Nosbig.net

Yesterday afternoon, my girlfriend discovered a particularly large volume of voicemails on her phone, after having cleaned out her mail box just 36 hours prior.  She listened to several blank voicemails, as well as one from someone who wanted us to return their call…

I began investigating by looking into the metadata for the voicemails which were left; all were from unusual phone numbers outside of our area code.  My next trip was to the CDR records and my provider’s call history.  These sources showed that over 1000 phone calls were attempted to be connected through our phone system to various communities around the country.  Two patterns emerged while looking at the details of the calls:

• The calls were being generated in a non-sequential pattern; clearly an unscrupulous telemarketer was war-dialing to South Carolina, Michigan, and Virginia.
• All of the outbound calls were originating with my girlfriend’s CallerID.

So, I knew what was going on, but I had yet to determine to how this incident occured.  Further digging revealed that the Linksys ATA being used internally was lagging significantly and intermittently.  It was a moment of epiphany; I understood where the problem was, and I could take action to address it.

Several years ago, I installed an Asterisk server to provide home phone service with a company that provided an IAX trunk.  At the time, all we were using softphones to make and receive calls.  Over time, I upgraded to a Cisco 7940 for myself and an analog cordless phone on a Linksys ATA for my girlfriend.  At the time I installed the ATA, I had not used a significant amount of security of the SIP peer registration, as the network was firewalled from the Internet.

Fast forward to 5 months ago…  I obtained a business phone service through a major provider using SIP.  Due to their configuration, I was required to open the SIP and RTP ports to the general Internet and forward them to my Asterisk server.

Now, we return to the present time.  Several days ago, this telemarketer scanned my router, found open SIP ports, and began to issue a brute-force attack against my Asterisk server.  The telemarketer scanned every possible 3 and 4 digit peer name, was able to find the Linksys ATA’s peer name, and was quickly able to brute-force the password.  With this information, the telemarketer was able to register as that peer and make calls outbound, according to the dialplan configured for my girlfriend.  My Cisco’s peer was not impersonated, but it would not be likely to be responsible for outbound calling due to the unique dialplan I am using.

With the understandng of what has happened, I could work to correct and block the means by which this telemarketer was using my phone system and service:

1. I unloaded chan_iax.so to remove the possibility of additional phone calls being made.
2. I then enabled a moderate amount of security, particularly a random password for each of my SIP devices.
3. Next, I modified my firewall configuration to drop all packets through my router which contained the IP address from which the attack came.
4. I then re-enabled the IAX phone service by reloading the chan_iax.so module.

After the initial security containment, I turned my focus to handling the inbound phone calls being returned based upon the messages left with the various victims around the country.  I recorded an announcement indicating what had happened and that the compromise was taken care of.  Finally, I crafted the dialplan to play this announcement to every caller not from a local phone number.

Overall, this breach was not as extensive as it could have been, but it does illustrate that security must be vigilantly monitored and maintained.  My complacency in the security of my network ultimately led to this incident.  Fortunately, it does not seem to have led to any major financial loss to any party, including myself.

It’s been a while since the event, but I thought I would recommend an event for anyone who enjoys pop culture, classical music, or video games.  Video Games Live came to Columbus back in April.  While I won’t go into a lot of detail about the structure of the show, I will say it was a blast.

For a soundtrack fan like myself, the concert had a great blend of music from the old classics like medleys of the music from the Mario and Zelda series to contemporary classics such as Halo and World of Warcraft.

This show was a bit unique, for me.  First of all, the amazing pianist Martin Leung performed live at the show.  Using the 3-story pipe organ in Mershon Auditorium, he played a suite of music from Castlevania.  For some recorded bits before he began touring with VGL, check out what is available on Google Video.  Notice that he is playing blindfolded to start with.

I would like to go back to the show.  It’s nearest touring to my area is in Fort Wayne in February.

Of course, this isn’t the only concert of its kind.  Other video game concerts have run the world over, but VGL is the biggest domestic concert series.  One of it’s brethren is Distant Worlds: Final Fantasy. While VGL spends time in all sorts of genres of music and games, Distant Worlds is focused specifically on the Final Fantasy series of games. The next concert is in Stockholm Sweden in December.  In the US, the show is coming to Chicago in March.

Both concerts really appeal to me, and I would love to go to both.  We’ll see.  I would need to take a half a day off of work, at least, to get to VGL in Ft. Wayne.  It is on a Friday night, while Distant Worlds is on a Saturday.

What is your favorite soundtrack?  Video game?  Movie?  Would anyone else reading this consider attending a VGL concert?

Well, the absence from this blog has not been without good cause. For the last few months at MCPR, we saw quite a bit interesting happenings, resulting in our being locked out. While this is normally a bad thing, it has been of great benefit to me.

After the closing of MCPR, a group of us entered negotiations with MT Business Technologies, a company whose services are in great demand in the area. After a few short days, we have come to an amicable opportunity. As of today, I have begun working at the company. While I can’t give a lot of detail, for confidentiality reasons, I will say that I am starting by helping the Sales Support staff with their workload, learning to write specifications, scope of work, and other related documents, in MT’s preferred fashion.

I hope to expand into new territories and help the company become even more profitable than it already has become, and I look forward to many years of opportunity to exercise my current and growing skillset.

I have been wanting to start a podcast for a very long time, inspired by what Leo Laporte does with TWiT and with what my parents did educating people. So, I spent some time thinking about a focus for the show and decided to start a podcast for people who are wishing to learn more about Linux. The Linux Enthusiasts’ Podcast recorded its first rehearsal podcast today (yes, on April Fool’s Day) to get a feel for the amount of material to need to fill 30-60 minutes.

For the most part, I would like to spend the time answering anyone’s Linux questions. But I thought I would include some weekly news, and I want to include two applications per week, one graphical and one text-based.

To get help with any conundrums, email len@nosbig.net. I want to hear from people before and during the podcast. I will probably post the rehearsal after I edit it down a little. There were a few spots where my ADD got the best of me and I repeated myself or I had to pause a moment to collect my thoughts. I thought I had prepared sufficiently for this episode, but clearly not.

Over the course of the last few months, I have come across a few projects that I have not taken the opportunity to work on, and I really should. The following projects are on my short list of things to do:

• Obtaining and reflashing a Linksys WRT54G router, either the GL or GS.
• Playing with and/or hacking a LaFonera wireless access point
• Building my power lockout device for my ham radio
• Building a PC for my car with wireless capability for a media center
• Building a decent amateur radio station, including packet station
• Building a podcast station
• Upgrade my radio license to General Class

At some point in the future, I want to do some kind of podcast. But before I would commit to that, I need to find a topic that I can regularly update and contribute. Part of the issue of the lack of updates is the company for which I work. MCPR has me doing some very interesting things, but they are marketable ideas that I have to keep quiet. The only project that I can talk about is our Asterisk dabblings. We are offering the ability to connect analog or IP phones to the system and connect to about any outbound media out there, including SIP trunks.

But much beyond that, I don’t have the ability to talk about the details of what I do at work with the world at large, between protecting our clients’ privacy and not wanting to give any competitors any ideas about our strategy.

My, how the days and months fly by…  Can it really be six months since I wrote my last entry to this blog?

There has been quite a bit of life to have happened in the time I have been away from this site.

First, I moved out of the childhood home into an apartment in a neighboring town… The move has been a positive one overall, but I am learning just how much more work living on my own is.

Second, I have changed employment once again. I would prefer for this to be my last move on that for a while. I left Radio Shack to pursue the opportunity of Geek Squad, and when that didn’t result in what I wanted, I was lucky enough to find my current full time position at Staples.

Third, I have had the joy of knowing a sugar glider or two in my lifetime. A few short weeks ago, Bianca brought home a sugar glider. Sasuke, a young boy, was a happy and healthy glider. About a week later, I brought Sakura, my baby girl, home to be my pet and to breed a couple more gliders with Sasuke. A week and a half ago, we found Sasuke in the bottom of the cage, curled up in a ball. He would occasionally spend time sleeping in the bottom corner of the cage. When we went to nudge him and wake him up, he was stiff. I was a little upset over his absence since then, but Sakura has been bonding quite well with me. Even last night, she took only about three minutes to pop her little head out of her travel pouch and onto my chest. As of tonight, she is no longer with us. Sakura died as mysteriously as her friend. Bianca told me that she had been found on the bottom of the cage, motionless.

I was not too fond of the idea of a sugar glider at first, but they really are cute and social creatures. I hope to get another one day, and I hope to learn more about them so that the new ones can live longer than Sasuke and Sakura did.

Finally, I have a wonderful girlfriend of over one year. She has been able to make me see parts of myself that I would not have noticed otherwise; her many unique faces make me smile, and her warm embrace just makes my day better just knowing she is there.

Lately, my mind has been cluttered and uninspired… a perfect time to dig into the deep recesses of the electronic and real-life desktop for inspiration. While I am still formulating some new ideas, I found an old piece that I had written. The letter was written the evening after the 2004 Presidential election to express my disgust at those events. Rather than reiterate the contents of the letter, you can simply read it for yourself.  If you enjoy this piece, I also wrote about my stance on zero-tolerance policies.
As an aside, I have since reconsidered my political affiliation and happened on the Liberaterian Party.

A good deal of things have been on my mind lately. Some good, some not so good. The hardest thing to deal with sometimes is not having Mom around.

The other night, Dad spent the evening, while I fell unto an unexpected nap, putting up Mom’s tree. I think many people know the type of tree I am talking about; the color-coordinated and meticulously decorated type. While Dad did a good job, it does bring about a reminder as to how that piece of my life is gone forever. Of course, I don’t want the tree to come down.

The holidays were a special time in our house. Lots of time with the family decorating, baking, and talking. Mom always had the house decorated to the hilt; artificial pine garland and ribbon placed on the mantle, as well as her porcelain village sprawled out across the top of the bookcase. As usual, Dad’s collection of Santa figures is on display. On Christmas morning, presents were opened early in the day, before Christmas dinner. Cooking dinner was also a favorite time; tempting aromas wafting through the air as the turkey, stuffing, and the other foods were prepared.

These days, the holidays are different. Less decorations are about, for starters. Christmas dinner is sometimes up in the air as to whether we cook it or whether we join some of our extended family. Gifts are opened at the same time as normal, but there is an open space that used to belong to Mom. It now sits empty, a subconcious tribute to a special woman who touched so many lives.

I don’t want to give the impression that Christmas is bad with just Dad and Adam; just that it is different. I always liked to joke that Mom was our own Martha Stewart; she really was. Dad has placed a lot of the same decorations that we have enjoyed for years, but there is a certain amount of detail or flair that was distinctly Mom’s that is missing.

Before this gets really out of hand, I just wanted to wish everyone a Merry Christmas. While mine will be lightly marred because of one important missing person, I hope to enjoy the company and the time together as much as I possibly can.

I am rather diasppointed that the last few months show no entries. I have not written a great deal, but there was a point where my web host lost the entire server, and my most recent backup of the database did not include those couple of entries.

It has been a very long time since I wrote about the famous “Harry Potter” series. At the time, I had a very vague idea about the original novel and its sequel. Those long-time readers will recognize that my position was that the fantasy and real worlds can and should be seperate. Many people take the opposite position and feel that we have to protect our children from such dangerous thoughts.

Recently, however, I had the opportunity to read the first book. It was a fabulous and engaging read. I don’t plan on waiting in costume at the bookstore for the moment the next book comes out; I do plan on reading each book in the series and perhaps collecting them. My bookshelves are lately a little barren, after a long-overdue clearing.

The parents who think that their children need protecting are very much over-reacting. The series is a light-hearted look into the life of a young boy thrust into a completely new world and flourishing in it. The major theme of the first installment is that of the stuggle between good and evil.

While I doubt I need to provide a basic review of the novel, I will just say that I couldn’t put it down and am looking forward to reading the next in the series, so that I can catch up to the rest of the world.