Categories
Asterisk Support Blog Elastix Support Knowledge Base Security

Shellshocked by Bash !

Well any one in IT and many people who never have anything todo with dirty working of *nix operating systems including Apples OSX cant have missed the news about the latest venerability. This is hot on the heels of teh OpenSSl one and the NTP one before that.

All these have different levels of risk, The NTP one was just a pain easily fixed and could cause little damage, The Openssl one was more of a risk as it allowed hackers to read the memory of systems using certain versions of OpenSSL nicknamed Heartbleed. Now the Bash one is fairly simple to exploit and has been now seen in the wild which in the case of Heartbleed it wasn’t really exploited in the wild.

So how do you test. simple , just type

env x='() { :;}; echo vulnerable’ bash -c “test”

and if it comes back saying Vulnerable update bash.

Great easy you say, well it was spent half a day checking 40 odd servers and updating bash. But then the update they rolled out want enough so today went back round updating again.

It has to be noted that some repositories were running slow and in teh case of one (SCHMOOZE) they hadn’t got the latest patch live by mid day.

It was pleasing how most suppliers were open and concise on what to check and how to fix. I was rather disappointed with  another Asterisk Based PBX distro who instead of publishing how to check and what to do, told users to download a script and run that, I don’t think its a good idea to hide security measures, If people deploy systems they need to know how to secure them.

I wonder whats next? , After spending 2 days on this now looking at setting up a Puppet server, This has cost me a day of my time and i’m meant to be installing a queuemetrics call center for a customer…

Categories
Knowledge Base

Getting bad ELF interpreter with Nagios

When using some Nagios plugins to check server load and disk space on 64bit systems you may get back

/lib/ld-linux.so.2: bad ELF interpreter: No such file or directory

This means that you dont have the required libraries, To install them on Centos

yum install glibc.i686

The solution above works on CentOS, Fedora, or Red Hat 64bit operating systems; on a Debian or Ubuntu derived system use :

 sudo apt-get install ia32-libs

 

 

Categories
Case Studies

Restaurant Booking Solution.

We have been working with a client on a Hosted restaurant booking solution, providing the CTI and call tracking systems. This was complicated by the simple fact that the booking system was a closed system by another supplier.

The system works by the restaurant diverting their line to a DDI number we provide that sends the call to the system with the destination matching a defined number for that restaurant when the call enters the system the relevant settings are looked up in a database and audio message file, IVR options and CallerID name are set and the call is passed to the IVR. The caller then chooses their preferred option, The call can be depending of the time of day be passed to the call centre for a booking to be taken on the restaurants behalf or the call is passed to the restaurant where in many a Hosted Gigaset Dect handset is provided for them to take the booking or call the call centre for free.

The system has changed and evolved over time and by using Asterisk has meant that we can accommodate most requests for changes, Most recently we updated the statistics package to Asternic Pro

Asternic stats
Pro stats

Statistics. This has allowed much more detailed reports to be created for queues and agents.

The calls are delivered to the platform over a EFM circuit from Gradwell.net providing quality and reliability combined with increased capacity over the original ISDN30 circuit.

For disaster recovery we provide a backup system in a data-centre that is kept in sync with the office system so in the case of power outage or system failure calls can be diverted to this system and calls take on mobile phones. Switching to back-up system is completed by the single click of a button on a web-page that instigates the diversion of the lines and starts the backup system automatically.

Currently we are migrating the database services off to a separate VMware server with 3 VMs, one for each of the core web or mysql servers. This will allow the service to scale as there are now over 1 million records per datatbase and it is showing no sign of slowing.