VoIPtel Blog

- Positron Telecommunication Systems Inc. announced today that VoIPtel of Norway is an official member of the Positron Partner program and will soon be reselling Positron solutions to the marketplace. This represents the first steps for VoIPtel to resell the powerful and flexible Asterisk based solutions from Positron who offer the first integrated “Blade” solution.

“VoIPtel is an established vendor in the open source marketplace who focuses on efficiency, value and green products,” said Richard McGravie, President of Positron Telecom. “They bring along a lot of experience and knowledge of the VoIP market and will allow us to not only serve Norway but the entire Scandinavian and European market place.”

“At VoIPtel we believe in sourcing and selling only quality products to our customers,” said Jan Bjorkhaug, CEO of VoIPtel. “We were impressed by the hardware build and software quality of the Positron products. Not only have they created interesting products that address the market but they are also correctly priced for the small business, a fact that many vendors miss. The Positron solutions are feature rich and come in many different form factors to address our customers’ needs.”

Positron Telecom has created a partnering program to meet the many needs of the market place. Through innovation, support and sharing of ideas, this program can be profitable and beneficial to all parties. The program is designed to establish distribution and reseller partnerships with independent software vendors (ISVs), systems integrators, consultants and other technology companies. These companies will benefit from integration with, or distribution of, Positron products globally or within a specific territory

Many of today’s telephony solutions were architected over five years ago and struggle to blend within the IP world. Positron Telecom breaks down that barrier. Traditional telephony PBX boards only provide the telephony interface, which have complicated drivers that can have operating system issues and require a complex installation process that is prone to failure. The Positron Telecom solution integrates the PBX, incorporates telephony and IP ports and installs as an Ethernet adapter, which makes its operating system independent, thus requiring no additional drivers.

About VoIPtel
VoIPtel was established as a division of Netsecur a/s in 2005 and became an independent corporation in August 2009 under the name VoIPtel Europe Ltd. The main focus of VoIPtel is Asterisk based products and a series of environmentally friendly PBX’s. Development of an improved firmware for the IP04 open source project by David Rowe was started in November 2007 and became known as the VoIPtel GUI. In December 2008, a new and greatly improved firmware named VoIPtel CE, followed by VoIPtel SE, was launched. This is now the default firmware installed on all IPxx PBX’s at the factory.

VoIPtel is now strongly focused on developing a series of communications appliances called VoIP X, which will be powered by Positron Telecommunications. Based on the 2U and 4U form factor and a capacity of up to 18 Blades, every eventuality is covered. VoIPtel Europe Ltd. is located in Bergen (Norway), Breda (the Netherlands) and London (United Kingdom)

About Positron Telecommunications System Inc.
Positron Telecommunications Systems Inc. creates, develops and markets sophisticated VoIP equipment for enterprise communication and collaboration through communication service providers. The company’s products integrate VoIP and traditional telephony in stand-alone systems that combine ease of use with powerful functionality. Its VoIP devices connect analog devices (telephone, fax and modem) to an IP-Network and gateways; connect PSTN users to an IP Network or analog PBX, as well as Key Systems to an IP-Network.

For more information, please contact:

Mireille Alvo
Marketing Specialist
Positron Inc.
Tel: (514) 345-2220 ext 2906
www.positrontelecom.com

Jan Bjorkhaug
CEO
VoIPtel Europe Ltd.
Tel: (47) 55 69 80 12
www.voiptel-pro.com

Media Contact:
Positron Telecommunication Systems Inc.
Mireille Alvo
514-345-2220

Did you ever wonder when Mark Spencer created his first version of Asterisk? Or the number of people actually contributing code actively to Asterisk, the PBX platform that have had such a great impact on how we communicate not to mention the dwindling prices we pay for the means needed to do this? Some time ago I prepared one of my posts on this Blog, and I spent a considerable amount of time looking for the right answers. No need to do that again, Russel Bryant just gave us the whole story. If you find it interesting please visit his Blog, you find the link at the bottom of this post.

Asterisk trunk is the main development branch for Asterisk. This is where we are preparing the newest changes for the next major release. For example, new features that go into Asterisk trunk today will be first available in Asterisk 1.8 (wait, what?! 1.8?! Yeah, yeah. I’ll get back to that in a bit!) Asterisk trunk stays very busy. Here are some measurements regarding activity in trunk over the last year:

• 2320 commits
• 825 files changed
• 322148 Lines of code added
• 53251 Lines of code removed

A lot of people contribute to Asterisk. Among those writing code for Asterisk, there is a select group that has direct access to make changes to the source (committers). At the beginning of the project, there was effectively one committer, Mark Spencer. As the project has grown, we have worked very hard at scaling our development community such that we can process more code. The number of committers today is over 50 (with the number of contributors much higher than that).

In order to contribute code to Asterisk you will have to sign an agreement with Digium, and so far over 800 people have signed up to contribute to Asterisk over the past couple of years.

The history of Asterisk releases begins 10 years ago. Here are some dates on releases during the first half of the project’s lifetime:

• 0.1 – December 1999
• 0.2 – September 2002
• 0.3 – February 2003
• 0.4 – April 2003
• 0.5 – September 2003
• 0.7 – January 2004
• 0.9 – April 2004

If you’re reading this and have been using Asterisk long enough to remember these releases, cool! That means you were involved in the project longer than me. I got involved in the Asterisk project in the middle of 2004. By the first Astricon in the Fall of 2004, Mark Spencer decided to release Asterisk 1.0 and asked me to maintain it.

• Asterisk 1.0
  • Fall of 2004
  • Regular 1.0.X updates with bug fixes only
  • Eventually went into security only maintenance, and is no longer maintained today

Asterisk development continued and over the next couple of years and we released Asterisk 1.2 and Asterisk 1.4. We made some changes to development processes regarding how and when to port bug fixes and how they were merged between releases. However, the release policies regarding what went into updates and roughly how often they were released didn’t change.

• Asterisk 1.2
  • Released November of 2005
  • Still updated with security fixes only
• Asterisk 1.4
  • Released December of 2006
  • Still fully maintained

Source: Asterisk Project Update @ AstriCon 2009

blockquote>

For the last three years I have been looking for parts, those very special parts that would permit me to built a very special line of PBX’s. My requirements was tough; two basic appliances should cover at least ten different models, the PBX should have the capability of growing more powerful and with more features when the need arise, quality should be as good as the BIG manufacturers, it should be based on Open Source software and last but not least, High Value For Money! Guess what! The first prototype was running this afternoon!

The prototype is a 2U appliance with dual redundant power supplies and with the capacity of 4 PBX Blades and one Server Blade. Each PBX blade has a tested capacity of more than 50 concurrent VoIP calls, and we have Blades with E1/T1, Analogue and BRI technology. The PBX can operate with or without the Server Blade and with any combination of the PBX Blades. And more Blades are currently under development.

The initial release will be with 1 to 4 separate PBX Blades in the 2U cabinet, but we are working on a solution that will make it possible to combine the power of all blades to a whopping 200+ concurrent calls. And this is only the beginning, a 4U appliance with a much higher capacity is in the works as well.

As everybody with children know, finding a good name for the last member of the family is a lot more difficult than the creation itself. But I think we finally got it;
VoIPtel X Series Communication Appliance, or VoIP X for short. Cute name for a great future! ;o)

More info and pictures will be posted in the near future.

We have finally done it! After months of testing we are (almost) ready to launch our initial two phone models! And the heading don’t lie, at least in my opinion they both look and sound just great, and the price is probably better than any other VoIP phone out there, at least those that support both  SIP and IAX2. The only thing remaining is for me to finish writing the manuals, convert them to FLASH paper and post them online.

Our entry level phone is capable of two SIP and one IAX2 line. This is not the phone I would have chosen for a big corporation, but for a small company or a home office it fits the bill perfectly. It should be available from our shop in a week or so, at least if I am able to keep my schedule.

I am pretty sure that the second phone will be the answer to the prayers of a huge number of VoIP integrators. Yeah, I know we have similar phones from all the major brands, but most of them (if any at all) don’t support IAX2. Do I need to mention that the majority of them also carry a much higher price-tag, and I really don’t know too many people who don’t like saving a couple of $$. It comes with or without the sidecar making it a great choice for both the receptionist as well as the office desk.

They are already in stock at our DC in Breda, The Netherlands. Job has just replaced his trusty old SNOM phone with the SOHO model, and so far I have got nothing but positive feedback from him.

We have been using different types of Asterisk based IP PBX’s for almost three years now, and with the exceptions of problems created by our ISP, VoIP provider or our own staff it has been smooth sailing. But just over a week ago I was really %¤##”& off; I was invited to attend a conference with the CEO of a reputable Canadian company and their UK based EMEA manager. Everything was prepared, I dialed the UK number to attend the conference and got busy line! Tried again, same result. OK, breath slowly, I had a US number for the same conference. BUSY LINE! Try again, same result, what the ¤%#& was going on?? A couple of emails later the conference was rescheduled for next day, hopefully the problems with the conference server would be solved by then.

New day, new chances. I dialed the UK number again and got … BUSY LINE! US number, same result! This couldn’t be right, I decided that we better check our own equipment before we attempted to attend the conference once more! A new conference was scheduled after the weekend, at least we would have enough time to find out what was going on.

Bruce logged in to our PBX and checked the config after which he tried to call an international number, do I need to mention that he got busy line? He tried another number watching the progress of the call and discovered that the call appeared to be denied by our VoIP supplier! Strange, to my knowledge all our bills was paid, was there really any reason why a VoIP provider would block international calls from a corporate customer?

We called up their support department and explained the problem, I prefer not to describe my reaction when I was informed that they had indeed blocked our international access! The reason; we were using Asterisk and one of their customers using a very old Asterisk distribution had been hacked and his account abused for more than $30 000. And our provider had forgotten to include a statement leaving the responsibility for such incidents with the subscriber. Needless to say they panicked, closed down international calls for all Asterisk users and “forgot” to inform their customers leaving us all in the dark! It took some time to convince them that our PBX was secure, but finally we were able to get full functionality restored.

I can understand their reaction (no, not their “customer support”, it sucks!), so I have decided to point your attention to a blog post titled Seven Steps to Better SIP Security with Asterisk. Please visit it and read it all, I have only published the seven steps here:

Seven Easy Steps to Better SIP Security on Asterisk:

1) Don’t accept SIP authentication requests from all IP addresses. Use the “permit=” and “deny=” lines in sip.conf to only allow a reasonable subset of IP addresess to reach each listed extension/user in your sip.conf file. Even if you accept inbound calls from “anywhere” (via [default]) don’t let those users reach authenticated elements!

2) Set “alwaysauthreject=yes” in your sip.conf file. This option has been around for a while (since 1.2?) but the default is “no”, which allows extension information leakage. Setting this to “yes” will reject bad authentication requests on valid usernames with the same rejection information as with invalid usernames, denying remote attackers the ability to detect existing extensions with brute-force guessing attacks.

3) Use STRONG passwords for SIP entities. This is probably the most important step you can take. Don’t just concatenate two words together and suffix it with “1″ – if you’ve seen how sophisticated the tools are that guess passwords, you’d understand that trivial obfuscation like that is a minor hinderance to a modern CPU. Use symbols, numbers, and a mix of upper and lowercase letters at least 12 digits long.

4) Block your AMI manager ports. Use “permit=” and “deny=” lines in manager.conf to reduce inbound connections to known hosts only. Use strong passwords here, again at least 12 characters with a complex mix of symbols, numbers, and letters.

5) Allow only one or two calls at a time per SIP entity, where possible. At the worst, limiting your exposure to toll fraud is a wise thing to do. This also limits your exposure when legitimate password holders on your system lose control of their passphrase – writing it on the bottom of the SIP phone, for instance, which I’ve seen.

6) Make your SIP usernames different than your extensions. While it is convenient to have extension “1234″ map to SIP entry “1234″ which is also SIP user “1234″, this is an easy target for attackers to guess SIP authentication names. Use the MAC address of the device, or some sort of combination of a common phrase + extension MD5 hash (example: from a shell prompt, try “md5 -s ThePassword5000″)

7) Ensure your [default] context is secure. Don’t allow unauthenticated callers to reach any contexts that allow toll calls. Permit only a limited number of active calls through your default context (use the “GROUP” function as a counter.) Prohibit unauthenticated calls entirely (if you don’t want them) by setting “allowguest=no” in the [general] part of sip.conf.