January – 2012 – www.gavinwill.me.uk

Change the OS Name in Windows Boot Manager

Being able to test against multiple OS’s is great if you are developing an application. Virtual machines are perfect for this with the nature of the flexibility they offer. However I needed to setup a physical computer that would multiboot for testing that would run Windows XP, XP 64 bit, Vista Business, Vista Business 64 bit and finally Windows 7 along with Windows 7 64 bit.

So it was simply a case of installing XP first then Vista and then 7 onto different partitions on the hard drive. After I installed Vista 64bit there was a problem since both versions of Vista were simply listed as Microsoft Windows Vista at the multiboot prompt to select an OS. There was no way to distinguish what was the 32bit version and what was the 64bit version when given the boot options to choose the OS.

In XP you can modify the display name by modifying the hidden file boot.ini however this feature is abscent in Vista and 7. In Windows Vista and 7 you need to use an elevated command prompt and run the command bcdeit. This displays the boot manager along with the boot loader. In the Windows boot loader you can see an entry called description. This is the entry you see at boot when selecting what OS you want to go into.

Say we were in the 64bit version of Windows 7 and wanted to label the boot loader accordingly simply run the command:

 bcdedit /set {current} Description "Microsoft Windows 7 64bit"

You should be returned with The operation completed successfully. Now when the computer reboots you will be presented with an unambiguous list of operating systems that you can choose from. A simple touch but it makes it a lot easier.

Configuring Fail2Ban with Asterisk

Fail2Ban can compliment your Asterisk security by automatically blocking failed authentication attempts against your asterisk server. However a little configuration is needed to let Fail2Ban be aware of the structure of the asterisk log files so it can “read” the log files and block the failed attempts.

First we need to install fail2ban and jwhois from the rpmforge repository

yum install -y fail2ban jwhois

We then need to create the file /etc/fail2ban/asterisk.conf. This is telling fail2ban how to read the log files for failed authentication attempts.

# Fail2Ban configuration.
#
 
 
[INCLUDES]
 
# Read common prefixes. If any customizations available -- read them from
# common.local
#before = common.conf
 
[Definition]
 
#_daemon = asterisk
 
# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>\S+)
# Values:  TEXT
#
 
failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register
            NOTICE.* <HOST> failed to authenticate as '.*'$
            NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
            NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
            NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
 
# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

We now need to add some information to /etc/fail2ban/jail.conf that tells fail2ban where the log files are and what to do when it sees failed authentication attempts.
This includes sending an email to alert you of the action.

[asterisk-iptables]
 
enabled  = true
filter   = asterisk
action   = iptables-allports[name=ASTERISK, protocol=all]
           sendmail-whois[name=ASTERISK, dest=alerts@domain.com, sender=fail2ban@domain.com]
logpath  = /var/log/asterisk/full
maxretry = 5
bantime = 432000

Also in the jail.conf you would want to configure the ignoreip or whitelist to tell fail2ban to ignore certain ip addresses or subnets.

ignoreip = 172.16.0.0/12

This is almost working now but we need to tell asterisk to log the date in a specific format which is compatible with fail2ban.

Modify /etc/asterisk/logger.conf and add the following

[general]
dateformat=%F %T

The asterisk logger needs restarted after this change

 asterisk -rx "logger reload"

Now we can start up fail2ban (or restart if it is already running) and set it to start as a service at boot.

service fail2ban start
chkconfig fail2ban on

Naturally we now need to test this and ensure it works as expected. When you start the fail2ban service you should get an email notifying you that the jail has started. This is naturally a good sign. Now from a phone / softphone simply try and register the phone with invalid extension or password (ensuring it address is outwith the specified ignoreip) and repeat this 5 times. It should be banned automatically and you should receive an email notifying you of this ban. When trying to authenticate the first few time you will see a 403 forbidden message. When fail2ban has banned this IP you should notice on the phone / softphone that instead of a 403 error message it should simply state no service. This is a good sign since it appears that the phone / softphone cannot connect at all to the server – the reason is because it has been blocked by fail2ban.

You can see a list of the banned ips / addresses by running the command

iptables -L -n

Now reboot the server and ensure the fail2ban service starts at startup.

Step By Step

Chris Akrigg’s Road to recovery.

Path to All Users Desktop in Windows 7

Windows 7 changes the way “All Users” is handled compared to XP

All users desktop:

C:\Users\Public\Desktop\

All users start menu:

C:\ProgramData\Microsoft\Windows\Start Menu\

Fetchmail, Exchange 2010 and Request Tracker

With trialing the open source ticketing system Request Tracker I wanted to setup an email address that requests could go to and for Request Tracker to pick up these emails and put them into a queue. The common way for doing this is to use fetchmail to collect mail via pop3 and to then place them into a Request Tracker queue.
We dont normally use pop3 so the first thing to do was to start the pop3 service in Exchange 2010 and set it to automatic start up.
Then it was simply a case of creating and editing fetchmailrc to collect from Exchange, In the instance below it polls the Exchange Server every 10 minutes to collect and process any emails.

set daemon 600
set invisible
set no bouncemail
set no syslog
poll EXCHANGESERVER protocol pop3 auth password username "username" password "password" mda "/opt/rt4/bin/rt-mailgate --queue General --action correspond --url http://RequestTrackerURL" no keep

TCP/IP Information Stored in Windows Registry

I needed to confirm DNS was correctly set on a remote computer but I could disrupt the user on the remote PC. I knew that DNS info is stored in the registry so simply used Regedit and then used connected network registry to connect up to the remote PC.

Browsing to:

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Paramaters

provides you with the information on network card(s) and the IP information. In this instance DNS was correct and there was another issue but it was good to be able to confirm the configuration.

Remotely Shutdown Windows Computer

Quick and handy command to remotely shut down a windows PC

 shutdown -s -m \\computername -t 01

In this case the switches are -s = shutdown, -m = remote machine and -t is time until shutdown in seconds, in this example 1 second.

Naturally you must have local admin rights on the remote machine to shutdown.

Forwarding Incoming Calls over an Asterisk IAX Trunk.

I needed to find a way of forwarding incoming calls from one Asterisk box over to another Asterisk box. There were restrictions in simply putting the ISDN cards into the new Asterisk box. To do this I had to first connect the boxes with an IAX2 trunk which is easy enough. Once the 2 Asterisk boxes are connected via an IAX2 trunk it was a case of creating a custom extension and to forward incoming calls to this custom extension.

For each incoming number on the first box I had to create a custom extension that corresponded to this incoming number.

Simply editing extensions_custom.conf and adding the following

[custom-5551234]
exten => s,1,Dial(IAX2/TrunkName/5551234,30,r);

This is essentially saying to create a custom extension called custom-5551234 if this extension is called to start the call with priority 1 and to Dial the IAX trunk with a timeout of 30 seconds and to force the generation of the ring tone

Then on the first Asterisk box I created an Inbound Route that stated if there is a call to 5551234 transfer / call 55512334 on the IAX2 Trunk.
This was done with a simple Custom App to dial

custom-5551234,s,1

On the second Asterisk box you simply then create and Inbound rule as normal for a direct dial and point the extension to the IVR / Extension / Conference room as requested.

This has worked really well and has proved incredibly reliable.

Pages

Archives

Search:

Posts

Monthly: January 2012