IRC log for #asterisk on 20170222

`00:08.07`	`*** join/#asterisk miralin (~Thunderbi@194.8.128.47)`
`00:23.31`	`*** part/#asterisk kharwell (kharwell@nat/digium/x-ddinhxgplwxexwvf)`
`00:43.48`	`Samot`	`Aww man. George "The Animal" Steele died.`
`01:09.20`	`*** join/#asterisk friedrich (~friedrich@aextron.de)`
`01:20.12`	`*** join/#asterisk zopsi (~zopsi@dir.ac)`
`01:20.29`	`*** join/#asterisk friedrich (~friedrich@aextron.de)`
`01:32.53`	`*** join/#asterisk TandyUK (~admin@87.252.44.195)`
`01:53.17`	`*** join/#asterisk matrix1233 (~matrix123@197.0.169.217)`
`02:02.42`	`*** join/#asterisk Dovid (~dovid@ool-4573a525.dyn.optonline.net)`
`02:06.34`	`*** join/#asterisk Dovid (~dovid@ool-4573a525.dyn.optonline.net)`
`03:08.11`	`*** join/#asterisk trelane (trelane@unaffiliated/trelane)`
`03:10.32`	`*** join/#asterisk fstd_ (~fstd@unaffiliated/fisted)`
`03:35.14`	`*** join/#asterisk Dovid (~dovid@ool-4573a525.dyn.optonline.net)`
`04:06.18`	`*** join/#asterisk setham (uid214435@gateway/web/irccloud.com/x-xmjaqqffriicktis)`
`05:12.53`	`*** join/#asterisk freebs (~freebs@unaffiliated/freebs)`
`06:31.05`	`drmessano`	`Samot: Need $5 SIP NOW PLZ`
`06:58.55`	`*** join/#asterisk jkroon (~jkroon@uls-154-73-35-201.wall.uls.co.za)`
`07:14.54`	`*** join/#asterisk simplydrew_ (~simplydre@unaffiliated/simplydrew)`
`07:37.04`	`*** join/#asterisk pppingme (~pppingme@unaffiliated/pppingme)`
`07:37.09`	`*** join/#asterisk gerhard7 (~gerhard7@ip5657ee30.direct-adsl.nl)`
`07:39.41`	`cmendes0101`	`I'm trying to find out more about ISDN PRI in UK. Anyone have experience or somewhere to recommend to find out more about pricing or getting started? Trying to find alternative to dialer traffic rates on Voip for Uk specifically`
`07:42.22`	`tuxd00d`	`drmessano: Youâre so demanding :P`
`07:42.42`	`drmessano`	`and unrealistic`
`07:53.42`	`*** join/#asterisk pchero_work (~pchero@2a00:c80:1072::10de)`
`07:53.49`	`*** join/#asterisk Oatmeal (~Suzeanne@2001:558:600d:c:35f1:4a2f:63ab:d8ac)`
`07:55.29`	`*** join/#asterisk matrix1233 (~matrix123@41.230.185.146)`
`07:58.33`	`*** join/#asterisk tzafrir (~tzafrir@local.xorcom.com)`
`08:09.35`	`*** join/#asterisk samwierema (~samwierem@095-097-255-066.static.chello.nl)`
`08:18.54`	`*** join/#asterisk matrix1233 (~matrix123@41.230.185.146)`
`08:24.13`	`*** join/#asterisk hehol (~hehol@gatekeeper.loca.net)`
`08:40.25`	`*** join/#asterisk Oatmeal (~Suzeanne@2001:558:600d:c:35f1:4a2f:63ab:d8ac)`
`08:54.08`	`*** join/#asterisk areski (~areski@15.red-83-33-189.dynamicip.rima-tde.net)`
`08:56.44`	`*** join/#asterisk samwierema (~samwierem@095-097-255-066.static.chello.nl)`
`08:59.48`	`*** join/#asterisk samwierema (~samwierem@095-097-255-066.static.chello.nl)`
`09:03.22`	`*** join/#asterisk LiuYan (~NiHola@unaffiliated/liuyan)`
`09:07.13`	`*** join/#asterisk samwierema (~samwierem@095-097-255-066.static.chello.nl)`
`09:24.50`	`*** join/#asterisk matrix1233 (~matrix123@41.226.165.40)`
`09:28.53`	`*** join/#asterisk StucKman (~mdione@195.200.189.206)`
`09:29.38`	`StucKman`	`I can't find the dial plan syntax definition, so I came to ask: can I cut lines in some way? in particular, I want to cut something like this:`
`09:29.45`	`*** join/#asterisk Chainsaw (~chainsaw@gentoo/developer/chainsaw)`
`09:30.53`	`StucKman`	`exten = s,n,GotoIf($[$[${SME_CALLERID} = 303] \| $[${SME_CALLERID} = 304] \| $[${SME_CALLERID} = 320] \| [... more to come ...]] ?dynamicallerid,1:)`
`09:35.45`	`*** join/#asterisk jkroon (~jkroon@uls-154-73-35-201.wall.uls.co.za)`
`09:41.55`	`pchero_work`	`Hi, :) I'm trying to use the AMI using the telnet like "telnet 127.0.0.1 5038".`
`09:42.42`	`pchero_work`	`But after connect to it, I can't see the welcome message like "Asterisk Call Manager/2.8.0" and I can't find the res_manager.so anymore.`
`09:43.22`	`pchero_work`	`I've just downloaded the newest asterisk-14.3 and asterisk-14.3-rc2. I have the same problem. Did I something wrong?`
`09:44.37`	`StucKman`	`pchero_work: did you compile it yourself or did you download a binary version?`
`09:45.11`	`pchero_work`	`StucKman: Thank you for answering. :)I compiled it by myself.`
`09:45.12`	`*** join/#asterisk evil_gordita (robert@ip70-188-41-127.rn.hr.cox.net)`
`09:45.33`	`pchero_work`	`Downloaded the source and compiled it.`
`09:45.41`	`StucKman`	`pchero_work: maybe you need to install some depended -on libraries?`
`09:45.52`	`StucKman`	`depended-on*`
`09:46.09`	`StucKman`	`(I've never compiled asterisk, but just asking)`
`09:46.32`	`pchero_work`	`Hm..`
`09:47.21`	`StucKman`	`when you run the configure script or similar, it might have complained or warned about missing dependencies`
`09:48.44`	`*** join/#asterisk joako (~joako@opensuse/member/joak0)`
`09:48.47`	`pchero_work`	`You might be right. I will checking the configure script result.`
`09:50.08`	`StucKman`	`otherwise, dunno`
`10:14.47`	`*** join/#asterisk Kaian (~kaian@6.62-99-78.static.clientes.euskaltel.es)`
`10:17.22`	`*** part/#asterisk StucKman (~mdione@195.200.189.206)`
`10:20.43`	`pchero_work`	`It was my bed. I used my own asterisk module which is using the manager module. It wasn't compiled with the correct version of the Asterisk. It made problem. Now it's fine. :)`
`10:20.50`	`pchero_work`	`Bad.`
`11:09.32`	`*** join/#asterisk tuxian (~tuxian@igilmour.plus.com)`
`11:17.53`	`*** join/#asterisk pawiecki_ (~pawiecki@host-89-238-53-32.smgr.pl)`
`11:30.49`	`*** join/#asterisk matrix1233 (~matrix123@41.230.185.146)`
`11:34.25`	`*** join/#asterisk robmal (r@wporzo.pl)`
`11:44.15`	`*** join/#asterisk matrix1233 (~matrix123@41.230.185.146)`
`11:47.08`	`*** join/#asterisk jkroon (~jkroon@uls-154-73-35-201.wall.uls.co.za)`
`11:50.37`	`*** join/#asterisk friedrich (~friedrich@aextron.de)`
`12:09.05`	`*** join/#asterisk camerin (hoax@elite.bshellz.net)`
`12:12.24`	`*** join/#asterisk Chotaire (chotaire@oahu.chotaire.net)`
`12:39.51`	`*** join/#asterisk dustinm (~dustinm@68.ip-149-56-14.net)`
`12:39.57`	`*** join/#asterisk averythomas (~averythom@2604:6000:1523:4002:222:19ff:fe2b:48fa)`
`12:40.20`	`*** join/#asterisk dadrc (~quassel@unaffiliated/dadrc)`
`12:41.06`	`*** join/#asterisk samwiere_ (~samwierem@095-097-255-066.static.chello.nl)`
`12:41.07`	`*** join/#asterisk roukoswarf (znc@rouk.org)`
`12:42.20`	`*** join/#asterisk bounceman (~bounceman@185.32.9.250)`
`12:42.33`	`bounceman`	`Hi, what is the difference between atxfer and atxfercomplete ?`
`12:43.38`	`*** join/#asterisk jkroon (~jkroon@uls-154-73-35-201.wall.uls.co.za)`
`12:45.11`	`bounceman`	`atxfer does a normal attended transfer? But atxfercomplete it does the same but without hanging up?`
`12:45.13`	`bounceman`	`Is that correct`
`12:45.20`	`*** join/#asterisk Ast001 (~uros@89.216.97.188)`
`12:46.30`	`Ast001`	`Hi is there a way to tell Asterisk not to accept registration from sip client if that sip peer is already registered. I have call center where many agents register xlites from same IP and sometimes 2-3 xlites try with same sip username and hijack registration from eachother.`
`12:47.45`	`*** join/#asterisk newtonr (~newtonr@173-17-133-211.client.mchsi.com)`
`12:47.45`	`*** mode/#asterisk [+o newtonr] by ChanServ`
`13:07.31`	`*** join/#asterisk Pasha (~Cory@unaffiliated/cory)`
`13:18.55`	`*** join/#asterisk gusto (~gusto@2001:4c50:62f:f43:95f7:93db:7202:6dc3)`
`13:20.05`	`*** join/#asterisk [TK]D-Fender (~joe@216.191.106.165)`
`13:23.50`	`*** part/#asterisk Ast001 (~uros@89.216.97.188)`
`13:30.54`	`bounceman`	`Can someone verify to me that atxfercomplete is a part of Asterisk 11?`
`13:34.52`	`*** join/#asterisk ghoti (~paul@hq.experiencepoint.com)`
`13:39.42`	`*** join/#asterisk miralin (~Thunderbi@194.8.128.47)`
`13:40.37`	`[TK]D-Fender`	`https://wiki.asterisk.org/wiki/dosearchsite.action?where=AST&spaceSearch=true&queryString=atxfercomplete`
`13:40.44`	`[TK]D-Fender`	`WONDERFUL WIKI TELLS ALL`
`13:41.18`	`[TK]D-Fender`	`And you should not be running 11 anyymore`
`13:41.41`	`Chainsaw`	`Have we reached all caps already? That's... quick?`
`13:42.00`	`bounceman`	`this verified that it is not grep -Ril "atxfercomplete" asterisk-11.25.1/`
`13:42.03`	`bounceman`	`:p`
`13:42.35`	`bounceman`	`Ok it was introduced in 12`
`13:47.06`	`*** join/#asterisk sekil (~sekil@nat-73.net011.net)`
`13:56.27`	`MacroMan`	`bounceman, As far as I can tell from testing, atxfercomplete does the same thing as hanging up the phone.`
`13:56.39`	`*** join/#asterisk brad_mssw (~brad@66.129.88.50)`
`13:57.21`	`*** join/#asterisk sekil (~sekil@nat-73.net011.net)`
`13:57.30`	`MacroMan`	`bounceman, and upgrade from v11 for the sake of humanity`
`13:57.52`	`bounceman`	`Stuck with legacy software that is 11 compatible`
`13:58.45`	`*** join/#asterisk gerhard7 (~gerhard7@ip5657ee30.direct-adsl.nl)`
`13:58.50`	`MacroMan`	`Sucks.`
`13:58.55`	`MacroMan`	`And from the manual: "Completing the transfer with a DTMF sequence is functionally equivalent to hanging up the transferrer channel during an attended transfer."`
`13:59.17`	`MacroMan`	`So you can just hangup.`
`14:09.31`	`*** join/#asterisk EnrgySmth (d8eba101@gateway/web/freenode/ip.216.235.161.1)`
`14:14.42`	`MacroMan`	`I'm so surprised about the amount of random hack attempts I get on my box. I have them all blocked fine, but I'm getting roughly 5 attempts to dial out to international numbers each minute.`
`14:15.54`	`*** part/#asterisk EnrgySmth (d8eba101@gateway/web/freenode/ip.216.235.161.1)`
`14:15.58`	`Samot`	`Sounds about right.`
`14:18.44`	`MacroMan`	`Scary for anyone that doesn't know/care about security`
`14:19.19`	`Samot`	`Nothing new.`
`14:19.30`	`*** join/#asterisk newtonr (RustyNewto@nat/digium/x-uciupdjlnusarywf)`
`14:19.30`	`*** mode/#asterisk [+o newtonr] by ChanServ`
`14:19.39`	`Samot`	`Web hosting boxes were always targets and still are in many cases.`
`14:20.29`	`MacroMan`	`I've got a web box, but I don't get anywhere near as many attacks as my * box`
`14:21.14`	`MacroMan`	`Toll fraud is big business`
`14:22.09`	`Samot`	`What type of web box?`
`14:22.22`	`Samot`	`I mean, I run cPanel on my boxes..`
`14:22.43`	`Samot`	`It does a lot of the work for me as far as protecting the box. But it wasn't always the case.`
`14:22.46`	`MacroMan`	`Nginx mainly, but I've also got Nodejs running`
`14:23.36`	`MacroMan`	`dislikes cpanel`
`14:24.15`	`Samot`	`Why?`
`14:24.27`	`*** join/#asterisk Dovid (~dovid@ool-4573a525.dyn.optonline.net)`
`14:24.56`	`MacroMan`	`I don't find it that useful, plus I like to be able to have complete control of my boxes, even if that means a little more manual config work`
`14:25.43`	`Samot`	`Not useful?`
`14:25.45`	`Samot`	`OK.`
`14:26.43`	`MacroMan`	`I'm a keyboard user, not a gui user. I get things done quicker with the keyboard, with more flexibility and better results.`
`14:27.41`	`Samot`	`And it has command lines to do things.`
`14:27.52`	`Samot`	`I use them to run things from the CLI.`
`14:27.58`	`Samot`	`But sure.`
`14:28.45`	`MacroMan`	`To be fair, I haven't looked at cpanel in many years, so it's probably much better than it used to be.`
`14:30.04`	`Samot`	`Considering it's pretty much the leading web hosting software, yes.`
`14:31.34`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`14:48.47`	`*** join/#asterisk Rini (uid196547@gateway/web/irccloud.com/x-fiouuhggjqhjneyi)`
`14:53.29`	`*** join/#asterisk cresl1n (Adium@asterisk/libpri-and-libss7-expert/Cresl1n)`
`14:53.29`	`*** mode/#asterisk [+o cresl1n] by ChanServ`
`14:55.34`	`igcewieling`	`I hate (most) GUIs.`
`14:58.14`	`Samot`	`Yeah, we should all go back to Lynx.`
`14:59.53`	`[TK]D-Fender`	`Links`
`14:59.59`	`[TK]D-Fender`	`because fuck colour`
`15:00.20`	`[TK]D-Fender`	`goes to replug his B&W TV as a monitor`
`15:02.50`	`Samot`	`gets his 8-track player out.`
`15:04.24`	`MacroMan`	`lol. Well from your sarcasm, why have Asterisk? We should all use FreePBX`
`15:04.50`	`Samot`	`Well you still need Asterisk.`
`15:06.37`	`MacroMan`	`And you still need all those other technologies underlying the modern GUI's`
`15:07.04`	`Samot`	`Not arguing that.`
`15:07.32`	`MacroMan`	`(well maybe not Lynx lol)`
`15:08.20`	`MacroMan`	`My point is, there are situations where GUI's don't work and doing things the GUI author didn't forsee is one of them.`
`15:08.30`	`Samot`	`Of course.`
`15:08.36`	`Samot`	`Again, I'm not arguing that point.`
`15:09.02`	`Samot`	`Being dismissive of GUIs in general, is just silly.`
`15:12.49`	`Samot`	`They have pros and yes, they even have cons.`
`15:20.21`	`*** join/#asterisk tuxd00d (~tuxd00d@wsip-184-179-14-87.ph.ph.cox.net)`
`15:21.04`	`*** join/#asterisk kharwell (kharwell@nat/digium/x-nymcgrcmbmhrghzy)`
`15:21.04`	`*** mode/#asterisk [+o kharwell] by ChanServ`
`15:22.04`	`*** join/#asterisk mknooihuisen (~mknooihui@12.150.48.70)`
`15:30.56`	`MacroMan`	`Is it possible to define a username range in chan_sip? So all numbers 10-39, rather than having a block for every number?`
`15:32.07`	`*** join/#asterisk acidfoo-_ (~nbouliane@24-212-247-229.cable.teksavvy.com)`
`15:32.43`	`acidfoo-_`	`does chanspy depends on DAHDI ?`
`15:34.18`	`[TK]D-Fender`	`no`
`15:34.45`	`[TK]D-Fender`	`MacroMan, No, but that's what templates are for`
`15:35.08`	`[TK]D-Fender`	`acidfoo-_, no`
`15:36.23`	`*** join/#asterisk imcdona (~imcdona@2607:f0d8:20:1001:94fe:2a00:16b0:7ff2)`
`15:37.17`	`*** join/#asterisk rmudgett (rmudgett@nat/digium/x-qlvcfuxjanpqwfyf)`
`15:37.17`	`*** mode/#asterisk [+o rmudgett] by ChanServ`
`15:37.47`	`MacroMan`	`[TK]D-Fender, It's just this is what my sip.conf currently looks like: https://paste.ngx.cc/b537bfd1a25b0e86`
`15:38.27`	`MacroMan`	`The list is actually longer, all the way to 69`
`15:39.13`	`Samot`	`All the users share the same secret?`
`15:39.58`	`MacroMan`	`Yes. In fact all users will connect from the same softphone webpage and not even know their number.`
`15:40.24`	`Samot`	`9:18:48 AMÂ <MacroMan>Â Scary for anyone that doesn't know/care about security <-- I'm going to bring up your own quote.`
`15:40.53`	`Samot`	`1 Secret, 64 ways in.`
`15:41.30`	`MacroMan`	`I will note that my system is designed to auto generate a new secret each day and can also be re-generated at will`
`15:41.54`	`Samot`	`The SAME password.`
`15:42.11`	`Samot`	`Security 101 says as a user you shouldn't have the same password/PIN for your own stuff.`
`15:42.42`	`MacroMan`	`and? My system here will only give out the secret to login to Asterisk once other security measures have been met anyway`
`15:43.09`	`*** join/#asterisk Samael28 (~Samael28@176.104.49.75)`
`15:43.18`	`MacroMan`	`All those users also have equal access. One can't do what any other can`
`15:43.27`	`Samot`	`So basically, if they get passed the firewall, the iron wall, the stone wall, etc the last line of defense is a paper wall.`
`15:44.27`	`MacroMan`	`User 10 can't do more than user 14. If they had different secrets it would do that much. I do admit that I have weakened the login to brute force attacks`
`15:44.50`	`Samot`	`I'm not talking about what User 1 can do vs User 10`
`15:44.57`	`MacroMan`	`I have other means to defend against brute force attacks.`
`15:45.02`	`[TK]D-Fender`	`User 4 can do stuff in user 10's name <-----------`
`15:45.11`	`[TK]D-Fender`	`Who you gonna fire when they abuse you?`
`15:45.16`	`Samot`	`I'm talking about the guy getting to your system having access to 64 accounts.`
`15:45.24`	`[TK]D-Fender`	`Who says the FIRST guy is the REAL guy?`
`15:45.38`	`[TK]D-Fender`	`This is built on a shitty securitty concept`
`15:46.00`	`Samot`	`The idea of "I can use the same password because I gots a firewall" is a bad one.`
`15:46.25`	`[TK]D-Fender`	`You came in here TELLING us you had users identifying as other users. The system has already failed`
`15:46.44`	`Samot`	`So is this "It hasn't happened yet so why worry about it" ideology.`
`15:47.00`	`MacroMan`	`Anyway, I'm not using Asterisk like a normal PBX. There are other considerations here besides`
`15:47.24`	`Samot`	`Using Asterisk as a PBX or as an application server has no bearing.`
`15:47.46`	`*** join/#asterisk sh_smith (foobar@cpe-76-174-26-91.socal.res.rr.com)`
`15:48.00`	`Samot`	`Well maybe some but not enough to warrant 64 users with all the same password or poor security concepts.`
`15:48.17`	`MacroMan`	`As I have said already, I have taken using the same secret into account by have an auto re-generating secret`
`15:48.45`	`Samot`	`So what?`
`15:48.51`	`Samot`	`They are ALREADY IN`
`15:49.06`	`Samot`	`They'll just keep hammering you.`
`15:50.14`	`Samot`	`"It doesn't matter that we were compromised, I have a auto re-generating script for our _password_ for 60+ users"`
`15:50.52`	`MacroMan`	`No one is in. Someone still needs to find out the password, for one account or 60`
`15:51.14`	`Samot`	`Wow.`
`15:51.15`	`Samot`	`OK.`
`15:52.50`	`[TK]D-Fender`	`PJSIP may be able to restrict the registtrations, forcing a previous one to either explicitly deregister, or timeout in some way`
`15:55.22`	`Samot`	`When you have to start designing ways to cover your ass because you decided it was "easier" to have one password for a mass of users than individual passwords, you already down the wrong road for a few reasons.`
`15:56.32`	`Samot`	`"I want to make a call that's not allowed but I don't want to get in trouble. Screw it, I'll log in as Joe and make the call. I hate Joe."`
`15:57.11`	`MacroMan`	`Samot, you can't login as Joe to make a call that you can't, because they're all equal. I can already make the same call's (or not) as Joe.`
`15:57.47`	`MacroMan`	`These are all heavily restricted in the dialplan too with very little in the way that could be abused.`
`16:01.48`	`[TK]D-Fender`	`I've given you the only potential option * may offer. Run with it and best of luck`
`16:02.17`	`*** join/#asterisk samwierema (~samwierem@82.169.167.198)`
`16:04.14`	`drmessano`	`My password is 12345`
`16:04.28`	`Chainsaw`	`I thought it was hunter2.`
`16:04.40`	`Samot`	`That's the password an idiot would have to his luggage.`
`16:04.59`	`drmessano`	`Damn.. hunter2`
`16:05.03`	`drmessano`	`that's old skool`
`16:05.38`	`drmessano`	`But with modern IRC.. that works now`
`16:05.52`	`Samot`	`Well at least you know the password to unlock the air shield around Druidia.`
`16:05.55`	`drmessano`	`If you type your password it shows as stars in channel`
`16:05.59`	`drmessano`	`**********`
`16:06.00`	`drmessano`	`See`
`16:06.20`	`igcewieling`	`I use 16 - 32 char passwords of random characters for phone passwords, it's not like the end user will ever input the password.`
`16:06.23`	`MacroMan`	`lol`
`16:06.39`	`*** join/#asterisk MechWar (b3dd0695@gateway/web/freenode/ip.179.221.6.149)`
`16:08.17`	`MechWar`	`Hi guys, i have a problem with incoming invites`
`16:08.29`	`MechWar`	`is showing 401 sip response`
`16:08.45`	`drmessano`	`We're going to need to see your password first`
`16:08.50`	`[TK]D-Fender`	`typically the 1st 401 is an auth challenge`
`16:09.07`	`MechWar`	`i register outside the server and it's work`
`16:09.09`	`drmessano`	`But yeah what he said`
`16:09.27`	`stefan27`	`I wonder how many passwords it is feasible for an attacker to test per second in the context of sip registers`
`16:09.38`	`stefan27`	`100?`
`16:09.41`	`drmessano`	`stefan27: On my server, 6`
`16:09.52`	`drmessano`	`Because they get blacklisted after that`
`16:10.06`	`drmessano`	`So basically, < 6`
`16:10.20`	`MechWar`	`something ?`
`16:10.26`	`MacroMan`	`I did read an article saying it's not that many, which is why it makes it * an easy target for ddos`
`16:10.37`	`MechWar`	`ohh, and the sip trunk's registered`
`16:10.39`	`drmessano`	`11:08:51 <[TK]D-Fender> typically the 1st 401 is an auth challenge`
`16:10.41`	`MacroMan`	`Didn't bookmark it though`
`16:10.42`	`drmessano`	`MechWar: ^`
`16:10.55`	`stefan27`	`I meant if there are no extra security measures, how many register requests /sec can a typical installation handle`
`16:10.56`	`drmessano`	`401 is a normal response`
`16:11.03`	`drmessano`	`WHat is the actual issue?`
`16:11.26`	`MechWar`	`my asterisk doesn't accept incoming invites`
`16:11.39`	`drmessano`	`stefan27: I know.. Real answer is that it depends.. you hit a magic number and chan_sip will die`
`16:11.39`	`[TK]D-Fender`	`<MechWar> ohh, and the sip trunk's registered <- most providers send UNAUTHED calls you shouldn't even be challenging`
`16:12.05`	`igcewieling`	`stefan27: They attack the provisioning server first, those are usually less secured.`
`16:13.33`	`igcewieling`	`I'd expect "tens to hundreds of regs per second" but nobody scans as fast as they can, it throws up all sorts of red flags,`
`16:13.51`	`igcewieling`	`On my systems I allow them to register and dump them into a jail context.`
`16:15.07`	`Samot`	`I drop all non-ARIN blocks as a first step.`
`16:15.25`	`drmessano`	`Yeah`
`16:15.29`	`igcewieling`	`drmessano: you must not have a lot of clients behind NAT. Banning an IP after X failed register attempts can be an issue when you have a bunch of phones behind the same NAT IP and one of them has a bad password.`
`16:15.37`	`Samot`	`No one on 1.0.0.0/8 should be on my box.`
`16:15.44`	`Samot`	`Or 5.0.0.0/8, etc.`
`16:15.58`	`drmessano`	`igcewieling: Not hundreds behind the same NAT, no`
`16:16.11`	`drmessano`	`igcewieling: If I did, I would adjust accordingly`
`16:16.31`	`MechWar`	`drmessano: and can i do something do fix it ?`
`16:16.39`	`Samot`	`Also..`
`16:16.56`	`Samot`	`If they have a 100 phones they probably have a static IP address.`
`16:17.08`	`Samot`	`So I'm sure he handles "trusted/known" IPs a little differently.`
`16:17.29`	`drmessano`	`Yep`
`16:17.34`	`[TK]D-Fender`	`<MechWar> drmessano: and can i do something do fix it ? <- stop challenging invites from your provider's peer`
`16:17.37`	`Samot`	`You so silly.`
`16:17.44`	`*** join/#asterisk cresl1n (Adium@asterisk/libpri-and-libss7-expert/Cresl1n)`
`16:17.44`	`*** mode/#asterisk [+o cresl1n] by ChanServ`
`16:17.45`	`[TK]D-Fender`	`"insecure=port,invite" <-`
`16:17.45`	`igcewieling`	`the number of phones is not relevant.`
`16:17.55`	`drmessano`	`igcewieling: Thats a dumb comment`
`16:18.06`	`drmessano`	`igcewieling: Its relative to the failures you described`
`16:18.11`	`drmessano`	`Obviously`
`16:18.28`	`igcewieling`	`The customer is just as pissed off that all their phones just lost connectivity regardless of if it is 10 phones or 100 phones.`
`16:18.28`	`MechWar`	`i already remove insecure`
`16:18.31`	`drmessano`	`1 phone continuously failing is going to generate less traffic than 100`
`16:18.42`	`drmessano`	`So you adjust accordingly`
`16:19.06`	`drmessano`	`It's math`
`16:19.15`	`igcewieling`	`drmessano: I'm not talking about traffic.`
`16:19.36`	`Samot`	`I actually wasn't talking about the amount of phones either.`
`16:19.42`	`drmessano`	`Then what are you talking about?`
`16:19.42`	`Samot`	`I was talking about a STATIC IP`
`16:19.49`	`drmessano`	`drmessano: you must not have a lot of clients behind NAT. Banning an IP after X failed register attempts can be an issue when you have a bunch of phones behind the same NAT IP and one of them has a bad password.`
`16:19.59`	`Samot`	`You said "bunch"`
`16:20.07`	`Samot`	`I gave an equivalent of "bunch"`
`16:20.08`	`Samot`	`100`
`16:20.29`	`Samot`	`My point is, if they have a static IP and a "bunch" of phones..`
`16:20.39`	`drmessano`	`^ and if you set yourt firewall rules to account for 100 phones with some overheard for failures, you're fine`
`16:20.39`	`Samot`	`You would handle trusted or known IPs differently.`
`16:20.42`	`igcewieling`	`OK, A "bunch" is "2 or more"`
`16:21.18`	`drmessano`	`So if we're not talking about repeated registration attempts, then what are you talking about?`
`16:21.38`	`Samot`	`Nothing. He clung to the amount of phones.`
`16:21.52`	`drmessano`	`Which is relative`
`16:22.11`	`Samot`	`Yes but that's not the argument.`
`16:22.12`	`igcewieling`	`drmessano: I'm talking about 1 phone behind a NATed IP with a bad registration info + a server which bans IPs based on failed registration causing ALL phones behind that same IP to be blocked.`
`16:22.13`	`[TK]D-Fender`	`<MechWar> i already remove insecure <- you NEED it`
`16:22.19`	`Samot`	`We're down to what a "bunch" is defined as.`
`16:22.21`	`[TK]D-Fender`	`<[TK]D-Fender> "insecure=port,invite" <-`
`16:22.36`	`igcewieling`	`I retract "bunch" and replace it with "2 or more"`
`16:22.40`	`Samot`	`K`
`16:22.41`	`drmessano`	`igcewieling: Ok, and my answers were based on that very presumption`
`16:22.48`	`Samot`	`I still state that if it's a STATIC IP`
`16:22.54`	`Samot`	`You handle it differently`
`16:23.03`	`Samot`	`Are we talking about dynamic IPs?`
`16:23.08`	`Samot`	`It's two different talks.`
`16:23.11`	`drmessano`	`igcewieling: What part of "IF there's MORE PHONES, you UP THE LIMIT IN THE FIREWALL" was I not clear about?`
`16:23.34`	`drmessano`	`How is this not obvious`
`16:23.42`	`igcewieling`	`sigh forget I said anything.`
`16:24.27`	`Samot`	`I treat my IP differently than other IPs. So if I have a phone with a bad password, it just doesn't register.`
`16:24.31`	`Samot`	`The rest of my phones are fine.`
`16:25.05`	`Samot`	`Now a customer with a dynamic IP that I never know what it will be, they are handled differently.`
`16:25.20`	`Samot`	`Customer with static that I manage andhave a route at...again, handled differently.`
`16:25.28`	`Samot`	`Don't care what's behind it in regards of devices.`
`16:25.31`	`Samot`	`Or the amount.`
`16:26.35`	`drmessano`	`The real answer though`
`16:26.50`	`drmessano`	`Pull a lorsungcu and just VPN it all`
`16:27.00`	`lorsungcu`	`:>`
`16:27.19`	`Samot`	`With PFSense.`
`16:27.27`	`drmessano`	`It's cheap now to either replace their router or put one behind it and call it the "Phone Switch"`
`16:28.30`	`drmessano`	`or use PF`
`16:29.25`	`Samot`	`Yeah, I haven't had one customer complain about switching out their router.`
`16:30.28`	`Samot`	`They even pay for it. Because pretty much we're replacing a router they got a Best Buy or while they we out "running errands".`
`16:34.03`	`*** part/#asterisk jlewis-highwinds (~jlewis@soloth.lewis.org)`
`16:49.42`	`*** join/#asterisk tzafrir (~tzafrir@bzq-136-223.red.bezeqint.net)`
`16:57.05`	`*** join/#asterisk netman (~netman@185.94.249.77)`
`17:02.19`	`*** join/#asterisk Micc (~micster@static-50-125-113-34.frr01.both.wa.frontiernet.net)`
`17:02.30`	`Micc`	`What's the best ARI library to use with Go?`
`17:03.25`	`*** join/#asterisk bof22 (~Thunderbi@ARennes-650-1-229-241.w92-135.abo.wanadoo.fr)`
`17:04.09`	`*** join/#asterisk gtjoseph (~gtjoseph@unaffiliated/gtj)`
`17:04.09`	`*** mode/#asterisk [+o gtjoseph] by ChanServ`
`17:04.44`	`*** join/#asterisk doug (~doug@toma.horph.com)`
`17:05.19`	`drmessano`	`Whichever one works and is current`
`17:05.59`	`Micc`	`That's kinda the problem. I've tested two now and they both seem to have a few issues.`
`17:06.15`	`doug`	`i wanna use my landline phone as a computer handset. anyone know a good trick for that?`
`17:06.53`	`doug`	`i'm wondering if there's something that'll translate SIP sessions to attached devices`
`17:07.02`	`WIMPy`	`Gut it and put in an USB sound"card" or buy an ATA.`
`17:07.37`	`doug`	`how would an ATA help?`
`17:07.45`	`WIMPy`	`That's the ATA part.`
`17:08.04`	`WIMPy`	`Assuming you're talking about an analog POTS phone.`
`17:08.07`	`doug`	`yup`
`17:08.09`	`drmessano`	`lol`
`17:08.39`	`doug`	`pretty sure the ATAs i've got aren't gonna let me discord w/my phone`
`17:09.04`	`drmessano`	`You just want it as an audio device?`
`17:09.40`	`drmessano`	`What kind of phone is it?`
`17:10.32`	`[TK]D-Fender`	`discord?`
`17:10.34`	`doug`	`70's western electric desk phone`
`17:10.39`	`drmessano`	`Oh that's easy`
`17:11.09`	`drmessano`	`You basically need to break out the mic and earpiece from the handset`
`17:11.35`	`drmessano`	`You're going to want to replace the mic element with a condenser mic`
`17:11.45`	`WIMPy`	`Break? I'm sure they could afford screws in the 70s.`
`17:11.49`	`drmessano`	`The rest of it will be a shell`
`17:12.18`	`drmessano`	`WIMPy: separate`
`17:12.20`	`drmessano`	`as in SPLIT OUT`
`17:12.34`	`doug`	`not sure that counts as using the phone`
`17:12.39`	`drmessano`	`It doesnt`
`17:12.40`	`doug`	`that's more like replacing it`
`17:12.42`	`drmessano`	`Because you canty`
`17:12.44`	`drmessano`	`Because you cant`
`17:13.10`	`*** join/#asterisk asaas_sk (d9491e82@gateway/web/freenode/ip.217.73.30.130)`
`17:14.06`	`drmessano`	`In order for you to use the phone as a phone, you need at least an ATA + some kinda of phone switch, or a PC with an analog card in it running some sort of phone switch`
`17:14.14`	`drmessano`	`Seems like a lot of work to use a phone with discord`
`17:14.39`	`*** join/#asterisk nikolaev (~georginik@176.26.205.50)`
`17:14.58`	`drmessano`	`Since Discord isn't the PSTN, you can't expect it to work in a lot of ways like a phone. No one can place calls to you`
`17:14.59`	`*** part/#asterisk nikolaev (~georginik@176.26.205.50)`
`17:15.30`	`drmessano`	`I'm telling you how to use it as handset, basically`
`17:21.07`	`*** join/#asterisk samwierema (~samwierem@82.169.167.198)`
`17:23.20`	`doug`	`hm, seems like there are a bunch of options for fxs-to-usb`
`17:23.45`	`drmessano`	`That doesn't just turn it onto a soundcard`
`17:24.25`	`[TK]D-Fender`	`they have FXS> headphone+mic jack converts already`
`17:24.38`	`doug`	`looks like there are various device drivers`
`17:24.45`	`[TK]D-Fender`	`I'd seen them for sale yars before I got into *`
`17:25.22`	`drmessano`	`Sure, you can buy a phone hybrid. Couple hundred bucks for anything worth using`
`17:25.34`	`drmessano`	`We used to use them all the time, years ago`
`17:27.39`	`doug`	`https://www.voip-info.org/wiki/view/USB-B1K`
`17:27.44`	`doug`	`that sounds pretty close`
`17:27.51`	`doug`	`> acts as a USB sound card`
`17:28.07`	`doug`	`if they are still around`
`17:28.54`	`drmessano`	`That was 12 years ago`
`17:32.39`	`drmessano`	`Huh.. I didnt know Obihai made actual phones`
`17:33.53`	`drmessano`	`10 lines for $120`
`17:33.55`	`*** join/#asterisk jkroon (~jkroon@uls-154-73-32-13.wall.uls.co.za)`
`17:37.25`	`*** join/#asterisk Alex_Bkash (7c06eeee@gateway/web/freenode/ip.124.6.238.238)`
`17:46.48`	`*** join/#asterisk Samael28 (~Samael28@176.104.49.75)`
`17:53.57`	`*** join/#asterisk tuxd00d (~tuxd00d@wsip-184-179-14-87.ph.ph.cox.net)`
`18:00.26`	`*** join/#asterisk Iamnacho (~Iamnacho@ip24-252-4-195.om.om.cox.net)`
`18:01.13`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`18:12.31`	`*** part/#asterisk doug (~doug@toma.horph.com)`
`18:17.32`	`*** join/#asterisk netman (~netman@185.94.249.77)`
`18:17.44`	`*** join/#asterisk tuxd00d (~tuxd00d@wsip-184-179-14-87.ph.ph.cox.net)`
`18:18.53`	`*** join/#asterisk rwb (~Thunderbi@204.13.43.166)`
`18:31.50`	`*** join/#asterisk tuxd00d (~tuxd00d@wsip-184-179-14-87.ph.ph.cox.net)`
`18:36.03`	`*** join/#asterisk friedrich (~friedrich@aextron.de)`
`18:49.55`	`*** join/#asterisk mknooihuisen (~mknooihui@12.150.48.70)`
`18:51.05`	`*** join/#asterisk friedrich (~friedrich@aextron.de)`
`18:59.24`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`19:01.05`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`19:19.16`	`*** join/#asterisk netman (~netman@185.94.249.77)`
`19:32.11`	`*** join/#asterisk sekil (~sekil@cable-89-216-228-140.dynamic.sbb.rs)`
`19:39.24`	`*** join/#asterisk BlackMaria (~BlackMari@dsl-104.163.154-142.ebox.ca)`
`19:55.57`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`20:04.21`	`*** join/#asterisk TriJetScud (~TriJetScu@van-mig-svr.ad.v10networks.ca)`
`20:22.48`	`*** join/#asterisk miralin (~Thunderbi@194.8.128.47)`
`20:29.34`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`20:29.43`	`*** join/#asterisk defsdoor (~andy@cpc35-sutt4-2-0-cust184.19-1.cable.virginm.net)`
`20:48.33`	`*** join/#asterisk tuxd00d (~tuxd00d@ip68-106-11-24.ph.ph.cox.net)`
`20:49.17`	`*** join/#asterisk jfindley (~jfindley@12.5.204.234)`
`20:49.46`	`jfindley`	`Hello, does anyone know the default dtmf sequence to place a caller on hold in asterisk?`
`20:50.56`	`[TK]D-Fender`	`Thre is no normal "dtmf hold"`
`20:51.11`	`[TK]D-Fender`	`What phone are you actually using?`
`20:53.01`	`*** join/#asterisk areski (~areski@80.174.128.82.dyn.user.ono.com)`
`20:53.10`	`*** join/#asterisk yulius (~yulius@189.223.143.120.dsl.dyn.telnor.net)`
`20:59.13`	`*** join/#asterisk sekil (~sekil@cable-89-216-228-140.dynamic.sbb.rs)`
`21:36.05`	`Kobaz`	`do de do`
`21:36.12`	`Kobaz`	`having a problem completely resetting a polycom`
`21:36.24`	`Kobaz`	`i did the four finger salute and entered the mac address, but that doesn;t work`
`21:36.26`	`Kobaz`	`polycom 335`
`21:44.05`	`robmal`	`The mac address / secret password always works.`
`21:44.16`	`Kobaz`	`always works?`
`21:44.22`	`Kobaz`	`not for me`
`21:44.23`	`Kobaz`	`heh`
`21:44.43`	`Kobaz`	`the mac address is the secret password, or is there another password`
`21:45.11`	`seanbright`	`456?`
`21:45.17`	`seanbright`	`that is the default`
`21:45.25`	`robmal`	`The mac is the secret pass and has to be all lowercase, no dashes or colons.`
`21:45.37`	`robmal`	`AFAIR.`
`21:45.47`	`*** part/#asterisk mknooihuisen (~mknooihui@12.150.48.70)`
`21:45.56`	`robmal`	`Ye, 456 is default.`
`21:46.00`	`*** join/#asterisk Chotaire (chotaire@oahu.chotaire.net)`
`21:46.17`	`Kobaz`	`yeah`
`21:46.19`	`Kobaz`	`all lowercase`
`21:46.23`	`Kobaz`	`0004f2...`
`21:47.23`	`Kobaz`	`lemme try for the 10th time...`
`21:47.25`	`robmal`	`So maybe you cannot into switching character modes in polycoms?`
`21:50.19`	`Kobaz`	`it's in alpha/num mode`
`21:52.23`	`robmal`	`Ok. It's broken. Please send it back to the distributor.`
`21:54.19`	`Kobaz`	`(comcast)`
`21:54.30`	`Kobaz`	`yeah mac definitely doesn't work`
`21:54.35`	`Kobaz`	`verified and re-verified`
`21:54.41`	`Kobaz`	`entered it like 12 times`
`21:56.49`	`robmal`	`It's dead. RMA.`
`21:58.05`	`*** join/#asterisk Chotaire (chotaire@oahu.chotaire.net)`
`22:03.23`	`Kobaz`	`it's not dead`
`22:03.30`	`Kobaz`	`it works on comcast's provisioning server`
`22:03.36`	`Kobaz`	`but i dont want it there anymore`
`22:03.50`	`robmal`	`Oh.`
`22:04.28`	`robmal`	`https://www.reddit.com/r/VOIP/comments/3hrst8/provider_locked_polycom_331_cant_flash/`
`22:06.19`	`Kobaz`	`it may have a custom bootloader installed`
`22:08.02`	`robmal`	`Still, if it gets a new one from the boot server - it'll replace it.`
`22:08.56`	`Kobaz`	`yeah but it's not hitting th boot server`
`22:09.05`	`Kobaz`	`you know what, it's like grabbing cdp i think`
`22:09.27`	`Kobaz`	`i saw the requests going through`
`22:09.35`	`Kobaz`	`there's still a comcast box at 192.168.1.1 of all places`
`22:09.45`	`Kobaz`	`but i have these on a separate vlan now`
`22:10.03`	`robmal`	`Meh.`
`22:10.11`	`robmal`	`Check your dhcp options.`
`22:10.26`	`Kobaz`	`that's all good`
`22:10.32`	`Kobaz`	`this was all tested last night`
`22:10.38`	`Kobaz`	`i'm plugging in a plain vanilla phone now`
`22:20.36`	`*** join/#asterisk skywayskase (~skywayska@67.139.42.219)`
`22:22.11`	`Kobaz`	`yeah`
`22:22.14`	`Kobaz`	`non-comcastic phone works fine`
`22:23.12`	`robmal`	`How many comcasted phones do you have?`
`22:23.55`	`Kobaz`	`6`
`22:23.59`	`Kobaz`	`it's not the end of the world`
`22:25.55`	`robmal`	`K. I can give it a go over some teamviewer for $30 each ;-)`
`22:26.03`	`Kobaz`	`hah`
`22:26.04`	`Kobaz`	`teamviewer?`
`22:26.06`	`Kobaz`	`to a polycom?`
`22:26.09`	`Kobaz`	`how's that work`
`22:26.25`	`robmal`	`No, to a pc that can access dhcp server and the polycoms.`
`22:30.18`	`Kobaz`	`that's not going to do anything`
`22:30.20`	`Kobaz`	`dhcp is fine`
`22:30.22`	`Kobaz`	`the comcast polycoms have the web server disabled`
`22:31.31`	`robmal`	`Ok, you know how to reach me :-) Good luck.`
`22:34.00`	`Kobaz`	`thanks`
`22:34.02`	`Kobaz`	`heh`
`22:36.24`	`*** join/#asterisk rwb (~Thunderbi@65.183.151.239)`
`23:57.08`	`*** join/#asterisk tzafrir (~tzafrir@bzq-82-81-175-197.red.bezeqint.net)`

Generated by irclog2html.pl Modified by Tim Riker to work with infobot.