My company, Talia, provides hosted Voice-over-IP (VoIP) services to our customers. A typical use is a software-based PBX such as Asterisk on our virtual machine hosting cluster (or as the kids say, our “cloud”). We use the same for our own corporate PBX.

In the past month, we’ve experienced two fraudulent attacks costing a few hundred USD each. We have measures to detect and prevent such things, but that’s not what I want to talk about. I want to talk about how these attacks occurred.

Read the rest of this entry »

Tags: ,

I still use a Buffalo WZR-HP-G300NH as my home router, although I no longer use it as a wireless AP*. Tonight I upgraded it to OpenWRT 12.09 “Attitude Adjustment”. These are my notes on the upgrade.

Read the rest of this entry »

Tags:

Some time ago, I wrote a guide on how to create an online eBook library, accessible from a browser or Android/iPhone device. The benefits are many. You always have access to all your books, anywhere. You can directly share them with your friends. You don’t have to manage local libraries on your devices.

Since I wrote my first post, a number of better tools have come along which make this easier. Here is the new way to do it.

Read the rest of this entry »

Tags: , , ,

Merry Christmas!

It’s time once again for our special Christmas card! Merry Christmas, everyone! We have a special card just for you:

http://www.tolaris.com/xmas/xmas2013.php

(In case you miss it the first time, try reloading or clicking the button.)

Read the rest of this entry »

Tags:

Craig released BackupPC 3.3.0 earlier this year. This version adds a number of fixes, including a minor one from yours truly. It also fixes the issue with Samba 3.6.x.

Read the rest of this entry »

Tags: , , ,

I’m in Stockholm this week, training on OTRS. OTRS is packaged as an RPM for OpenSUSE and RHEL/CentOS, but the package maintainers have left a lot of basic steps for the user to run after install or upgrade. Here are commands to install all missing Perl modules for OTRS, both optional and required.

Read the rest of this entry »

Tags: , ,

Proxmox is a pretty nice virtualisation solution for the medium enterprise. It’s bigger than Virtualbox, smaller than Openstack, and easy to implement on both as single machine or a whole cluster. Unfortunately, the developers are struggling to pay the bills. So with the 3.1 release they have followed the path of “Subscription versus Community.” Users without a subscription are now treated to this dialog every time they login:

You do not have a valid subscription for this server. Please visit www.proxmox.com to get a list of available options.

Read the rest of this entry »

Tags:

At Talia, we use Skype as a backup chat mechanism in addition to our own Jabber server. When choosing corporate Skype names, we tend to match the email address, replacing the at sign as that’s invalid on Skype. So “tyler@example.com” becomes Skype user “tyler.example.com”. A while back we discovered that we couldn’t reset the password of one of our staff members, Mohamed. Mohamed could reset his password via the Skype web interface, but couldn’t login afterward.

Read the rest of this entry »

Tags: ,

It was bound to happen. The IPv4 address pool has nearly run out, IPv6 adoption is moving at a glacial pace, but demand for devices to be IP-enabled is soaring. And so, the vultures have come:

Dear Mr. Wagner,

We would like to invite your company to become a REDACTED Marketplace participant, where you can purchase the rights to unused IPv4 number blocks. There is no cost to become a participant and we currently have significant listings of various size number blocks which can be easily transferred to your company under existing policy.

We are available to discuss how the marketplace works or can provide it to you in writing if you prefer. Please contact me if this interests your company.

Best regards,

XXXXXXXX XXXXXXXXXX
Outreach Coordinator, European Market
REDACTED Marketplace Services

I suppose I’m being unfair. The market is simply moving to fill the demand. But this is monetisation of a resource which should be free, infinite, and available to all. And thanks to politics and bad governance, we’ll soon have to pay for even the smallest IPv4 subnet. That will be a bar to entry to individuals and smaller companies, who will find themselves on a second-tier Internet. The one with private IP space, NAT, and the limitations that come with them.

Tonight I tested a Raspberry Pi model B running Raspbian as an OpenVPN-capable router. I used an Apple USB FastEthernet adaptor as the external interface. Results are disappointing. Pushing traffic through the VPN produced 90% CPU usage at about 8 Mbit with the CPU running at 700 MHz (no CPU overclocking). That’s far below what my tests with “openssl speed” produced.

Read the rest of this entry »

Tags: , ,

« Older entries