myprofessorvoip blog

Professor says agree on a standard!

Why? Because volume means cheaper? What does that mean? Well riddle me this Batman, if the world is supposed to go wireless make it easy on my local Best Buy sales rep in being able to identify a solution for me when I ask him to find me a coverage for my roaming laptop. Don’t give him a map with colors on it that will cause him to give me poor information.

Wimax is the first to take off, with deployments ranging all over the 802.1G spectrum. It has a prominent provider of CPE based gear in Zyxel. It already has developed countries singing its praise. All accept the United States. The US does not have one competitor in agreement or where to go next. Granted LTE utilizes most of the current infrastructure as 3G networks go, however WIMAX should be the future for 4G. Not because it was the first to hit the market, but because it just plain made sense.

What ever is chosen, we should know that it will exist over a predominantly IP infrastructure. 3GPP standards hasn’t even agreed on a standard, but Wimax can overly a GSM wireless infrastructure and is ready to do so now. What is the hold up? I’m tired of ordering T1’s only to be raked over the coals of its expensive and ridiculous installation costs. I want to order a connection and have it provisioned just as easy as installing an access point in the 4th floor cafeteria.

I know that is a little naive and I may be a little biased, but I have participated in a Wimax deployment and it was a work of art. Granted Wimax is not without its problems, but I would happily sacrifice growing pains then be a part of the non scalable legacy copper provisioning that has been happening over the last quarter century.

As we stand now, AT&T and Verizon will participate in the When-will-we-have-a -standard LTE. While Sprint and whoever Sprint buys next well be participating in WIMAX. What does this mean? Expensive CPE equipment that does little to fix the mobility problem the US has today. One scenario is that the rest of the world follows Korea and goes Wimax and some of us will be stuck using American only phones. The other part of the equation would be higher CPE costs because of the limited distribution of the technology and the cost that competitors imposed to stay competitive. Meaning Sprint. 802.1G was supposed to be the answer for 4G why not all consolidate our resources to agree on one standard. Count chips after that.

Way to easy. If you want a comparison of the two technologies please go HERE

This is more or less a very objective discussion on technology in general. Looking back in the early stages of IT, forums were the way to bring in new ideas and open discussions on technology strategies. I attempt to participate in a variety of discussion in order to stay afloat in my profession in order to have knowledge as to what the future holds as far as technology is concerned. It is very difficult to follow at this stage. And the need to focus on active participants from the consumer industry is needed.

Technology companies are the only companies that still utilize R&D budgets today. There are no more companies with desire to pay groups to provide solutions for business needs as far as technology goes now. This has hurt the playing field in many ways. Costs have been reduced. Solutions picked on basis of convenience and technology is driven by those who are profit driven. And have you seen requirements for CTO’s nowadays? The requirements are no longer for elite technical professionals, they are for business driven executives with a little bit of tech on the side. Where is the career path going for technical folks? 

This is where participation comes into play. Consumers should run the world, not technology companies. The flow should focus on business needs. R&D groups should be formed in hopes to provide custom based needs for corporations. Technology needs that are out of scope and out of budget should be outsourced for a vendor supplied solution. 

Supporting Example:

Enterprise verses traditional Telecommunications carriers. 

Having eyes in both areas provides me with more insight than most people have. For starters, network monitoring solutions. Most vendors that claim that their solution is the best are fooling only those who are too lazy to invest time to see what they actually want. Any solution should begin with need and followed by how we can achieve this. Most commonly in today’s workplace it is followed by how can we “obtain” this? And you will go on a bender putting two or three solutions together and achieve nothing but higher operational costs. “All” management tools can be created in house with local tools. That’s right, all, in fact if companies sat down and provided resources for excellent R&D they could save allot of money on operational costs and the purchase of commercial solutions. 

In most telecommunication companies, in house development of management tools has always been a necessity. New equipment arrives onsite and vendors participate with the consumer in developing the best API’s or MIB management interfaces so that the company is provided everything they need to manage. 

Now this is just one example and one area where this model can be helped. However, all areas can be helped by this and this is why forums were developed in the first place. To assist the consumer base, and not to assist the commercial market in developing new solutions.  Companies settle for solutions. Enterprise Security and VOIP have been bottle up into solutions and provided to consumers who take on the operational support costs and not fully understand if this solution is what they are actually looking for or does the name solve their last assessment. 

If I had the time I would put together a forum. As you can tell from the site, the professor gets busy. However, to fix the open community I would make time. I would like to take all small business into a forum and assist in providing solutions that may or may not include those that necessarily cost money. Develop security solutions that do not require a huge support contract in order to maintain. Help take open source VOIP to provide telephony at cost verses one size fits all solutions that are overkill. 

And next provide forums that comment on technology and participate on a consumer level and not a vendor level. 

For example:

In parallel to what is being developed in the mobile ip community, there is a protocol being written to provide mobility using IPv4 and can be used in conjunction with VOIP and mobility platforms. This protocol is called HIP. (Host Identity Protocol). The HIP protocol works in conjunction with dns and public keys to keep host identity intact for hosts. Consumer feedback would enable development for enterprise solutions as well as carrier solutions. You can all see how it applies to carrier based solutions, but in the enterprise, how cool would it be to have users that are quite mobile and still have access to resources provided by their own company. This is just one application, but it would be secure (certificate based) can survive without the need of a vpn tunnel.  

You could carve out a bunch of need for this technology.  In order to do so, we need to change how we participate. Lets not wait until it becomes relevant and then put in a feature request. Let’s mold it relevancy at its infantry. 

The reason this last chapter took so long is because like most of you I work for a living so I needed time to implement before I write a blog. The Professor doesn’t like to provide information unless he has did it himself. (I sound like Kobe Bryant with the 3rd person).

I have been involved in VOIP on and off for 10 years. So I have been eager to see it develop into an everyday phrase. There is not a phone call being made during the day that does not involve VOIP to some degree. Even if you still have that Verizon line at home and haven’t given in to Vonage, Comcast, or Time Warner, you have to know that even your TDM Verizon connection traverse a backbone of H.323 and SIP trunks to make it to the DS0 that is connected to your Grandma’s rotary dialed telephone.

Professor’s Conspiracy Theory

Q1: If the government can force you to go digital television, why won’t they force you to go VOIP?

Q2: If I purchased VOIP service from Comcast or Verizon, then why haven’t they converted my traditional lines with the same lines I use to connect my computers? (Cat5)

Q3: I hear about VOIP, I even have Voip service, where are all the bells and whistles?

Like you I have always asked these questions. When you order VOIP service from Vonage, they provide you with an ATA to convert your analog to digital. They also provide 802.11 and regular ethernet VOIP phones for you to connect to their service. They are not a big enough outfit to provide CAT5 cabling to you as well, but for the most part they provide the cheapest offering because they only have to invest in their core and infrastructure. You depend on your Internet Service Provider.

When you purchase VOIP service from Comcast, they have already done the math. They connect your Telephony Demarcation directly to the MTA so that all of your phones will not be changed and all of your existing wiring will be used, rerun or maintained.

This isn’t because they are making your life simpler. Your life would be simpler if you can purchase an 802.11 (wireless) cordless phones and have video conferencing from an IP handset in your bathroom. Softphones for remote travel options. In other words, IP flexibility. However, think of all of the money Comcast will lose if they no longer had to send a tech to your house because your know using 802.11 wireless router from Best Buy, which is plug and play, and not have to send a tech to search your wires and charge you $90 per hour. Dem boys are Union!!

Comcast has the technology to provided these services. They also have the technology to provide ip presence and other IP related features that exist today. But they don’t.

Okay, Asterisk: How to live free!

What exists in the market today are two different models to support subscribers. An IP PBX and a Class 5 server. Both are similar in terms of provisioning application based services, but are different in terms of scalability. You will not configure a PBX to handle 10k CAPs. (Call Attemps Per second).

Asterisk is an IP PBX. Asterisk can provide voicemail, text to voice, voice to text, trunks, extentions, anything a TDM pbx can provide. Asterisk is more or less a core system. You will have to provide a front end. Other than that I would put Asterisk against any of the PBX’s that I have experience on. Such as the Nortel CS2k/ CS2100 and the Cisco Call Manager.

For the purpose of this lesson, I will tell you how I use Asterisk and how it provides a very cheap and flexible alternative for my home living. I have built an Asterisk server for the sake of providing a cheaper service. Asterisk is free, however the time it took to compile and get working was less than 8 hours. There are many white papers that would assist you out on the web.

Cost: Minimal. I used an old computer with a P4 processor. I purchased refurb for $150. I did not purchase a Digium card used to connect to TDM trunks. So I am not using a T1 or DS0 to connect. This is a purely sip connection. So total price of hardware would be $150

Service: I chose to go with a very lightweight service provider. The quality is not perfect, but it isn’t bad either. I am tinkering around that 50ms range which becomes noticeable. But I am pay $14 a month for the service and a DID.

So with $14 a month I am connected to a Sip service provider and I am paying .0012 per call globally. With comcast I pay $19 a month for all US calls. So if I am just comparing Nationally based calls then I make a very minimal profit due to quality concerns.

Applications:

Voicemail is additional with phone service. It is included with Asterisk. Nice part is that with Asterisk you can do what you want with your Wave file. What I have done is configured my Asterisk server to email my wave file to me when I get a call. What I am working on is providing voice to text emailing. There are services out there that I can send my WAV file and they email it back transcribed, but that thats the fun out of it. So bottom line is free.

SMS: Now Comcast supports SMS to Voice services for free. Right now it is a demo, but there is a Perl module that you can use to send SMS to a public SMSC that will forward your messages, but that will take text to voice and I am not a big fan of text to voice. So until that changes I will not be doing this.

Mobility: I can connect to my IP PBX via a soft client. I use many of them and they are all free. One that is readily accessible is Xlite. Comcast has yet to support softclients so this is an added bonus.

Now the way I have my service configured is that everyone in my home is a different extension. So I only have one DID, but for an additional 10 bucks I can get more DID’s. There are other services cheaper, but the total cost of the sip trunk goes up. I don’t need that. I rather have an operator ask you want extension you would like.

Manageablility:

Now you do have web access for Comcast, just like I have web access to my server and any subscriber has access to alter his/her account. I like mine better because it is free. But you can go on the server and look at your voicemail in .WAV files.

Asterisk is a very cool tool that is free and very customizable. I like using pure IP, but you can purchase a card that will have you connect via TDM if you wanted to do so. Only problem I had is RTP proxy. You must have a firewall that does RTP proxy or your voice will never make it in. I use Ubuntu as a firewall so I compiled it very easy. And it is activated in my ipchains rules when every my firewall is restarted.

For a medium sized organization looking to go VOIP, this would be a perfect solution. Even for a large size corporation if you scale it correctly. However, Asterisk is not for the technically weak. So you must be willing to get your hands dirty and your solutions hat on hand. Enjoy.

One of the most frustrating things about being in technology is the amount of operators in the field. Let me elaborate on the term “operator”.

Ten years ago, majority of the information systems staff were operators. People who managed a system around the clock using commands that were supplied to them in hopes to keep the network up and running 24/7. This included making backups, verifying disk space, and also making sure they ran certain commands that needed to be run at off peak hours without fully understanding what the purpose was. It wasn’t their job to find out, it was their job to perform what was asked of them. Similar to my grandmother when she calls Dell support to find out what is wrong with her internet connectivity.

There are thousands of professionals out there who take what is provided to them to perform certain functions day in and day out. These could be network professionals or System Administrators. It is not solely their fault, this is what has become of the field due to vendors who advertise “IT for dummies” solutions. If you are one of those people who purchased a CCNA book, got CCNA certified, and wondered why your salary hasn’t broken the bank yet, you are one of these people.

I have never seen IT that way and I refuse to look at it that way . For every problem, there is a solution. Just because no one has provided a vendor solution, it doesn’t mean that it doesn’t exist.

Example:

I was working a Carrier VOIP project. The softswitch I was using supported SIP, so it was a SIP registrar. Every night at a certain time all SIP connections were going down and causing endpoints to re-register. This problem had been occurring for a long time and without the there were finger pointing without much proof.

I always travel with a linux (Ubuntu) laptop. So what I did was configure a Sip registrar (Asterisk) on my laptop and croned a nmap job as well to verify open ports to the endpoints. I used another script to register to the laptop so that a session was established to another registrar other than the Class 5 server. That night at 2am the same problem occurred. The client lost connectivity and nmap caught the ports that were closed.

The problem easily pointed to the firewall that was setup to detect and act upon attacks and there seemed to be a very mild DOS using port 5060 that cause the router to reject traffic to that port for a period of time. Simple automated approach.

I just used this example because tools aren’t purchased they are improvised. You can ask all of those idiots who purchased a flute years ago and are still trying to find everyday use for them.

People go out and purchase network management tools and utilities everyday  all they are is a bunch of scripts running snmp get and set packaged in pretty java/html pages. When the same can be done on a regular linux platform with cron and referenced in man pages. Why wait for the vendor to upgrade the software to manage switches now, when you can walk the MIBS of the device and update your own scripting.

This is what is wrong with IT. If the paid “network engineers” and “system administrators” cannot develop tools of their own then what is their value add? You can pay the vendor to train a monkey to be an operator.

Three months ago I wrote a perl script for a client that enabled him to automate a packet trace to isolate a problem that was occurring off hours. Every night from 2 to 3 am the script took the trace and then ftp’d it to my ftp server so that I could review and take a look at what was occurring. Now the client is looking into 3rd party vendors that could do the same for them because they fell in love with the concept. I did not have the heart to tell them that it was only 5 mins of work, but this reinforces my view.

Technology is ever changing. Things you purchase today have been available for years. Just because Cisco or Microsoft offers it does not mean they invented it. There are always cheaper, more flexible and cost effective alternatives. Be an engineer, not an operator!

I have been in this industry my whole life and I still find it very strange for people to call themselves experts. Ten years ago finding someone to proclaim they are an expert were very far and few between. 15 years ago, claiming that you knew routing wasn’t even cool. Desktop technician was the way to go. After Desktop, knowing how to configure a server had you thinking McDonald’s was beneath you. So why is it today, all you have to do is search for expert and you get half the networking industry?

Searching for a security candidate provides you with individuals that mostly know security from an application standpoint. Knowing how to configure a firewall makes you less of a security engineer as it is to know how to spell security. If you do not know how to decipher an ethereal trace or to expose typical threats on a a user’s pc, without the use of tools and scripts, then what makes you a security expert?

To know how to configure a router is far easier than to know the in’s and out’s of routing protocols. Why would you consider yourself and expert if you know BGP, but cannot articulate when and why to use RIP? Isn’t being an expert knowing when to use a certain technology and tool? I blame that on Cisco, but only a little bit. I mostly blame the industry. Again to properly hone your skill set and evolve with technology, but know the basics is what is missing in networking.

If you qualify yourself as a VOIP expert, then I take my hat off to you. Voice over IP is a hybrid of Telecom and IP. Knowing Voice over IP is very demanding because if you do not know the ins and out of TDM technology, you will not know how it is supposed to work in the IP world. Being able to bypass tolls have more to do with how to design a Voice network and less to do with how to get Voice to properly work in a IP environment. The routing is more complex and is disguised in complex and confusing Dial plans, and the rules you configure are enough to allocate a whole server to perform. Yet, there are certified experts in the market who can configure a call manager and run a Voice probe.

An expert is a term that goes hand in hand with perfection. No one can ever obtain this title, but only the good ones pursue because the chase is worth it.

I am not the “Professor” because I know a little something about VOIP. I am the “Professor” because I am an active participant in doing my part to “mature” open source VOIP. Eleven years ago, I witnessed the start of the VOIP revolution. Cisco purchased a company call “Celsius”. With this acquisition came the push for frame over frame-relay and the infamous “Cisco Call Manager”.

For me this became the very first commercial push for VOIP that I could remember. The enterprise was ready, but VOIP wasn’t. H.323 was built for voice and video, and found it’s niche being used to trunk particular gateways together. A VOIP gateway is used to mediate between TDM and standard IP. However, for signaling between the phones themselves and the callmanager, Celsius created SCCP, otherwise known as “Skinny”.

This was the first of many errors vendors made when developing products for VOIP. Cisco wasn’t the only vendor with a proprietary protocol used for delivering services and call setup in VOIP, all of the major vendors utilized proprietary protocols. Remember, this was in 1997 and even though companies bought into the idea of VOIP and cost savings, none of them had any models to build from.

Today, it is a different story. Carriers worldwide have converted their core infrastructure as a necessity to provide the service demands at a reduced cost. “Every” major telecommunications provider today provide phone service off a predominately SIP core. Meaning a call coming in from San Jose, CA destined for Boston, MA will be routed over a sip trunk over an IP backbone to terminate to a VOIP Gateway in Boston for call termination. A a cost savings mostly because of the compression ratio of proprietary Gateways on the market. (Some that offer up to 10:1 compression). Not only is sip being used for IP trunking, sip is also being used to provide phone service for Vonage and many of the most popular instant messaging clients worldwide.

VOIP offerings differ as you move out of the US. I have been a part of many projects in which IP phones are being used in the Residential and Enterprise domains in some cases making the need for tdm connectivity obsolete. Witnessing a housewife make a phone call via an 802.11 phone makes my heart warm. Still in the US we deal with corporations still rolling out proprietary units without looking at the maturity of the technology.

Each year more and more VOIP phones are arriving on the market. Cisco has devoted resources to develop their sip offering. They have already released SIP trunking capability in their product line. With the maturity of SIP and their competition growing, Cisco has to realize that their primary selling point, “their phones”, will be challenged by lower cost and equally reliable IP PBX solutions that offer Open Source interoperability and freedom to use any phone with equally as rich feature sets.

Sooner or later, people will realize that there is no true benefit by going with a specific VOIP vendor. Telephony will still be as autonomous as it was in the past, the only reliance is the infrastructure. And when that is realized, let’s see what Cisco comes up with next.

Note: I pick on Cisco, but Cisco is not the only vendor that tried to fight Open Source interoperability. However, it is the most successful vendor in promoting it’s VOIP porfolio as an enhanced feature set of it’s Network equipment offering.

By now it is common knowledge that Verizon in the US is providing IPTV service. Is it a full blown strategy to take over the digital television market? Maybe not, but it should be. Cable providers are someone limited over what they can provide over HFC, which makes the move to fiber a greatly important strategy. IPTV equipment manufactures are everywhere now. All of the major players are overseas in the Middle East and Africa region partly because these are places that were not Westernize to invest in cable television. Not only that but licensing was a major issue, and curiously it isn’t anymore.

I travel quite a bit and I am one to tell you that if a movie came out in the states, I will have to wait 6 months to see that same movie in Europe. Due to piracy, this time table has moved up dramatically. I now have to wait sometimes less than a month. This will go a long way in promoting cable television and on demand services. When in Kuwait this past January, I was practically watching a close to real time Apprentice Celebrity edition. Not bad considering that prime time television is the entire day.

The need for IPTV is not seen as a necessity in the US as it is in other countries, mostly third world, who already exploit the benefits Voice over IP and Video on demand services, but it should be. The US economy have long relied on technology convergence. While fiber is being rolled out in most countries at a record pace, the US is still focused on finding a technical strategy.

Dubai is one of the countries that are leading the pack. Along with Tandberg, a company known for video conferencing making a strong push in IPTV with proprietary measures to transmit MPEG-4 to a nation and not just to an organization.

From the depth’s of Kuwait sandy desert, to the shores of Rome,Italy, through the dark corners of co-location centers of every Middle Eastern country’s Telecommunications infrastructure, the Professor is back in business!! I am working on redoing the website and provide you with tidbits of my knowledge and experience.

There was a time in the Information Technology field when a title was something to be proud of. There was hierarchy in the field. I remember when I was first a techician, I called my parents to tell them that I was a network technician and no longer just an operator. Operator wasn’t a bad position, in fact most “network engineers” today are just plan operators. Here is my classification that will someday make it into Webster’s Dictionary.

Operator- An individual that performs routine tasks and maintenance. The duties can be related to backups, running routine scripts (thank God for cron, network health monitoring, and/or handling some System Administrator tasks.

System Administrator- Glorified Operator. The tasks differ because the System Administrator is responsible for providing tasks and duties to the Operator. User management is the ultimate responsibility.

Network Technician - Responsible for maintenance of the information infrastructure. Responsibility includes network drops and troubleshoots network related issues.

Network Engineer - Now this is a multipurpose title today and could have more uses than comet, but it shouldn’t be that way. A Network Engineer used to be a title that represented a person that integrated network equipment into an infrastructure. To be more specific, when I was a technician I used to have to be on-call when ever a network engineer was bringing a new site up online. Troubleshooting and Integration are two different operations within the network world.

When I was a network technician I was allowed to troubleshoot routing issues, however if i needed to make changes I escalated to get approval. As an engineer you make configuration changes and introducing another router or switch to the environment really takes someone with experience that knows what they are doing.

Network Architect- The role of a network architect is basically keep an overall picture of the infrastructure and design solutions to best provide to the overall mission of an organization.

Solutions Architect- The role of a Solutions Archetect is the same as a Network Architect, but not as narrow. A typical Solutions Architect may work for a professional services outfit and be responsible for researching and designing solutions that are not limited to routers and switches.

I just rattled off most of the titles that have been around for the last 10 years. All of them are summed up today as a network engineer and that is what makes the field frustrating. I remember looking at a resume of an individual who was a Senior Network engineer. I was really impressed with his resume so I brought him in for an interview. When doing interviews I allow the person I am interviewing to control the topics we discussed. This interview exposed the fact that this individual never configured any routing protocols, and could not give me one any sized project that he lead.

With that little of experience you shouldn’t have the right to put network engineer on your resume but people do. In fact, it should be embarrassing to use the title Senior Network Engineer if you cannot perform with mastery of routing, switching, and advanced networking tasks. If you have been a network engineer for 20 years and you still cannot perform these tasks then I am sorry, you are still a Network Engineer.

Specialization fits in the same category. Do not call yourself a Sans Engineer if all you know how to do is manage a Sans switch. Please do not call yourself a VOIP engineer if all you know how to do is configure a call manager platform. You must know the technology and become a reference of sorts on the protocols and inter-working of your craft.

Which reminds me, I once interviewed a person who had a countless number of the word “Expert” on his resume. His title he claimed was “Solutions Architect of the America’s”. See why I had to bring him in for an interview? To make a long story short, he barely knew any of the information he represented on his resume. He was basically a project manager of all the said “designs” that were listed on his resume. I found humor in interviewing him, but sadness in what this field has actually become. Someone will hire this guy with dreams of grandeur, and be thoroughly disappointed and maybe bitter. It will reflect on the rest of the network community.

I misrepresented the term hierarchy when in fact all of the titles and duties that I presented above are autonomous of each other. Needless to say that a good technician would not neccessarily be a good engineer. Most organizations interchange these duties when in fact all you are doing is creating guys that are proficient in the art of cut and pasting when it comes to newly introduced configurations. And a good Network Engineer may not be suited in the art of troubleshooting, however they may been very good at integration.

I once hired an engineer that knew networking inside and out. I never had to proof his configurations. He knew all advance routing protocols and was very proficient in all other technologies he was expected to know. He was a very poor troubleshooter. If it was a BGP issue he would most likely find the issue, however if it was a reported issue that the root cause was not known, he could not deal with eliminating other variables that may or may not be network infrastructure related.

I could use myself as an example, if you want a patch cable made you may get one faster if you ordered one online then wait for me to make one. If you ask for a 10 foot cable, you may get one 8′ feet long by the time I was done making it. I can not express enough the importance of a good network technician. I have had the privilege of working side by side with a lot of them during my career.

Soon we will be required to submit to lie detector tests and have full background investigations. All because individuals cannot properly classify themselves. You heard it first from the Professor.

This is just taken out of a article I just read and professor-sized.VOIPo3G This article articulates business strategies that are molding the direction of carriers and cellular providers, however it doesn’t take in account the huge advantage technology wise. It states by 2012, 255 Million subscribers will be utilizing VOIPo3G. However, the demand for VOIP features, will dictate the infrastructure and within the next couple of years you will see more traditional carriers move to an “all IP Infrastructure” to provide cost reduction and to support all IP functionality be it 3.5G or 4G.
Like I mentioned in an earlier blog, WIMAX is ever so real, however the convergence of IP makes WIMAX just another medium to carrier IP. The need for 4G functionality and speeds can be summed up as the need for speed over wireless technology. The introduction of all IP hand-helds will slowly take over the market forcing companies like AT&T and Verizon to keep up with the demand of bandwidth. Instead of competing with WIMAX carriers, these vendors will become WIMAX service providers in order to keep the market from having a much of a choice.
2012 will be fun, but I expect the fun to start way before then.
Professor

I have seen millions of dollars spent on IP PBX’s (VOIP) for features that are very basic and customization that could be performed better on a less expensive platform. I can honestly tell you that I have done installations of the Asterisk PBX which is free and depending on the size of the installation it really does not demand much in hardware.

If you don’t believe me, download it yourself and in minutes you can have a pure IP PBX solution and place calls within the hour. Asterisk server does everything that most enterprises request and more. There are so many developers on the Asterisk project that all requests get added to source fairly quickly. Voicemail, voice-to-text, and even advance call routing are all features that come with Asterisk base system. Unified messaging free, go figure and trust me when I say that Asterisk is easy to support. I have worked on Nortel PBX’s as well as Cisco Call manager solutions and Asterisk is simpler, cheaper and at the same time complex.

Another PBX which isn’t free, but based on a Windows platform is 3CX. What makes 3CX and Asterisk solutions appealing is the support for SIP. More vendors develop products with sip functionality than they do for Skinny(cisco) and Unistem (Nortel). Which means more flexibility and cost effective solutions for your business needs. Want a video/voice phone? Google one in minutes. Open source means freedom, but unlike most things that are free, support is accessible for fractions of the cost and all of the documentaiton is free.

Next time your establishment wants to look a VOIP, do them a favor and demo Asterisk. I am sure they will be impressed by the performance and the price tag.

3CX
Asterisk

-Professor

Okay. I just finished a Wimax (802.16e) deployment so I am a little biased. I do however feel that 802.16e is the future. There is argumentatively more support in the Wimax community than there is in the pure VOIP community. I have just finished the first ever 802.16e implementation and I am amazed on how many new devices support WIMAX. If deployment of WIMAX became global it could single handedly end GSM. Look at the specs up to 70mbs, 500 meters per cell as opposed to 600 meters for GSM, not only can WIMAX support VOIP and internet, but look for widespread RFID and mobile computer support as well.

There are only a handful of projects this far in my career that I would find intreaging to either design or participate in, one would be another WIMAX implementation that includes IPTV another would be a pure IPTV implementation since I have yet to deploy IPTV.

One thing that still bothers me in the VOIP field is most people operating in VOIP or VOIP security  have no idea what IMS is still. I ran into a guy who works for a leading VOIP integration company with the title of IMS Security consultant, I asked him what Secure P-CSCF products does he sell, he never heard of a PCSCF.

There is still job security in VOIP.

You can walk around Best Buy or Circuit City and take a look at all of the small home office routers on the market. If you are looking for something that you can plug in with very little work involved, by all means invest your money into one of these cheaply manufactured devices. However, if you are reading this post then you are interested in providing this functionality yourself.

In making a decision as to what you would like in a home router/firewall, first ask yourself the question, “what features and functionality do I need?”.  Here are a list of features that I wanted to use in my home office and what they provide:

Firewall: I wanted full control over what I want to protect. I wanted the ability to port map, meaning I want to connect to my home devices from anywhere I travel. Using RDP I want to connect to my windows desktops to perform support for my family and also retrieve files that I have lazily left on my home pc.

Router: I wanted to provide DHCP with more options, such as being able to provide more subnets, multiple dhcp ranges, and remotely but securely manage without worrying about https bugs causing my router to become unresponsive.

Content filtering: I do not have a problem with my teenager going out to adult websites or harmful websites, but I do feel the need to make sure that I understand that all content being access is acceptable. This control is a necessary feature I feel that all SOHO firewalls should support.

IDS: Like all devices that sit on the public network, you should have a clear picture as to what vulnerabilities that exist.  I am able to analyze all traffic that are potentially harmful to my firewall. Or all vunerbilities that I am not protected against. An IDS system provides that information and makes me more security aware. I also have my webservers monitored by my firewall even thought they sit outside my network.

Scripting:

I use Awk, Perl, and Bash to provide automated services. My scripts let me know what I need to worry about and alert me of problems so that I do not have to manually look for them.

Everything I have named here either comes with the Ubuntu linux OS or can be readily downloaded. I must say that it took me a week to properly fine tune my firewall to my liking and it resides on a pretty old PII pentium server. I use snort for IDS and squid for Proxy. My firewall filtering is provided by iptables, which can be fairly difficult. You can download a program to act as iptables for dummies. I chose not to do that.

Most of you by now have wireless routers. The professor uses a wireless access point which is a router that I chose to disable to routing functionality. The reason for, hacking wireless access is fairly easy due to the lack of wireless security in home networks. I do not want my wireless router controlling my home network. I treat wireless access like any unsecured device accessing my network.  This way I am able to quarenteen any security breach. What I do use for wireless security is an IDS monitor on my private ethernet interface so that i can analyze traffic, I use WEP ( which can be readily hacked), but i back that up with Dot1x security. So whenever I have guests I disable 802.1x and have them use my wep key. But majority of the time, my devices use mac security.

You can easily implement what I have in my home to an enterprise. What I will say is that even though if properly configured this can be just as secure as any enterprise, but automation may take special skill sets as there is not alot of engineers that think, they have their vendors think for them. Checkpoint and Cisco ASA’s are both devices that come with solutions that automate much of your protection. But think about this, now a days most of the cars are automatic. If you ever driven a stick, you can tell by the sound of your vehicle how your car is running. Automatic cars create automatic people who are unable to tell if the pulse of their car is operating correctly. Manually handling your own security makes sure you properly understand how your security is working and not take the word of a device which claims they are protecting your network properly.

Last week, I heard the senate passed a new bill that made it illegal to spoof caller-id. I wish I could remember the link that I read it, but I am sure you can find it. How absurd. Just like my blog about the guy who got caught stealing wi-fi, how can you get caught spoofing caller-ID. Technically this is what we have to deal with. Here is a sip packet, in it you will see the where the number is that displays the caller-id.

<ommited> technical difficulties

To spoof all you need to edit is the Call-id field. As simple as that. The only way to get caught is if someone is mirroring your traffic. That simple. The carrier only keeps cdr’s of traffic so that is only the source, destination, and call duration. They are not worried about what the call-id says. In order to block call-id all they have to do is edit the sip packet to exclude the call-id. It isn’t recorded. Make laws on something you know about, not VOIP.

News in New Zealand

New Zealand went totally VOIP. Their service offering is VOIP over dsl, which is the same offering Verizon has, but unlike Verizon they have entirely change the way the process Class 5 calls.

Voip forecast

Look around and you will see that PC graveyards are growing and growing. It’s not like you need the new specs, but Microsoft and software vendors of the like tell you what you need to run their programs. At times I can care less if I am running 32 bit or 64 bit. I don’t play video games or do I need to watch high definition streaming video on all of my computers. However, it is part of the deal that Microsoft has made with AMD and Intel to keep them in business and to help their stock price.

This is why I love Ubuntu. You can load Ubuntu on a PII processor pc and get out of it the same that you would if you loaded Vista. You may not get that high end definition, but why do you need that surfing the web or creating a document. Be realistic. If you into saving the world, recycle a PC. To be honest with you I have converted all but my main work laptop over to Ubuntu and I am not missing a thing. Little things that I have taken advantage of like downloading flash so I can watch interactive websites I have to do over again, but for the most part I am very happy running Linux.

Now office is a different story. First let me tell you that Open office is equal to MS Office. And get this, it is for free. Why isn’t everyone jumping on this deal? I tell you why. Anyone who has prepared for a presentation or created a document is scared of something happening at the time of saving their doc or presenting their presentation. Let me tell you that open office has never let me down. I used open office when I was in college with great results. It never let me down so I can tell you the next time you think about spending over $300 for an ms office license, just jump to open office. You will not be disappointed.

All of this for the price of $0.

Google is a major player in providing what defines open source mentality. Provided they do not use much as far as open source technology, they are opening up their services to provide a shared technology environment for free. Take for instance Google documents. I am a big fan of Google documents because primarily it is free. I can edit documents, share documents, and open any type of document for free.

Free is the best word in the dictionary. Take in account that google provides google chat with no advertisements, google voip, and google maps which is my favorite. All other satellite map services cost money, Google equals free in the professor’s dictionary. Google helps me organize my PC’s with Google desktop, even though it learns too much about my tendencies so that it could present better suited advertisements. How Google has grown has me convinced that it is the best search engine out there. I have wanted lycos, yahoo, and excite all become dinosaurs over night.

Take a really good look at Google and see for yourself what it offers. My homepage will forever be Google. Well until they get complacent like Yahoo!! www.google.com/ig - try it!!

You are only reading this to see if I have any secrets that you don’t already know. I don’t, and you are too old to believe that anything in this world is free. The object of open source is something I believe in and it isn’t’ because it is free. It makes me a part of a community that wants to advance technology and not put money in the pockets of business men who can care less about technology. Ever wonder why Microsoft is so powerful? Because it pays money to engineers to stay ahead of those who work together to provide open source solutions for free.

I don’t mind paying for open source. I would rather pay a small license fee that pays for the effort that hundreds of engineers put into developing creative thinking and not to put people on top of the billionaire list that takes the ideas of open source and expose it. I am not against Microsoft, I am against those who are addicted to Microsoft. Corporate reliance on Microsoft is what I call “corporate ignorance”.

Now I am a hypocrite, I admit it. In fact, I am using a laptop running Microsoft XP Professional. This is the result of corporate ignorance. There are no choices given serious consideration. If a business purchases a computer, by default it is a windows operating system. In fact, most of those making purchasing decisions are not aware of the other choices. A CIO, a CTO, or even a CSO aren’t even aware of the benefits. These are the gentlemen put into the position to mold technology.

The fact of the matter is that none of these gentlemen remember the early 90’s. None of them remember the growing pains of Window’s 3.1. Sure we all remember how happy were were to have solitaire at work. But do we remember how difficult it was to configure a printer or to peer with other computers in the office. The blue screen of death every time the network got congested. It was during that time that Microsoft improved. The patience of consumers were because they were spoiled. Being able to create and edit documents and not have to use a typewriter. And during this time serve as Microsoft’s free Quality Assurance engineers. Reporting problems and ignoring the growing pains. You, the user, made Microsoft. We are the reason we pay $399 for a licensed copy of Microsoft. We are the reason we have to deal with crappy expensive Microsoft support.

We need to change this. Microsoft is not the only target. There are the Verizon’s, the Sprints, the Novell’s, the Sun Microsystems, the Cable providers, and last but not least Apple. You think because Apple has 7% of the market that I should forget them? Look at the price tag on the proprietary systems that Apple produce. Sure I like the Iphones and the IPODS, and Itunes, but come on. I am forced to utilize their products because there is no real competition.

What power do you have? You are the consumer. Do you know if the Linux community grew to 25%, Microsoft would have no choice, but to be competitively priced. That is still not my goal. My goal is to see my kids, your kids, and the kids of every blue collar worker have a computer that didn’t cost a mortgage payment. To construct a document that could be opened on a free software package and not a $600 version of Microsoft Office. (See Open Office). That is the closest thing to free that I can think of. And you need to join me in the fight.

Voice over IP is the wave of the future. It has been existent since the late 90’s, but held up by the telecommunications companies because it marks the end of their dominance. VOIP to VOIP calls will always be free. VOIP to PSTN comes at a cost. The goal is to make toll charges obsolete. Ten years ago unlimited long distance calls for $20 bucks a month was impossible. Now it is a reality.

Ever use a flavor of Linux? 5 years ago it took rocket science to get working. And after you get it to work you play around for hours for it to play nicely with Microsoft. With the Dell deal, Ubunto will make Linux the easiest kid to play with in the playground.

Be a hobbyist, be curious, play a role and advance technology. Take the ride with the Professor!

Ten years ago, the internet was full of possibilities. Everyone experimented and at the same time had fun. I remember when AOL was the hot meeting place. Of course you still had perverts, but my information was semi-safe considering. It was the real world that frightened me. You couldn’t walk outside your house with fear of something being stolen or answer your phone because of telemarketers, tons of junk mail in your mailbox.

The internet was my safe haven. Now, I can’t even bare to read my email. Even with the strongest of spam filters I still get the occasional Viagra ad. Like most people I have mastered clearing my cookies and tying to eliminate my web trail, but still what bothers me are the scum of the internet that sell my information. The information that I provide them to use their service gets sold to others just for the sake of making a buck. I am one of those guys who refuse to run from spam. Of course I delete majority of my email if it looks suspicious, but I can brag about having the same mail account for over 10 years. 10 minute Mail

I remember seeing a service on the web and saying “who would ever need this service”. Now I recommend it. The service is called Ten-minute email. It provides you an email address that will work for 10 minutes that is just for those sites that refuse to give you business if you don’t enter your email address. You may think of this as dishonest, I don’t care. Who plays fair no-a-days? I even made up an email on my domain just for the sake of downloading some VOIP documents. They ran a domain scam and found my legit email address? Smart bastards. Try 10 minute email it will save you the headache of using the delete key.

The internet has lost its class so there is no reason to keep yours.

Check it out

VOIP has grown in the US 125 percent since 2006. That is a major accomplishment. US Growth But I wouldn’t be “The Professor” if I allowed that to be enough. What kind of VOIP growth? I can say that most of the growth has been on the carrier side. Where PSTN interconnects have been substituted with IP interconnects for VOIP customers. Billing has been the same, because of the transparency of the connection. Nevertheless, the ignorance of US in regards of VOIP hasn’t changed at all. Why pay $9.99 a month for unlimited calling when you can pay $4.99? Why pay $4.99 of unlimited calling if you can get it for free?  Most people either do not know where to find VOIP knowledge or are too busy in their lifestyles to find out.  Call it what you want, I call it ignorance. 

Comcast comes to your house to deliver VOIP service. They install a box outside of your house that provides the PSTN to VOIP gateway so that you may use your existing lines already in your house and therefore use your existing phones. They don’t tell you what your options are, and they don’t offer any options. If I am getting VOIP service, I want to know what can change with my lifestyle to make it better. The box that comes with your High speed internet connection is called an MTA. The MTA is connected to a coax and provides an RJ45 connection for internet connectivity. 

In VOIP, cable providers follow the packet cable standard. Okay, back to Comcast, they provide an MTA for your high speed internet connectivity, and the phone connectivity they make a media gateway connection on the pole outside of your home. Before I can explain why I think they do this, I will explain how packet cable providers in other countries work. The same MTA that provides an RJ45 handoff in your home, also provides a RJ11 hand-off as well. (This is what your standard telephone uses).  You have three options, the first option would be to plug your phone into your MTA and talk VOIP  over that single connection. As you know most European households are smaller square foot wise, so one phone is perfectly doable. Second option is they provide you a list of instructions and you can purchase your own phone to plug into a hub or switch located in your home. The third option would be you purchase IAD’s from the provider. IAD’s convert TDM to IP similar to a media gateway, but for a single unit and most likely over 802.11 (wireless).  This way all of your current phones and investments (fax etc) can be used as if the technology never changed. 

This is what technology provides, it provides choices.  Comcast’s choice to provide you with a transparent box that sits where you can’t touch it. Reminds you when you were small and you parents hid cookies from you on top of the refrigerator where you couldn’t reach. The do this because of the union guys and sub contractors. Technicians who make a living off of running new phone lines in your house for $70 per hour. You see MTA’s can be administered remotely. You have a phone problem, why send a tech, I can fix it remotely. I have connectivity issues? It is all IP the problem is either at the CO (remote) or your house, which you can count the lights on your MTA to tell me if it is in the CO or not. That takes the little man out of the picture. It also generates less capitol for Comcast. So that unnecessary step is left in there. 

Technology is great, but until you as consumers start learning how it works we will always be a dominant country with third world ability.

IPTV is here! Well almost. You hear me say time and time again that the United States has always been on a different page as technology goes then the rest of the world. If you don’t believe me, buy a plane ticket and actually go somewhere other than you local mall. Or better yet, get a personality and become a cyber buddy to someone overseas wanting to test their English.

IPTV, just as VOIP, was intended to change the way we communicate and operate in general. It is very common to see someone talk on a softphone overseas. I mean why buy a rj11 (traditional) phone if you can bluetooth or 802.11 a phone off your existing computer. That is the way it is supposed to go. What is the benefit of the technology, for example VOIP, if you can’t go out of town, open your laptop, and start receiving calls to your office line or your home line . The amount of mobile users, meaning recreational and work is growing.

So why isn’t American Marketing telling you how to use the technology? Because Americans have the habit of buying the name, not the use. ATT U-verse comes into your home with an adapter for your TV set. Shouldn’t it stream over IP terminating a fiber connection to your home and allow you to stream to all of your PC’s, in which you bit the bullet and purchase 20” monitors for your computers so you can converge TV and Internet?

The answer is yes for those who do understand the technology. No for those that chose to be ignorant to the usage. Why do they want you to hook it up to your TV? Well for starters, our technology stores are full of high depth TV’s without computer hookup. The little converter they will provide will cost you $15 - 30 even more depending on the area. Your ignorance costs you money.

In an Ideal society, when I pay for IPTV, I have that service no matter where I go. If i want to say yes to the wife and go away for the weekend, I want to be sure that my NFL Sunday league pass takes the trip with me. I no longer want to be in the position where I miss TV shows or sporting events. Same goes for VOIP. I want 1 number for people to get in touch with me. One number. And I want it to be as transparent to the user as possible. If I am mobile, at home, or in the office I want full IP mobility.

When ATT U-Verse becomes available in my area, you damn right I will be one of the first to test it limits. But keep in mind, when the technology is really here there were be choices. Do I want Voip from Verizon or Skype. Skype is cheap with similar Quality of Service. So as far as IPTV goes, I want the Skype version, it’s cheaper!

I have spent a lot of time around people who claim to be security specialists and companies who claiming to have security professionals. Let me clarify a little bit, there is a such thing as a security engineer. And to define that role I will have to simply state that it is an individual that can design, implement and configure Security devices such as IDS, Firewalls, and VPN. This role is very similar and can be the same as a network engineer. Only difference is that there is more job security as a Security engineer.

However, it is important to know that a Security engineer is not a security professional. A security professional breathes security. I know how an IDS system works, but do you know why to deploy it? Realistically an IDS system provides very little protection. Even if it tells you where penetration is occurring, would you know how to prevent it? Download a patch that guarantee’s it is the fix for the vulnerability, do you know how to test the patch?

The truth of the matter is most companies do not implement security as it should be implemented. They hire security engineeers and use vendors that can provide benefits to using their products, but none of the people involved can tell you how to prevent and correct vulnerabilities. Security is not a cookie cut solution. Networking is in fact a cookie cut solution. You have a need you design a solution. In security, each solution opens up another vulnerability.

The biggest Vulnerability are people. The government has been exposed yet again. Hackers Steal U.S. Government Corporate Data from PCs - AGAIN

Think about it this way, how easy would it be to walk up to a coworker you barely know or a person you barely know and ask them if you can check your web email on their system? In fact, they will leave you alone so that you may have privacy. Full access to their system for 5 minutes is more than enough time for me to plant a client on their network or get valuable information from their pc such as username and password.

Don’t ever illusion your self to think that you are protected. No one is protected.

Voice over IP is typical networking with a twist. People who don’t know networking or don’t understand networking in it’s entirety usually become intimidated by VOIP. It is so frustrating for me as a VOIP professional and a Networking Architect the feed on the ignorance that alot of people have about VOIP.

As easy as it is to run a website one could start a VOIP phone service such as what Skype and Jajah have and completely generate capitol. Having this knowledge makes me feel powerful. Not able to capitalize makes me feel lazy. I can be lazy, I have a full time job and full time hobbies like these websites. Still, operating a service is twice as easy as you would think.

1) download Asterisk PBX and install it on a public webserver

2) Purchase DID’s. Very cheap. IP trunk to a provider.

3) Advertise.

Softphones are a dime a dozen. But if you want a free one use X-lite. It is the cheap version of Ibeam. And there you have it, you are now a VOIP provider.

Microsoft, at least for the time being, is the wheel that keeps technology moving. To back up the argument is pretty easy. We all know that Microsoft is on over 95 percent of desktops worldwide. You can also say that IE, Outlook, and the Office Suite is pretty dominant as well.

With that being said I will name a few popular VOIP players. I will not mention Class 5, Class 4 or PBX’s because they have to adhere to the open source standard of SIP. So I will mention yahoo, aim, Skype, MSN and Jajah. Soft phone techology is growing rapidly. Last week from the Dominican Republic I was on a 6 hour phone to the states which cost me nothing using Skype.

If Microsoft chose to implement a softphone within the Windows OS, purely open source. It would dominate the market out of the gate.

Unified messaging is the name of the game as well as convergence with outlook. Many PBX’s with the help of developed software can achieve this, but what sells is if i can go home and it works as well. This is the strategy that Microsoft seems to be going for and this would deploy nicely with built in softphone functionality.

The downfall of open source is too many options. Which is also why I like open source. The downfall to Microsoft is not enough options, which in most cases is why I like Microsoft. To be able to communicate with others without having to worry about interoperability issues or whether grandma is using an MicroLite softphone client or not.

-Derek

The Professor has been an on again off again revolutionist. I am an hypocrite. I believe in many different things, but I also believe their arguments as well. I admit, I believe in an open source way of life. I beleive that someday Linux should share the desktop market. I believe that software should be free and the open community would benefit because of it.

One can’t beleive in angels and not beleive in devils. I enjoy buying a gadget and seeing the microsoft logo embedded on the box. It ensures me that when I plug and play that the odds are in my favor that I will be able to entertain myself with my purchase right away.  As oppose to Linux whereas I may be googling all night for a device driver. There has been strides made most notibly Ubunto, but is it enough to leapfrog Mac and challenge Microsoft?

The answer is maybe. If enough of us make the plunge to make Linux better.  That is how it works. Developers from Microsoft have the privilege of hiring an QA staff, but Open source has us. It looks as if Microsoft stole a page out of open source by unleashing Vista on us very early.

Take the plunge. Take an old PC and load the newest release from Ubunto on it. Or better yet take an laptop. If you are scared of not knowing linux commands then you will be very surprised to hear that nowadays Linux is all Gui driven.

In fact as soon as I get enough people to work and play on this site I want user grades on Ubunto.

I welcome any posts on Open Source. Any questions on the topic.

Americans call them text messages, which is the most idiotic name I have ever heard of. First of all the protocol is SMS. Second of all everyone else in the free technology world calls them SMS. So therefore I move that all Americans get their head out of their butts and conform to the rest of the free world.

Just like T1’s. We are the only country in the world that uses T1’s. Everyone else uses E1’s which are much more efficient. Do the math 32 channels for an E1 verse 24 channels for a T1, all at 64k. Even Canada uses E1’s.

The SMS protocol is the simplest protocol written. It is much similar to HTTP. There is a server which is called the SMSC and clients, which are your cell phones, voicemail servers, and anything else that uses SMS. Just like HTTP it is a connectionless protocol. It is very lightweight and very efficient.

Now you know what SMS is and does, now you can know why I really despise American Cell providers. Most of the free world does not charge for SMS messages, think about it some places charge 2 cents per minute for each text message above a certain threshhold. SMS should be free. It does not cost Telco’s anything to provide the service. If you already have cellular service then SMS uses a fraction of the resources.

Why as Americans do we put up with this? Because we think we are above other countries enough not to worry about what services their cell providers charge. We are also the only country who’s Cell providers charge for incoming calls. Go figure. The next time I see a finiancial lose news conference for a cell provider, remind me to send their CFO a “Text Message” giving him my support.

I guess one could write hacks on any subject all day and if you read my previous postings on Jajah, you could think of this one on your own. As stated previously before Jajah could be used to connect two calling parties at local costs. This posting from a friendly voip blog states free, but in essence you use AT&T minutes as well as minutes on Jajah because it isn’t free after your first couple of calls. Here is the link for Voip hacking on the IPhone.Jajah + Iphone hack

This was one crazy week and besides the usual devastating news, there was news that went unnoticed by the American people.  The Pentagon unclassified email system got hacked. After noticing the penetration, probably from their IDS subsystem, the Pentagon had to shut down email. That is big news. You are telling me that NSA, CIA, the Military and the Feds can bug our phones, protect us from Ma Bomba Ben Laden, and delay our planes and they cant keep their own email system up and running? There used to be a time where people would be scared to even try to hack a goverment system. Remember phone phreaking and the trouble that most of the hackers from the 20th century got into? The Feds called Cnn themselves so that they can have it video taped of them busting into a house of a 17 year old boy scared as hell. And those penalties they gave, I forget the boys name, but until he is dead he cannot even step front into a best buy because they sell computers.

Getting back to the Pentagon, hacked??? And who was the idiot who told about it? Embarrassing. The Clinton Administration could keep a secret. Well sort of.  With all of the technology out there, IDS, IPS, advanced Firewalls which possess both of these technologies.  Real time measures which can prevent or minimize damage to any IT infrastructure and you are telling me that my goverment can’t keep an mail server up. Good thing they aren’t using Microsoft or they would really be in trouble.  You didn’t know? The goverment has less confidence in Microsoft servers than we do.

Apple just announced that it will be joining forces with skype to provide IP Softphone functionality in the softphone. This is like the Ravens announcing that they will sign Peyton Manning and Marvin Harrison. This is the start of a dynasty baby. So your telling me on a cell phone, I now have the ability to bypass cell and go ip to establish my calls? Hot damn. And when i get in doors I can use the existing IT infrasture to communicate as well? Damn it to hell this fight is fixed. I protest. Motorolla, Nokia, hell even Sony, what the hell are you going to do. You just got pick pocketed. I can’t even watch your commercials anymore. A phone just came out less than a month ago and is doing all of the things you never thought about it faster than you can get a R&D group together to think about it.  This fight reminds me of an Oscar De La Hoya fight in the 90’s. It is fixed.

Okay. You may think that I am impressed by Michael Dell’s business push to ship Dell PC’s with the Ubunto Linux OS. Far from it. Dell has been lacking a real business strategy since it’s two competitors joined forces (HP/Compaq). BTW Dell is #2 in computer sales. IBM made a similar push and even vowed to support Linux when it sold PC’s with the RedHat Linux OS. I was impressed with IBM though, they shipped and supported servers and desktops. They offered IT support to residential customers that made the switch. In a time that device drivers were kicking everyone’s ass. I mean VPN drivers, which still are hard to find, and wireless drivers. Things of business necessities and a era that made linux popular among home users.

Those days are over now and those of us who got frustrated moved on to Apple. IBM moved on the quietly sell Linux based computers, but only offer the support on certain models, but now Mike B. Dell is marketing this as a breakthrough strategy. I will give him this, his timing is impeccable. I mean with Vista looking like crap and people not liking the pop up messages, people will try anything. And dont get me wrong Ubunto looks good, I am not sold.

I met a startup company who reminded me of me 5 years ago when I made the plung to live off the earth and use Linux. Open Source. It took me 5 hours what it took most people with Windows 2 minutes. But that is okay i was living the life. Well this startup company made a no windows allowed policy and only run ubunto. It is quite impressive. There help desk support is a woman. Nothing drives me more crazy than a female who knows her way around a file tree.  I said “OFFICE” and they say “open Office”. I am impressed.

Even though I have been that route and have had open office cost me some good presentations. I love the fact that this company chose to lead instead of be led. More power to them. I would love to hear feedback and i would definately like to have people post who like linux or is willing to take the plunge with Ubunto.

Sorry for the lack of posting the last week or so, I have been on vacation and even the professor needs R&R. Okay now that that is over I bet you knew I would be one of those idiots standing in line on June 29th for an Iphone. Well I almost stood in line. That’s why God gave me sons. Okay. God didn’t didnt actually do the work for me, that may have been a figure of speech. Now back to the phone.

I am impressed. I am usually let down when I am in anticipation mode, but I am actually impressed. All of the bad reviews out there are from people who stood in line and didn’t make the cut. (I was number 47 and the cut was number 50 in a Delaware Cingular store). So i bet you number 51 was pissed. I didn’t see that loser I was playing with my phone all the way to the car.

Anyways, all of the hype was well worth it. Internet browsing, man i felt like Tom Cruise on that move, you know the one where he plays with his hands to save the 3 dead women in water. No, not Days of Thunder it was Minority Report. In that aspect, the Iphone is very fun to navigate with. I can tell you that after 48 hours the only thing I did not like about the Iphone is that it’s Bluetooth is incompatible with most of my Bluetooth 2.0 gadgets and that the email set up does not like any ports outside of SMTP and POP ports. Which means any secure ports other than 443 it does not like. So again I have to reprogram my life around a gadget.

But other than that I am waiting to see where this gadget takes me. I have yet to work with syncing features of OSX address book on mac, and I havent figured out how to make a Ringtone with Itunes, but i have time. Hell in 12 months i will be standing in line again because Cell phones only last a year now-a-days.

The iphone is delicate so buy a protective cover. I have to give it a five star rating for being different.

Professor’s dictionary:

Ignorance - Having awareness of, but no knowledge of. For example, Derek is ignorant to Nascar. I know it consists of driving a car around in circles, but other than that he is clueless.

I don’t consider ignorance a bad thing. It is great for the economy, and besides everyone is ignorant to a degree.

You don’t leave your wallet or purse lying around because of possible theft. If you don’t have any money in it then you dread standing in line all at Motor Vehicles requesting another ID. Or canceling your credit cards and waiting for the new ones to come in the mail. Or interrogating yourself as to what was actually in your wallet or purse.

Let’s just say your wallet was in your wallet or purse. Then what? How long do you think it would take for someone to figure out your pin? Well who needs your pin if it is a visa checkcard? How long do you think it would be until the first charge. If someone experienced took your wallet then before you knew it was gone the “Macy’s once a day housewife need to spend money sale” would be the first target.

You are not ignorant to the idea of personal security. You live it and you are intimidated by it. Computer security is not that much different. Every website you go to is stored on your computer. Anogolous to an address book, receipts, day planner, or kid’s pictures. They tell anyone, unauthorized otherwise, personal information about you. Where you shop, where to run into you, possible pin numbers, bank account numbers, passwords. Don’t pretend like you don’t use your kids names as passwords!

There alot more data to gather from a computer than a wallet. However, as ignorance would have it, most people are rather comfortable and secure with the notion of doing personal transactions on their or any computer. Besides, most bank websites state that they are encrypted and protected. Translation, an intruder would be hard press to get any information from the bank’s website about you, and there is a high probability that the actual transaction cannot be hacked real time. So where is the vulnerability, your computer.

Bank transactions are secured using SSL. SSL encryption at 128 bit is a long lunch for the experience hacker. I am not writing this to explain how to get the information. I just want you to understand that it could be gotten. You go to a website it is on the computer. You have cookies, cache, and deleted file data residue left behind. More forensic tools than Los Vegas CSI. Just do a websearch.

Simple exercise. On your computer, and i take it you don’t use nmap, ping your entire subnet. If you are at home, ping your entire public subnet. You will find there are alot of pingable addresses.

Rule 1: The best kind of security is the prevention of being found. Block ICMP.

Okay. Once you find an address, use nbstat -A ipaddress.

Node IpAddress: [10.0.0.126] Scope Id: []

NetBIOS Remote Machine Name Table

Name Type Status
———————————————
DWINCHESTER-L1 <00> UNIQUE Registered
DWINCHESTER-L1 <20> UNIQUE Registered
WORKGROUP <00> GROUP Registered

Rule 2: You wouldn’t get this far if you used Rule 1.

Since you did please know that if you are not on a corporate network you do not need ports 137,138,139, and 445 reachable. These are used for windows for windows to do what it does best. Annoy the hell out of other Window workstations. The name output above gives you the name of the host. The type gives you…well it gives you the type of service running. Microsoft helps you identify their vulnerability. Go Here go here to find out what Microsoft has volunteered. The output above shows that dwinchester uses file services. Meaning that it has a share and uses shares. Good to know. Now you know that I either have valuable information for others, or that I am authorized to receive valuable information from others.

Rule 3: You should have used Rule 1.

Now you really should stop services that you don’t use on your computer. Make sure you clean your personal data regularly. It is convenient to no have to type out passwords, but what is easy for you is easy for a person trying to be you.

And getting back to the fear of using your wallet, if your PC is violated, trust me they will not leave anything behind for you track them down. Rebuilding a PC is a pain. Restoring from backup is a nightmare, and being reactive is not as easy as being proactive.

And if you still chose to be ignorant after this and most of you will, then chose to invest money in a program that secures your PC like Norton and just like Norton, make sure it tells you when you do stupid stuff like name a password after starbucks or something.

E xtra :

I am not a penetration tester by any means. I am a hobbyist. I could put my laptop on any segment in any network and run NMap. From the output I can identify workstations, printers, servers, and routers and switches. With that knowledge i can use the nbtstat command to find out the domain name. I can also find a username because in most organizations the machine name gives away a lot. I now have all the knowledge I need to do some damage. You think going further from there is difficult? Grab a book on security hacking, there is a nice selection of tools out there that I can use to gain access to your workstation.