ACM update

I'm having a lot of fun with the Asterisk Manager Interface (AMI). Where I previously relied on .call scripts to start stream the conversation in the conference room, I now have a button on the conf. mgr. interface (pic below).
The Kick and Mute/Unmute buttons are kinda obvious. The "Muzak" button starts playing music into the conference room. The stream button starts streaming the conference room to a local Icecast server. The "trick" behind these last two buttons is the "Originate" function call in the AMI.
Next up: being able to edit the caller's name and their topic (can you guess where I'm going with this?) and being able to push callers back and forth between queues and conference rooms. Maybe a bridge between conference rooms?

I R one!

As of 2 p.m. today, I've recert'd GSEC and have picked up GCIH. I'm also quite brain dead and a bit computer-adverse at the moment. What a way to spend a Sunday afternoon!

Further experimentation

Sparks lent a hand in testing out the setup (screen capture below). That's an inbound Icecast stream (muted so we could talk), an outbound Icecast stream (for podcasting), two cell phones and two Skype clients. There was a little bit of echo but I think that was cross-over due to the proximity of the handsets.
It's surprising to see that IPKall and FWD allows more than one concurrent inbound call. I'll need to do a bit more research to figure out what the limits are, both remote and on my system (what with all the other daemons that are running).

Note that I've updated the mute/unmute code.
Thanks for the assist, Sparks!

Disclaimers for "Asterisk Conference Manager"

Before anyone uses the code for ACM, let me spit out a few disclaimers:

• The code is GPL'd by the original author. The usual terms apply.
• The original author's disclaimers, and those for the Asterisk Manager Interface (AMI), where the security of this program primarily relies on your ability to limit access to it, still exist.
• The program is written in PHP and AJAX (or what passes for it). I suck at PHP and AJAX. Keep in mind that the program is little more than a page scraper for the AMI. What this means is that the code is likely to be very version-dependant. (I'm running Asterisk 1.4.x.) It works but you can't hold any of the coders responsible for maintaining it. Any changes/updates to the underlying platform will likely break ACM's functions.
• Running this service keeps an open connection on your web server. Firefox and/or IE are likely to be poor choices for browser interfaces for this program. Both are memory hogs and eat up a chunk of memory. I run a lot of crap on the same machine as this one. Heavy use of the underlying web server, with Firefox, does generate audio artifacts. Your mileage will vary.

In any case, please let me know if you find it useful or want to suggest changes.

Asterisk Conference Manager

I've been playing with Asterisk for awhile now. In hooking it to Icecast and Liquidsoap, I needed to come up with some sort of management system for the conference calls.
Meetme Manager really didn't fit the bill. I liked the available controls but hated that you had to click on something to update the page. This meant either a local GUI or an Ajax-driven web interface.
Luckily, John at Asterikast had played with an Ajax (I think it's Ajax) interface which maintains a connection to the Asterisk Management Interface (AMI). The drawback to John's script is that it hasn't seen an update since he posted the code last March. I did like the baseline code though, so I've made a few changes.
The major revisions are in the output.php file. There seemed to be a lot of code to perform just a few functions. I've heavily edited that so that it now recognizes local connections and miscellaneous SIP connections that didn't meet the original filter constraints.
John's original code only allowed for kicking users. I've added mute/unmute controls. Currently, it's been demonstrated to handle local internal connections (.call connections for MOH), SIP calls from the local network, and IAX2 calls via IPKall and FWD (Yeah, I call Washington State to connect to my own machine in Virginia Beach. What the heck, it doesn't cost extra...).
The new code is here. I plan on adding color coding for muted/unmuted callers and to experiment with much more of the AMI features.
For giggles, here's a screenshot. That's my son dialed in via a SIP hardware phone, me dialed in via SkypeOut (via IPKall and FWD), while .call scripts pull in a Liquidsoap-generated stream from Icecast and push the resulting conference stream back to the same Icecast server.

Coming up for air

Apologies for the dearth of posts. I'm in the middle of a certification marathon, facing a number of self-imposed deadlines. I've finished re-cert'ing GSEC and have two more to go by the 1st of the month. (Note to self: celebrate having started this blog prior to obtaining the cert in the first place.)

Hopefully, I should have everything done this coming weekend.

chk_vm_pwd.agi

The sample dialplan code on VoIP-Info.org for authenticating using voicemail passwords has a bug in it. In the perl section, line 122,7 should read:

exten => *122,7,GotoIf($["${result}" = "0"]?20:30)

Note the one less left-bracket ("[") before ${result}.

pyTivo

I've put the notes for the piTivo installation in the wiki. For those that don't know what piTivo does, it allows you to push content back onto your TiVo, all without having to hack the dang thing.

Not a small problem.

This is really not good. If you want an idea of how bad it is, try visiting the NIST Vendor list and picking out all of the Microsoft products. Then remember that Microsoft tends to re-use code as much as possible, making the possibility that the problem exists in XP and Vista very likely. Then go back and pick out all of the products which employ Microsoft's libraries.

While this sort of paper doesn't cause problems directly, it is the sort of thing that others build upon, often ending with "nice" additions to security toolkits. I wonder how long it'll be before NIST responds....

Update: the paper is here if you don't want to wade through Slashdot.

Shmoocon attendance

Someone did a nose count and figured out that there's at least 30 people from the Virginia Beach area going to Shmoocon (and there's two more sessions of ticket sales to go). I guess we'll be the big ugly mob in the lobby bar at 2 a.m. (heh)

Telmnstr is campaigning for a Hack or Halo project. Any thoughts? I've got a collection of junk box kruft that I'm willing to donate as parts or prizes.

Cell phone jamming

Before you take it upon yourself to jam someone else's phone calls, just because you can only hear one half of the conversation, please consider the following:

• What's your justification?
• Are you jealous that you're not part of the conversation?
• Don't like that the girl likes to say "like", like way too much?
• Before you get into the "invasion of your space" argument, answer the question: "Where am I?" I'm willing to bet that you're in a public place and your personal space doesn't involve a cone of silence.
• Do you come from one of those broken homes where "silence at the dinner table" was a rule? If so, then I'm sad for you. I come from an active family that the earliest we'd see each other as a group was dinner time. Aside from a few spats when we were younger, it was a time for communication.
• Are you that much of a control freak?

When you press that button realize:

• You're breaking a Federal law each time you push that button, risking fines up to $11,000 ($10,000 for jamming, the rest for possession and use of contraband)
• You're also risking a civil suit from anyone who's conversation you interrupted (think doctor's talking to emergency room). Jammers are rarely directional, especially the cheap ones. A thirty foot range means sixty feet by sixty feet (i.e., everyone in the restaurant, and then some).

Yeah, there are a few places where cell phone use can be seen as inappropriate, such as church, a movie theater, or class. However, let me point out that it is not you, with your butt in the chair, that has the right to enforce any such rule. It is the responsibility of the paster/priest, theater owner, or instructor to make and enforce the rule. Anything that you do, including saying "Hang up that phone!" is beyond your jurisdication and may be construed as a form of assault (look that one up). It falls under "The management reserves the right to refuse service..."

You want silence, go sit somewhere where the business owner prohibits the use of cell phones (it's his jurisdiction, not yours). If it's a public place, you're S.O.L.

You cell phone users. If it's a place where quiet is the norm, it's okay to answer your phone, just take the conversation outside as soon as possible. It's the polite thing to do and it'll help keep the etiquette nazis off of the rest of our backs.

Me? I'm using another entirely legal device. If you use a jammer in plain view, I'm taking a picture and hoping it's good enough to convict you. If you're yelling into the phone in a place where quiet is the rule, I'll take a series of pictures (hey, you're acting strange in public), choose the best one, and submit it to the Craption Contest.

pyTivo

Remember that diagram that I made of my home network, about a week ago? Scratch that. I've added a few more lines to it. In cleaning out some of the kruft that has backed up in my Bloglines subscriptions, I came across a PVR Wire post about pyTivo. (I can't post the link to the original article 'cause it isn't there anymore. Bloglines remembered it though.)

In any case, pyTivo allows me to push media from my computer (vidcasts, podcasts, SageTV recordings, etc.) back through the TiVo.

The bad news is that the program actually has to load the media onto the TiVo. The good news is that you can start playing it a few seconds after the transfer starts (good for large vids!).

I did have to monkey with the config file just a bit. I had to enable the beacon and change it to the broadcast address for my network (vice 255.255.255.255). Note: the Cheetah Namemapper warning supposedly can be safely ignored.

In any case, I can now watch vidcasts on my TV without having to use the funky podcast client built into the TiVo interface. Even though I can play music through there, I don't have a decent sound system connected to that TV so I probably won't use that one much. Also, lets not forget the ability to pull files off of the TiVo with the web interface (backups!).

Got mine

Got my ticket for Shmoocon. Not a whole lot posted about it yet, except for discussion of ticket sales. The Shmoocon Roommates mailing list appears to still be alive (though inactive).

A web interface for LiquidSoap

I'm writing a web front-end to Liquidsoap, a scripting language that easily builds and transmits audio streams (live or from files) to Icecast and Shoutcast servers or to local hardware. The script is basically a juke box for the various network-enabled audio devices in my house. I'm keeping development notes (and the code) in the wiki for anyone that wants to follow along.