The Palner Group, Inc.

Kamailio, Asterisk, VoIP, and IT Consulting

Tag: kamailio

Fortune 25 Open Source Telephony

Open source telephony, such as Kamailio, Asterisk, and FreeSWITCH provide any company the ability to control their communications. This statement holds true whether you happen to be a small, family business or one of the most successful companies in the world.

Today LOD Communications, Inc. began work on a new 1-year contract with a Fortune 25 company to provide communications systems design, consulting, and technical support services (NDA prevents disclosing name) utilizing open source software.

Regardless of size, every company can benefit from using software such as Kamailio. For more information on how The Palner Group and LOD can assist you, please give us a call at +1 (212) 937-7844.

CSRP: High Performance Kamailio Tuning

Our friends at CSRP have written a great discussion on high performance turning for Kamailio.

When you’re running decent call volume, tuning Kamailio for high throughput and high performance is essential to success.

We’ve often recommended the CSRP solution, and this article is a great reason why we continue to so.

Tuning Kamailio for High Performance and High Throughput (CSRP)

Palner Group, Asterisk World, ITEXPO

Join Fred Posner, Director of The Palner Group, Inc., in Fort Lauderdale as he presents Expanding Asterisk with Kamailio at the 2016 Asterisk World.

Held in beautiful Fort Lauderdale, Florida, Asterisk World at ITEXPO showcases Asterisk (the open source pbx) and how it can assist your company with telecommunications.

Fred Posner, a Kamailio/Asterisk consultant, has more than ten years experience with both Kamailio and Asterisk; working to assist companies worldwide with their communication needs.

From call centers to business phone systems, both Asterisk and Kamailio provide an incredible opportunity for your company to remain competitive in today’s market without being tied into arbitrary licensing systems and fees.

For more information, please see Fred at Asterisk World or contact us today.

Why Fred Loves Kamailio

At The Palner Group, we specialize in deploying open source VoIP solutions. Kamailio SIP Server is one of the greatest tools in our possession. Our customers love the product, and more importantly, Kamilio based solutions are reliable and affordable.

Recently, Fred Posner (Director of The Palner Group), penned Why I Love Kamailio on his personal blog.

It’s a great read — of course, we may be biased.

Kamailio Behind NAT

Fred Posner wrote this article describing running Kamailio behind NAT. Printed with permission.

After returning home from AstriCon 10, I decided to start-up a new server and see how long it would take me to run a working Kamailio server behind NAT (on a private IP). Bottom line? About 30 minutes.

I was lucky to help staff the Kamailio booth this year and was honored to help so many other VoIP professionals (and enthusiasts) with their questions about Kamailio, so without further ado… Continue reading

Explaining Sip Brute Force Attacks to Non-Techs

Today we received a call from a federal employee investigating a “hack” on a client’s system. Basically, the client suffered a SIP Brute Force attack on their elastix system. Besides the shock of a call from the feds (why did they ignore those Amazon attacks?), the realization of explaining a sip attack to someone not familiar with SIP, telephony, networking, or servers posed a little challenge.

So, how do we start?

First step: We will no longer use the words SIP, Brute, Force, and Attack. =)

What we’re talking about is a scheme to make expensive calls through your phone system. Of course, this isn’t true for all scenarios, but the vast majority simply want to make expensive calls on your dime.

How does it work?

The bad guys trick your phone system into thinking they are a valid user.

How can they do that?

When phones connect to your phone system, the system replies with different messages. Based on those messages, the bad guys can figure out phone names. Think of your phone system as the receptionist. An attempt might be similar to…

Bad Guy: “Hi, is Alice there?”
Receptionist: “No, there is no Alice here. You have the wrong number.”
Bad Guy: “Hi, is Bob there?”
Receptionist: “Yes, who may I say is calling?”

Basically, there’s a different response based on if that person exists in the company. Same thing with the phones. Once the Bad Guys find out phone names, they then use their computers to crack the phone password.

Once the password is detected, they connect their phone to your system and begin making calls.

What can I do to stop this?

If the person in charge of your phone system doesn’t understand what this attack is, you need to hire a consultant to help you and/or train your administrator. If you or your administrator understand this attack, then you need to make sure you are following the best practices for SIP security (here’s a good link for asterisk best practices).

If you’re running asterisk, you might wish to install a script that checks for attacks and blocks those connections.

Even better… consider Kamailio.

Kamailio (pronounced KAMA-ILLY-OH) is an open-source SIP proxy, registrar, application that is extremely robust and powerful. The software includes anti-flood features that really help protect your system and truly helps to minimize these annoying attacks.

Remember, the Internet is like a big city. Sure there’s great museums and entertainment, but there’s also bad, bad places filled with bad, bad people. If you’re going to leave your BMW unlocked in Hell’s Kitchen, don’t be surprised when it’s been taken around the block a few times.