Search
402 results for “pbx”
-
Getting some work done jamming out to #Placebo tonight.
This was my first song by them - Nancy Boy. Nobody should be surprised I was hooked on first listen.
-
Subscription fatigue hasn’t hit yet - U.S. consumers are still embracing subscriptions. More than a third (34%) of Americans say they beli... more: http://feedproxy.google.com/~r/Techcrunch/~3/PbxmRAoB_Ig/ #subscriptionservice #subscriptions #emarketer #services #media
-
"As of May 9, 2026, Debian’s migration software now actively blocks packages from migrating into the testing archive if they fail the reproducibility check. This applies both to new packages that cannot be reproduced and to existing packages whose reproducibility has regressed. Debian 14.0 will be the first major Debian release to ship under this hard mandate."
https://pbxscience.com/debian-mandates-reproducible-packages-for-debian-14-forky/ -
"As of May 9, 2026, Debian’s migration software now actively blocks packages from migrating into the testing archive if they fail the reproducibility check. This applies both to new packages that cannot be reproduced and to existing packages whose reproducibility has regressed. Debian 14.0 will be the first major Debian release to ship under this hard mandate."
https://pbxscience.com/debian-mandates-reproducible-packages-for-debian-14-forky/ -
"As of May 9, 2026, Debian’s migration software now actively blocks packages from migrating into the testing archive if they fail the reproducibility check. This applies both to new packages that cannot be reproduced and to existing packages whose reproducibility has regressed. Debian 14.0 will be the first major Debian release to ship under this hard mandate."
https://pbxscience.com/debian-mandates-reproducible-packages-for-debian-14-forky/ -
"As of May 9, 2026, Debian’s migration software now actively blocks packages from migrating into the testing archive if they fail the reproducibility check. This applies both to new packages that cannot be reproduced and to existing packages whose reproducibility has regressed. Debian 14.0 will be the first major Debian release to ship under this hard mandate."
https://pbxscience.com/debian-mandates-reproducible-packages-for-debian-14-forky/ -
"As of May 9, 2026, Debian’s migration software now actively blocks packages from migrating into the testing archive if they fail the reproducibility check. This applies both to new packages that cannot be reproduced and to existing packages whose reproducibility has regressed. Debian 14.0 will be the first major Debian release to ship under this hard mandate."
https://pbxscience.com/debian-mandates-reproducible-packages-for-debian-14-forky/ -
Send an SMS to confirm you're a human? That's strange. How about dozens of SMS, to locations all over the world? That sounds more like a hot take on International Revenue Share Fraud (IRSF). Infoblox Threat Intel has come across an operation that defrauds both individuals and telecoms by way of social engineering victims through the use of a fake CAPTCHA process.
With IRSF, fraudsters generate their revenue by driving call or SMS traffic to numbers to which they have revenue sharing agreements with the local telecoms. Historically, this has been done by methods like hacking an organization's PBX system, or using bots to abuse services that generate one-time-passwords, and directing that call or SMS traffic to numbers under their control.
This operation, however, takes advantage of individuals' familiarity with the CAPTCHA process, by adding a multi-stage requirement to send bulk SMS to get access to games, videos, or adult content - because of course, these things are so hard to access online otherwise.
In this case, the victims are two-fold. First, it impacts the people who get unexpected international SMS charges on their bill, and then the telecoms who both pay termination fees to the international destinations telecom, and who also possibly absorb the cost of the chargeback.Read more about our investigation into this new flavour of scam, including the specific domains and infrastructure we uncovered, here: https://www.infoblox.com/blog/threat-intelligence/hold-the-phone-international-revenue-share-fraud-driven-by-fake-captchas/
#threatintel #cybercrime #threatintelligence #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #IRSF #telecom #captcha
-
Send an SMS to confirm you're a human? That's strange. How about dozens of SMS, to locations all over the world? That sounds more like a hot take on International Revenue Share Fraud (IRSF). Infoblox Threat Intel has come across an operation that defrauds both individuals and telecoms by way of social engineering victims through the use of a fake CAPTCHA process.
With IRSF, fraudsters generate their revenue by driving call or SMS traffic to numbers to which they have revenue sharing agreements with the local telecoms. Historically, this has been done by methods like hacking an organization's PBX system, or using bots to abuse services that generate one-time-passwords, and directing that call or SMS traffic to numbers under their control.
This operation, however, takes advantage of individuals' familiarity with the CAPTCHA process, by adding a multi-stage requirement to send bulk SMS to get access to games, videos, or adult content - because of course, these things are so hard to access online otherwise.
In this case, the victims are two-fold. First, it impacts the people who get unexpected international SMS charges on their bill, and then the telecoms who both pay termination fees to the international destinations telecom, and who also possibly absorb the cost of the chargeback.Read more about our investigation into this new flavour of scam, including the specific domains and infrastructure we uncovered, here: https://www.infoblox.com/blog/threat-intelligence/hold-the-phone-international-revenue-share-fraud-driven-by-fake-captchas/
#threatintel #cybercrime #threatintelligence #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #IRSF #telecom #captcha
-
Send an SMS to confirm you're a human? That's strange. How about dozens of SMS, to locations all over the world? That sounds more like a hot take on International Revenue Share Fraud (IRSF). Infoblox Threat Intel has come across an operation that defrauds both individuals and telecoms by way of social engineering victims through the use of a fake CAPTCHA process.
With IRSF, fraudsters generate their revenue by driving call or SMS traffic to numbers to which they have revenue sharing agreements with the local telecoms. Historically, this has been done by methods like hacking an organization's PBX system, or using bots to abuse services that generate one-time-passwords, and directing that call or SMS traffic to numbers under their control.
This operation, however, takes advantage of individuals' familiarity with the CAPTCHA process, by adding a multi-stage requirement to send bulk SMS to get access to games, videos, or adult content - because of course, these things are so hard to access online otherwise.
In this case, the victims are two-fold. First, it impacts the people who get unexpected international SMS charges on their bill, and then the telecoms who both pay termination fees to the international destinations telecom, and who also possibly absorb the cost of the chargeback.Read more about our investigation into this new flavour of scam, including the specific domains and infrastructure we uncovered, here: https://www.infoblox.com/blog/threat-intelligence/hold-the-phone-international-revenue-share-fraud-driven-by-fake-captchas/
#threatintel #cybercrime #threatintelligence #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #IRSF #telecom #captcha
-
Send an SMS to confirm you're a human? That's strange. How about dozens of SMS, to locations all over the world? That sounds more like a hot take on International Revenue Share Fraud (IRSF). Infoblox Threat Intel has come across an operation that defrauds both individuals and telecoms by way of social engineering victims through the use of a fake CAPTCHA process.
With IRSF, fraudsters generate their revenue by driving call or SMS traffic to numbers to which they have revenue sharing agreements with the local telecoms. Historically, this has been done by methods like hacking an organization's PBX system, or using bots to abuse services that generate one-time-passwords, and directing that call or SMS traffic to numbers under their control.
This operation, however, takes advantage of individuals' familiarity with the CAPTCHA process, by adding a multi-stage requirement to send bulk SMS to get access to games, videos, or adult content - because of course, these things are so hard to access online otherwise.
In this case, the victims are two-fold. First, it impacts the people who get unexpected international SMS charges on their bill, and then the telecoms who both pay termination fees to the international destinations telecom, and who also possibly absorb the cost of the chargeback.Read more about our investigation into this new flavour of scam, including the specific domains and infrastructure we uncovered, here: https://www.infoblox.com/blog/threat-intelligence/hold-the-phone-international-revenue-share-fraud-driven-by-fake-captchas/
#threatintel #cybercrime #threatintelligence #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #IRSF #telecom #captcha
-
this is just cursed behaviour - whather #Groundwire registers when something else is using same external IP depends on what order SIP registrations arrive!
In this case its not a disaster as if I am on site I have far better devices available than my mobile phone to make SIP calls with (or can just use its LTE data), but its something worth being wary about as it could bite you in the arse if you are setting this up in somewhere where you don't have access to a different IP address to that shared by a #FreePBX inter-PBX #trunk
-
this is just cursed behaviour - whather #Groundwire registers when something else is using same external IP depends on what order SIP registrations arrive!
In this case its not a disaster as if I am on site I have far better devices available than my mobile phone to make SIP calls with (or can just use its LTE data), but its something worth being wary about as it could bite you in the arse if you are setting this up in somewhere where you don't have access to a different IP address to that shared by a #FreePBX inter-PBX #trunk
-
this is just cursed behaviour - whather #Groundwire registers when something else is using same external IP depends on what order SIP registrations arrive!
In this case its not a disaster as if I am on site I have far better devices available than my mobile phone to make SIP calls with (or can just use its LTE data), but its something worth being wary about as it could bite you in the arse if you are setting this up in somewhere where you don't have access to a different IP address to that shared by a #FreePBX inter-PBX #trunk
-
this is just cursed behaviour - whather #Groundwire registers when something else is using same external IP depends on what order SIP registrations arrive!
In this case its not a disaster as if I am on site I have far better devices available than my mobile phone to make SIP calls with (or can just use its LTE data), but its something worth being wary about as it could bite you in the arse if you are setting this up in somewhere where you don't have access to a different IP address to that shared by a #FreePBX inter-PBX #trunk
-
this is just cursed behaviour - whather #Groundwire registers when something else is using same external IP depends on what order SIP registrations arrive!
In this case its not a disaster as if I am on site I have far better devices available than my mobile phone to make SIP calls with (or can just use its LTE data), but its something worth being wary about as it could bite you in the arse if you are setting this up in somewhere where you don't have access to a different IP address to that shared by a #FreePBX inter-PBX #trunk
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
Web application security has DVWA and WebGoat. VoIP and WebRTC security hasn't had anything like it ... until now.
We built DVRTC (Damn Vulnerable Real-Time Communications): a hands-on lab for learning VoIP/WebRTC attack techniques. Full dockerized stack with Kamailio, Asterisk, rtpengine, and coturn — each configured to exhibit specific vulnerable behaviors.
7 exercises covering SIP extension enumeration, RTP bleed, SIP digest leaks, credential cracking (online and offline), TURN relay abuse, and traffic analysis. There's a live instance at pbx1.dvrtc.net you can test against right now.
https://www.enablesecurity.com/blog/introducing-dvrtc-damn-vulnerable-real-time-communications/
GitHub: https://github.com/EnableSecurity/DVRTC/
#infosec #webrtc #voipsecurity #sipsecurity #penetrationtesting #training #TURN
-
🎉🥳 Breaking news: #Ubuntu, the OS for people who love pretending to be hackers, finally realizes #passwords are meant to be seen, not just whispered to the void! 🚫🔒 Let’s all thank #ModSecurity for this enlightening revelation—it’s not like anyone’s been complaining about sudo prompts for decades or anything... 😂👏
https://pbxscience.com/ubuntu-26-04-ends-46-years-of-silent-sudo-passwords/ #HackerNews #Humor #HackerNews #ngated -
Surprised it took me so long to discover #SNGREP (which has been around for a while), its a game changer compared to looking at the #Asterisk console trying to pick out the #SIP traffic you want from all the other stuff.
It also intercepts packets at kernel level (before any firewall) giving you an insight as to how many #blighters are trying to exploit #VOIP phone systems (especially those where you *have* to open 5060 UDP to connect correctly to SIP trunk providers and/or other PBX or else no inbound calls arrive)
Even produces call flow diagrams which look like the 1980s era training manuals for ISDN from British Telecom I downloaded!
(I clipped off part of the screenshot with my IP addresses at the top)
-
Surprised it took me so long to discover #SNGREP (which has been around for a while), its a game changer compared to looking at the #Asterisk console trying to pick out the #SIP traffic you want from all the other stuff.
It also intercepts packets at kernel level (before any firewall) giving you an insight as to how many #blighters are trying to exploit #VOIP phone systems (especially those where you *have* to open 5060 UDP to connect correctly to SIP trunk providers and/or other PBX or else no inbound calls arrive)
Even produces call flow diagrams which look like the 1980s era training manuals for ISDN from British Telecom I downloaded!
(I clipped off part of the screenshot with my IP addresses at the top)
-
Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..
Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)
Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)
The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like
-
Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..
Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)
Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)
The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like
-
Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..
Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)
Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)
The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like
-
Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..
Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)
Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)
The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like
-
Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..
Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)
Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)
The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like
-
I need a proper name for my #isp2go project. Right now, isp2go is just an internal codename. Please drop your fancy name ideas in the comments - I’m happy about every suggestion. Later, I’ll run a poll with the most-favourited ones.
:blobfoxhappymlem: Boosts appreciated!
TL;DR: It’s a portable ISP in a 19" rack on wheels, e.g. for nerdy events. It still needs a real ISP for upstream, but it’s made for quick infrastructure setup and a bit of retroness (having your own DSL network is kinda cool, right?).
It includes a DSLAM (DSL broadband with your favourite modem), a PBX for local analog and VoIP telephony, a 48-port 10G switch, and a server. The server handles the firewall (PPPoE server, #cghmn VPN, routing stuff), hosting some on-site HTTP services like a customer dashboard (as you probably know from your own real ISP), and more.
A 56k dial-up service is also planned! (ISDN too, if I can get the provider side compact enough.)
▶️ See https://pad.fuxle.net/83vmbcqMQ2qeZyV-dJ3SvQ for the current project state