Saturday, April 29, 2006

VoIP Fun

Pier got me interested in exploring VoIP, over the course of supper one evening.

My ISP BeThere, not only supply ample bandwidth, but also a wireless ADSL2 router with a built-in SIP ATA.

I started off by getting an account with VoipFone, they seemed to have a good balance of services and price. Not the cheapest calling rates, but no monthly fees and lots of services like voicemail and a virtual PBX etc. I setup the router with the account information, plugged in a normal phone and it all works!

I can make and receive calls via the old phone line and my new VoIP numbers.

Great start!!

I then wrote a little AppleScript plugin for AddressBook.app that gets it to dial a number via VoIP by requesting a URL on my router, which then rings my phone and puts me through, cool ;)

Next I started thinking ...... what else do I want this to do, apart from give me cheap phone calls?

My wish list includes :
* free phone calls, local, national, international
* give my family members free phone calls to each other (we live all over the world)
* cheaper mobile phone while I am abroad
* one phone number which will get me anywhere
* one voicemail box for every call, no matter how it gets to me

. . . to be continued . . .

Roll out

The team at VNU rolled out these sites last night:

http://www.vnunet.it/
http://www.computer-idea.it/
http://www.fotoideaonline.it/
http://www.pcmagazine.it/
http://www.databusiness.it/
http://www.networknews.it/
http://www.pmi-business.it/
http://www.channelonline.it/
http://www.gdoweb.it/

Quite a job!!
All running on Open Source: Apache HTTPd, Apache Cocoon, Hippo CMS.

The rest of Europe is to come ......

Thanks for the work guys !!!

Thursday, April 13, 2006

Break In

What damage can a hacker do using GNU Nano on MacOSX?

I found my cpu usage was going through the roof for no apparent reason. I looked in Activity Monitor and to my horror, a 'postgres' user had 'bash', 'sshd' and 'nano' threads running, 'nano' consuming over 60%.

I killed the threads and changed the 'postgres' user password.

I am a developer and I can get stupid, lazy, or rushed. I had installed PostgreSQL for a project I was working on, in a hurry, had to make a 'postgres' user, used 'postgres' as the password, then did not think about it ...... and yes, my NAT passes the SSH port from the outside.

I was getting lots of :
com.apple.SecurityServer: authinternal authenticated user postgres

Now I am getting lots of :
error: PAM: Authentication failure for postgres from 86.123.230.195
error: PAM: Authentication failure for postgres from acb01fc5.ipt.aol.com
etc.

Oi You !!!!! Naff Off !!!!!


UPDATE
What were they doing?
Running 'postfix'.

Now that is really embarrassing, they were sending spam from my machine !!
How come you can do that from Nano ???