ONLY provide as guide. Make necessary changes based on your requirements.

FreeBSD PF Script

Sample pf script for FreeBSD. This is what i used and it worked for me. WMMV

#! /bin/sh

/sbin/ipfw -f flush

# Block an IP address from connecting to external hosts/servers
/sbin/ipfw add deny tcp from to any 

# Redirect port all http traffic to a local proxy server
/sbin/ipfw add fwd [ip.address.of.proxy],3128 tcp from any to any 80

/sbin/ipfw add divert natd all from any to any via dc0 

# Some traffic shapping
ipfw add pipe 2 ip from any to
ipfw pipe 2 config bw 33Kbit/s

ipfw add pipe 3 ip from any to
ipfw pipe 3 config bw 512Kbit/s

/sbin/ipfw add pass all from any to any


WiFi Calc is a link budget calculator. It will enable you to determine the correct antenna gain, radio power and distance for a point-to-point wireless link.

Usage is straight forward. Just input the antenna gain, radio power in dB and distance in kms. and it will compute the signal for each end of the link.

The required signal on each end of the link depends on the receive sensitivity (for a required link speed) of the radio equipment you are using. This information can be found on your radio equipment's datasheet.

RFIScan - a Remote File Include Vulnerability Scanner

I wrote a perl script to find for RFI vulnerabilities in PHP scripts. It takes a folder name as paramater. The script will scan the specified folder and its sub-folders recursively.

usage: ./scan /var/www/html/

# PHP RFI Vulnerability Scanner
# John Homer H Alvero
# Feb. 1, 2010

my $file = '';
my @filelist = ();
my $txt_folder = $ARGV[0] . '/';
my $check_declarations = 1;
my $found = 0;


if ($found) {
        print "RFI Vulnerability Found!\n";
} else {
        print "No vulnerability found\n";

# SUB(s)

sub check_folders {
   my($dir) = @_;
   local (*FOLDER);
   my @fileVars = ();
   my $lineVar;

   my(@subfiles, $file, $specfile);
   opendir(FOLDER, $dir) or die "cannot open $dir";

   print "opening folder $dir \n";

   @subfiles = readdir(FOLDER);

   foreach $file (@subfiles) {
      $specfile = $dir .  $file;
      if (-f $specfile && $file =~ m/\S+\.php/) {

      open FILE, "<", $specfile or die $!;
      my $line_ctr = 0;
      print "in file $specfile\n";
      while (< FILE >) {
         if ($_ =~ m/^(\s|\t)*(include|include\_once|require|require\_once)\s*\(?\s*\$\w*\s*\)?/) {

            my ($line1,$line2,$line3) = $_ =~ m/^(\s|\t)*(include|include\_once|require|require\_once)\s*\(?\s*(\$\w+)\s*\)?/;

            if ($check_declarations) {
              if (!(chomp($line2) !~ @fileVars)) {
                print "Line No: $line_ctr $_";
                $found = 1;

            } else {
                print "Line No: $line_ctr $_";
                $found = 1;

         if ($_ =~ m/^(\s*\$\S*\s*\=\s*)/i) {
            my ($lineVar) = $_ =~ m/^(\s*\$\S*)/i;
      @fileVars = ();
      } elsif (-d $specfile) {
        if ($specfile !~ m/\S+\.$/) {
         &check_folders($specfile . "\/");