Pika µFirewall SIP firewall review

A new way to secure your IP-PBX Recently introduced by the well-established Canadian telecoms manufacturer Pika Technologies, the Pika µFirewall offers a novel way to make your Asterisk (or any other SIP-based PBX) more secure. The best way to describe it is as a “SIP Firewall”, but unlike conventional network firewalls, installation is very simple … Read more…

Setting up shared voicemail on Asterisk – part 2

Part 1 laid the foundations for creating and accessing a shared voicemail box. In this, part 2, I explain how the lamp on the BLF key is switched on and off to show there are messages waiting in the shared box. Note that this is separate from any existing MWI lamp used for personal voicemail. … Read more…

Setting up shared voicemail on Asterisk – part 1

It’s a requirement that people often seem to ask for – a single voicemail box, taking messages for a department, that can be easily monitored and accessed by several different users. A typical application would be to record out-of-hours messages which are then checked in the morning by any of a number of users, perhaps just depending who … Read more…

Using Custom Device States to control BLF lamps

Do you want to know how to use a custom device state to control the lamp on a programmable key of an IP phone? In this article I explain how to set up the hints and make any number of IP phones subscribe to a custom device state and how to switch the custom status from within the Asterisk dial plan. … Read more…

When friendly-scanner gets aggressive

Not so friendly after all In my October 2010 articles about Asterisk IP-PBX security (linked here), I described how port scanning probes from the so-called “friendly-scanner” could be seen several times a day on a typical SIP server exposed to the Internet. Since then, I – or at least one of my clients – had the displeasure … Read more…

How secure is your Asterisk PBX? – part 3

Getting more advanced In part 2, we looked at several ways in which an Asterisk system administrator can help to make their system more secure, with special emphasis on avoidance of toll fraud. In this, the third and final article in the series, I will pick up on a topic that was left unfinished at the … Read more…

How secure is your Asterisk PBX? – part 2

Protecting your Asterisk server In part 1, we examined the techniques that are used to probe for vulnerabilities in a SIP server and reviewed the types of exploitation a would-be hacker hopes to use. In this second part, I look at the ways you can protect your Asterisk or other SIP server and guard against weaknesses that could … Read more…

How secure is your Asterisk PBX? – part 1

A growing problem Like a slice of Victoria sponge cake on a summers day attracts wasps, so new technologies seem to attract the attention of cyber-criminals. The more widely used the technology, the greater the interest. It was inevitable, and widely predicted, that VoIP would become a favorite target for hackers as its popularity and uptake increased … Read more…

IP Phone Configuration: User Account Settings

Manufacturers different naming conventions While SIP is an industry standard protocol, the names assigned to the configuration fields on an IP phone are far from standardised. The tables below show the text labels that you can expect to see on the web interface configuration forms next to the boxes where you must enter your settings. … Read more…

Asterisk behind NAT

Scenarios in which NAT may adversely affect Asterisk SIP connections The Asterisk Server is behind NAT The Asterisk server could be on the LAN (or in a DMZ) with a NAT firewall between it and the Internet. When it communicates with external peers or devices, the network connections have to pass through the local NAT … Read more…