Asterisk Hacking [NOOK Book]

Overview

Asterisk hacking shows readers about a hacking technique they may not be aware of. It teaches the secrets the bad guys already know about stealing personal information through the most common, seemingly innocuous, highway into computer networks: the phone system. The book also comes with an Asterisk Live CD (SLAST) containing all the tools discussed in the book and ready to boot!

This book shows readers what they can do to protect themselves, ...
See more details below
Asterisk Hacking

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$30.99
BN.com price
(Save 42%)$53.95 List Price

Overview

Asterisk hacking shows readers about a hacking technique they may not be aware of. It teaches the secrets the bad guys already know about stealing personal information through the most common, seemingly innocuous, highway into computer networks: the phone system. The book also comes with an Asterisk Live CD (SLAST) containing all the tools discussed in the book and ready to boot!

This book shows readers what they can do to protect themselves, their families, their clients, and their network from this invisible threat. Power tips show how to make the most out of the phone system and turn it into a samurai sword – for defense or attack!

*Asterisk Live CD (SLAST) containing all the tools discussed in the book and ready to boot!
*Contains original code to perform previously unthought of tasks like changing caller id, narrowing a phone number down to a specific geographic location, and more!
*See through the eyes of the attacker and learn WHY they are motivated, something not touched upon in most other titles
Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
Why pay a fortune for a powerful phone system when you can build one yourself with open source Asterisk software, for a fraction of the cost? Asterisk Hacking shows how to do just that.

The authors introduce Asterisk as "a veritable Swiss Army Knife of telephony and VoIP": both a full-featured PBX and a tool for leveraging the Internet to communicate in all sorts of ways. (You get a taste of its power just by looking at the new features in one recent version: Jabber IM integration, Google Talk support, improved Internet faxing...)

Asterisk installation and configuration can take some work. This book walks you through the process, covering several distributions, as well as installing from source. But it also provides instant gratification, via a live CD: just load and run, and you've got a working, full-featured Asterisk system ready to play with.

Next, the authors turn to expanding and customizing Asterisk, which can be done endlessly via a programming interface based on UNIX standards, using virtually any language. You'll learn how to call external programs from within Asterisk, and how to build sophisticated interactions with users -- for instance, for interactive voice response applications. (You needn’t do all this by yourself: The authors introduce third-party libraries that can handle much of the heavy lifting.)

You'll next turn from conventional PBX features to a primer on the VoIP technology and protocols that Asterisk supports. The authors then introduce some intriguing sample applications (for example, using Asterisk together with cameras and motion capture software to call you if there's movement inside your home). Speaking of security, you'll need to do a little work to protect your Asterisk VoIP communications from hackers. Brashars and his coauthors know this area well and explain both the attacks and today's best precautions. Bill Camarda, from the August 2007 Read Only

Read More Show Less

Product Details

  • ISBN-13: 9780080554358
  • Publisher: Elsevier Science
  • Publication date: 8/13/2007
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 1
  • Pages: 272
  • File size: 3 MB

Read an Excerpt

Asterisk Hacking

Toolkit and LiveCD
By Benjamin Jackson Champ Clark III

Syngress

Copyright © 2007 Elsevier, Inc.
All right reserved.

ISBN: 978-0-08-055435-8


Chapter One

What Is Asterisk and Why Do You Need It?

Solutions in this chapter:

* What Is Asterisk? * What Can Asterisk Do for Me? * Who's Using Asterisk?

  •   Summary
  •   Solutions Fast Track
  •   Frequently Asked Questions

Introduction

For years, telephone networks were run by large companies spending billions of dollars to set up systems that connected to one another over wires, radios, and microwaves. Large machines, filling entire buildings, allowed people to talk to each other over great distances. As the computer revolution progressed, the machines got smaller and more efficient, but still they were almost exclusively the domain of a small sect of companies.

Enter Asterisk ... Asterisk has taken the power of the open-source software movement and brought it to the land of telephony. Much like how open source has proven that users don't need to rely on commercial companies for software, Asterisk has proven that users don't need to rely on commercial telephone companies for telephone systems. Open-source software allows you to be free of vendor lock-in, save money on support, use open standards, and change the software to suit your unique problems if the need arises. Looking at the "traditional" Private Branch Exchange (PBX) market, vendor lock-in is all too common, vendors charge exorbitant fees for support, and all too often the PBX you buy is a cookie-cutter solution with little to no customization options. It is common for people to think that their PBX is a black box that handles telephone calls. In reality, it is a bunch of computing equipment running a highly specialized software package. Open-source software can replace that customized software just as easily as it can replace any other software.

Asterisk is a veritable Swiss Army knife of telephony and Voice over Internet Protocol (VoIP). Designed to be a PBX replacement, Asterisk has grown to be all that and more. It boasts the ability to store voice mail, host conference calls, handle music on hold, and talk to an array of telephone equipment. It is also scalable, able to handle everything from a small five-telephone office to a large enterprise with multiple locations.

Thanks to Asterisk and Vole it is possible to run a telephone company out of a basement, handling telephone calls for people within a neighborhood, a city, or a country. Doing this only a few years ago would have required buying a large building, setting up large racks of equipment, and taking out a second mortgage. But today, everyone is jumping on the Asterisk bandwagon: hobbyists, telephone companies, universities, and small businesses, just to name a few. But what exactly is Asterisk? And what can it do? Let's find out.

What Is Asterisk?

Asterisk is an open-source PBX that has VoIP capabilities. However, this hardly explains what Asterisk is or what it does. So let's delve a little more deeply into PBXes, Vole and Asterisk.

What Is a PBX?

Asterisk, first and foremost, is a Private Branch Exchange. A PBX is a piece of equipment that handles telephone switching owned by a private business, rather than a telephone company. Initially in the United States, PBXes were for medium-to-large businesses that would create a lot of telephone traffic starting from, and terminating within, the same location. Rather than having that traffic tie up the switch that handles telephones for the rest of the area, PBXes were designed to be small switches to handle this traffic. Thus, the PBX would keep the internal traffic internal, and also handle telephone calls to and from the rest of the telephone network.

In the United States, thanks in part to the Bell System breakup of 1984, and to the computer revolution shrinking PBXes from the size of a couch to the size of a briefcase, PBXes flooded the market. Hundreds of companies started making PBXes and thousands wanted them. New features started coming into their own: voice mail, interactive menus, call waiting, caller ID, three-way calling, music on hold, and so on. The telecommunications industry grew by leaps and bounds, and the PBX industry kept up. However, with every silver lining comes a cloud. With the proliferation of digital telephone systems, each vendor had a specific set of phones you could use with their PBX. Company X's phones would often not work with Company Y's PBX. Plus, as with almost every technology, all too often a vendor would come in, set up the telephones, and never be heard from again, leaving the customer to deal with the system when it didn't work.

PBXes are one of the key pieces of hardware in businesses today, ranging from small devices the size of shoeboxes that handle a few lines to the telephone network and five phones in a small office, to a large system that interconnects ten offices across a campus of buildings. However, today's PBXes, when boiled down, all do the same things as their predecessors: route and handle telephone calls, and keep unnecessary traffic off the public switched telephone network.

Asterisk is a complete PBX. It implements all the major features of most commercially available PBXes. It also implements, for flee, features that often cost a lot in a commercial installation: Conference calling, Direct Inward System Access, Call Parking, and Call Queues, just to name a few.

Out of the box, Asterisk can be configured to replicate your current PBX install. There have been numerous installs where a company's existing PBX is taken down on a Friday, an Asterisk server is installed and configured on Saturday, wired and tested on Sunday, and is handling calls on Monday. The users only notice a different voice when they grab their voice mail.

What Is VoIP?

Voice over Internet Protocol is one of the new buzzwords of the media today. While VoIP has been around in one incarnation or another since the 1970s, the market and technology has exploded over the past three years. Companies have sprouted up selling VoIP services and VoIP software, and instant messaging services are starting to include VoIP features.

But what exactly is VoIP? VoIP is a method to carry a two-way conversation over an Internet Protocol-based network. The person using Vonage to talk to her neighbor down the street? That's VoIP. The person in the United States using Windows Messenger to talk to his extended family in Portugal? That's VoIP. The 13-year-old playing Splinter Cell on his Xbox and talking to his teammates about how they slaughtered the other team? That's VoIP, too.

VoIP has exploded for a number of reasons—a major one being its ability to use an existing data network's excess capacity for voice calls, which allows these calls to be completed at little to no cost. A normal call that uses the standard telephone network compression coder-decoder algorithm (codec), µ-Law, will take up 64 kilobits per second of bandwidth. However, with efficient compression schemes, that can be dropped dramatically. In Table 1.1, we list certain commonly supported codecs, and how many simultaneous calls a T1 can handle when using that codec.

The savings of bandwidth comes at a cost though; the more compression placed on a conversation, the more the voice quality degrades. When using LPC10 (one of the most efficient compression codecs), the conversation, while intelligible, often sounds like two whales making mating calls. If you have no other alternative, it will be sufficient, but it's not a good choice for a business environment.

The other major benefit of VoIP is the mobility. Phone calls can be sent and received wherever a data connection is available, whether it is a residential broadband connection, the office network, or a WiFi connection at a local drinking establishment. This mobility has a many benefits a company's sales force can be scattered across the country yet have a phone in their home office that is an extension of the company's PBX. They can enjoy a voice mail box, an extension off the company's main number, and all the other features as if they all were in the same building.

It is important to make the distinction that VoIP is not exclusive to Asterisk. There is a growing market of software-based PBXes that tout VoIP as a major feature. Some traditional PBXes are starting to include VoIP features in them, and local phone companies are offering VoIP packages for customers. As a result, the advantages of VoIP have begun to catch the attention of the entire telecom industry.

The History of Asterisk

Mark Spencer, the creator of Asterisk, has created numerous popular open-source tools including GAIM, the open-source AOL Instant Messaging client that is arguably the most popular IM client for Linux, 12tpd, the L2TP tunneling protocol daemon, and the Cheops Network User Interface, a network service manager. In 1999, Mark had a problem though. He wanted to buy a PBX for his company so they could have voice mail, call other offices without paying for the telephone call, and do all the other things one expects from a PBX system. However, upon researching his options, he realized all the commercial systems cost an arm and a leg. Undaunted, he did what every good hacker would he set to writing a PBX suitable to his needs.

On December 5, 1999, Asterisk 0.1.0 was released. As the versions progressed, more and more features were added by developers, gathering a following of users, conventions, and everything short of groupies along the way. Asterisk's first major milestone was reached on September 23, 2004, when Mark Spencer released Asterisk 1.0 at the first Astricon, the official Asterisk user and developer's conference. Asterisk 1.0 was the first stable, open-source, VoIP-capable PBX on the market. Boasting an impressive set of features at the time, it included a complete voice conferencing system, voice mail, an impressive ability to interface into analog equipment, and the ability to talk to three different VoIP protocols reliably.

Development didn't stop there though. Asterisk continued to grow. On November 17, 2005, Asterisk 1.2 was released, which addressed over 3000 code revisions, included major improvements to the core, more VoIP protocols, and better scalability. Also, this release introduced Digium's DUNDi (Distributed Universal Number Discovery) protocol, a peer-to-peer number discovery system designed to simplify interconnecting Asterisk servers across, and in between, enterprises.

The latest release of Asterisk, Asterisk 1.4, was released December 27, 2006. This release featured major changes in the configuration process, optimized applications, simplified the global configuration, and updated the Call Detail Records for billing purposes. Also new in this version was better hardware support, an improved ability to interface with legacy equipment, and better interfacing with Cisco's SCCP VoIP protocol. Also, as with any software project, this update addressed the bugs and issues found since the 1.2 release.

Asterisk Today

Today, Asterisk is one of the most popular software-based VoIP PBXes running on multiple operating systems. Asterisk handles most common PBX features and incorporates a lot more to boot. It works with numerous VoIP protocols and supports many pieces of hardware that interface with the telephone network. Asterisk is currently at the forefront of the much talked-about "VoIP revolution" due to its low cost, open-source nature, and its vast capabilities.

The company Mark Spencer wrote his PBX for is now known as Digium, which has become the driving force behind Asterisk development. Digium sells hardware for interfacing computers into analog telephone lines and Primary Rate Interface (PRI) lines. Digium also offers Asterisk Business Edition, an Enterprise-ready version of Asterisk, which includes commercial text-to-speech and speech recognition product capabilities, and has gone through stress testing, simulating hundreds of thousands of simultaneous phone calls. Finally, Digium offers consulting for Asterisk installations and maintenance, and trains people for its Digium Certified Asterisk Professional certification.

What Can Asterisk Do for Me?

Asterisk is so multifaceted it's hard to come up with a general catchall answer for everyone asking what Asterisk can do for them. When a friend and I tried to think up an answer that would fit this requirement, the closest thing we could come up with was "Asterisk will do everything except your dishes, and there is a module for that currently in development."

Asterisk as a Private Branch Exchange

Asterisk is, first and foremost, a PBX. Some people seem to constantly tout Asterisk's VoIP capabilities, and while that is a major feature, they seem to forget that Asterisk doesn't need VoIP at all to be a PBX. But even without VoIP, Asterisk has many advantages over traditional hardware-based PBXes.

Advantages over Traditional PBXes

Asterisk has numerous advantages over "traditional" PBXes. These advantages can benefit both larger and smaller businesses. Let's talk about two different scenarios, with two different problems, but one common solution.

(Continues...)



Excerpted from Asterisk Hacking by Benjamin Jackson Champ Clark III Copyright © 2007 by Elsevier, Inc.. Excerpted by permission of Syngress. All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More Show Less

Table of Contents

What is Asterisk and why do you need it?
Installing Asterisk
Add-ons and Modules
Scripting
Asterisk Hardware Ninjutsu
Protocols, say what?
Asterisk Underground
Lock it down!
Reach out and touch someone: The future of Asterisk Hacking
Read More Show Less

Customer Reviews

Average Rating 5
( 1 )
Rating Distribution

5 Star

(1)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted September 26, 2014

    MAP

    Res one: map <p> res 2-4: bios. <p> res 5-16: main camp <p> res 17: woods <p> res 18: forge

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)