SlideShare une entreprise Scribd logo

Kamailio and VoIP Wild World

2600Hz
2600Hz

Daniel Constantin Mierla discusses Kamailio and Kazoo integrations at KazooCon

Technologie
1  sur  31
Télécharger pour lire hors ligne
asipto.com KAMAILIO & VOIP WILD WORLD Daniel-Constantin Mierla Co-Founder Kamailio Project @miconda kamailio.org Oct 5-6, 2015, San Francisco
kamailio voip wild world
kamailio voip wild world SIP signalling routing • fast • reliable • flexible In other words • not initiating calls • not answering calls • no audio-video processing
kamailio voip wild world 2002 Jun 2005 Jul 2008 Aug 2008 Nov 2008 SIP Express Router (SER) OpenSER Kamailio Other Forks... Same application: Kamailio - SER Oct 2009 Jan 2010 v3.0.0 Integration Completed v1.5.0 Sep 2011Sep 2001 First Line Of Code Open Source GPL FhG Fokus Institute Berlin rename Awarded Best Open Source Networking Software 2009 By InfoWorld 10 Years Jun 2012 v3.3.0 ITSPA UK Award Mar 2013 v4.0.0 Kamailio v4.1.0 Dec 2013 ………. v4.2.0 Oct 2014 now over 100 on github June 2015 v4.3.0 Continuous development since 2001! a very large set of feature
kamailio voip wild world Highlights 2014 evapi db_mongodb core tm dispatcher uac rtpengine dialog enhancements tsilo kazoo jsonrpc-s debugger (per module debug) (log pv assignment) usrloc - dmq - ims uuid nosip ndb_mongodb http://www.kamailio.org/wiki/features/new-in-4.1.x http://www.kamailio.org/wiki/features/new-in-4.2.x
kamailio voip wild world Highlights 2015 statsd tcpops core pv rr uac http://www.kamailio.org/wiki/features/new-in-4.3.x http://www.kamailio.org/wiki/features/new-in-devel janson dialplan enhancements erlang auth_xkeys jansonrpc-c ims usrloc - dmq - registrar jsonrpc-s fifo ndb_redis ndb_mongodb geoip2 rtjson new performat memory manger webrtc
kamailio voip wild world VoIP Security
kamailio voip wild world ❖ protect your customers ❖ protect your business Very important to
kamailio voip wild world ❖ penetrate customer premises equipment ❖ penetrate core platform Attackers try to
kamailio voip wild world The Goal
kamailio voip wild world Protecting everything as much as possible in the core network
kamailio voip wild world ❖ no universal solution ❖ security is a 24/7 duty ❖ very important ❖ ability to adjust rules as needed ❖ agile monitoring and alerting mechanisms ❖ have access to a flexible toolset to enable new security policies Expect new type of attacks every day
kamailio voip wild world ❖ monitor, detect and block high traffic volume from same source address ❖ monitor and detect too many failed authentications in a row ❖ allow traffic only from your customers regions ❖ alert, block or two factor authentication for calls to expensive destinations ❖ alert and limit on number of active calls ❖ alert and limit on the duration for active calls ❖ alert and limit on the cost of overall calls ❖ check and allow only strong passwords ❖ enable TLS Always good to consider
kamailio voip wild world ❖ allow calls only from registered users ❖ INVITE with To tag must match an existing dialog ❖ limit number of allowed registrations ❖ restrict allowed User-Agent header ❖ restrict capabilities when subscriber not in home country ❖ rules based on time frames Extra little bits
kamailio voip wild world Some Examples
kamailio voip wild world ❖ useful kamailio modules: mtree, userblacklist or dialplan Block calls to destinations by prefix or regexp
kamailio voip wild world Blocking with mtree loadmodule “mtree.so" # ----- mtree params ----- modparam("mtree", "db_url", DBURL) modparam("mtree", "char_list", "+0123456789") modparam("mtree", "mtree", "name=pblock;dbtable=pblock") modparam("mtree", "pv_value", "$var(mtval)") request_route { … $var(dstnr) = $rU; # match if blocked prefix if(mt_match("pblock", "$var(dstnr)", "0")) { send_reply(“403”, “Destination blocked”); exit; } … } CREATE TABLE `pblock` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `tprefix` varchar(32) NOT NULL DEFAULT '', `tvalue` varchar(128) NOT NULL DEFAULT '', PRIMARY KEY (`id`), UNIQUE KEY `tprefix_idx` (`tprefix`) ); mysql> select * from pblock; +----+---------+--------+ | id | tprefix | tvalue | +----+---------+--------+ | 1 | +44 | 1 | | 2 | +49 | 1 | +----+---------+--------+
kamailio voip wild world ❖ useful kamailio modules: geoip, geoip2, permissions, sqlops Block traffic based on source address
kamailio voip wild world Blocking countries with GeoIP loadmodule “geoip.so" # ----- geoip params ----- modparam("geoip", "path", "/usr/local/share/GeoLiteCity.dat") request_route { … if(geoip_match("$si", “src”)) { xlog("SIP message from: $gip(src=>cc)n”); if($gip(src=>cc) =~”DE|UK”) { send_reply(“403”, “Originating country not allowed”); exit; } } else { send_reply(“403”, “Unknown originating country not allowed”); exit; } … }
kamailio voip wild world Block addresses due to high traffic rate
kamailio voip wild world ❖ pike or pipelimit and htable modules — htable can be replaced by fail2ban Block addresses due to high traffic #!ifdef WITH_ANTIFLOOD loadmodule "htable.so" loadmodule "pike.so" #!endif #!ifdef WITH_ANTIFLOOD # ----- pike params ----- modparam("pike", "sampling_time_unit", 2) modparam("pike", "reqs_density_per_unit", 16) modparam("pike", "remove_latency", 4) # ----- htable params ----- # ip ban htable with autoexpire after 5 minutes modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") #!endif # Per SIP request initial checks route[REQINIT] { #!ifdef WITH_ANTIFLOOD # flood dection from same IP and traffic ban for a while # be sure you exclude checking trusted peers, such as pstn gateways # - local host excluded (e.g., loop to self) if(src_ip!=myself) { if($sht(ipban=>$si)!=$null) { # ip is already blocked xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)n"); exit; } if (!pike_check_req()) { xlog("pike blocking $rm from $fu (IP:$si:$sp)n"); $sht(ipban=>$si) = 1; exit; } } if($ua =~ "friendly-scanner") { sl_send_reply("200", "OK"); exit; } #!endif …
kamailio voip wild world ❖ using pipelimit loadmodule "pipelimit.so" # ----- pipelimit params ----- modparam("pipelimit", "timer_interval", 1) modparam("pipelimit", "reply_code", 505) modparam("pipelimit", "reply_reason", "CPS limit exceeded") modparam("pipelimit", “db_url", DBURL) modparam("pipelimit", "rlp_table_name", "traffic_limits") request_route { … $var(pipe) = “all-traffic”; if (!pl_check(“$var(pipe)")) { pl_drop(); exit; } … } Block addresses due to high traffic
kamailio voip wild world Block too many failed authentications route[AUTH] { if( $sht(userban=>$au::auth_count) >= 10 ) { $var(exp) = $Ts - 900; if($sht(userban=>$au::last_auth) > $var(exp)) { xlog("L_DBG", "auth - id[$mi] m[$rm] r[0] [$fu -> $ru ($tu)]: User blocked - IP: $sin"); sl_send_reply("403", "Try later"); exit; } else { $sht(userban=>$au::auth_count) = 0; } } if(!(is_present_hf("Authorization") || is_present_hf("Proxy-Authorization"))) { auth_challenge("$fd", "0"); exit; } # authenticate requests if (!auth_check("$fd", "subscriber", "1")) { $var(auth_count) = $shtinc(userban=>$au::auth_count); if( $var(auth_count) >= 10 ) xlog("many failed auth in a row - [$rm] from <$fu> src ip: $sin"); $sht(userban=>$au::last_auth) = $Ts; auth_challenge("$fd", "0"); exit; } $sht(userban=>$au::auth_count) = $null; # user authenticated - remove auth header if(!is_method("REGISTER|PUBLISH")) consume_credentials(); xlog("L_INFO", "id[$mi] m[$rm] r[0] [$fu -> $ru ($tu)]: User $fu Authenticated Correctlyn"); return; } Rules: - allow 10 failed authentications - block user for 15 minutes - reset when authentication is ok - could be combined with IP ban
kamailio voip wild world ❖ dialog, htable or sqlops modules Restrict number of active calls # active calls/dialog management # execute route(DIALOG) inside route(RELAY) before t_relay() route[DIALOG] { if (is_method("CANCEL") || (has_totag() && is_method("INVITE|BYE|ACK"))) { dlg_manage(); return; } if (is_method("INVITE") && !has_totag() && !isflagset(FLT_ACALLS)) { if( $xavp(caller[0]=>active_calls) != $null && $xavp(caller[0]=>active_calls) > 0 ) { if(!get_profile_size("caller", "$fU@$fd", "$var(acsize)")) { send_reply("500", "No more active calls"); exit; } if($var(acsize)>=$xavp(caller[0]=>active_calls)) { send_reply("403", "No more active calls"); exit; } set_dlg_profile("caller", "$fU@$fd"); } setflag(FLT_ACALLS); dlg_manage(); } } $xavp(caller=>active_calls) = 1;
kamailio voip wild world ❖ track active calls and history, then rise alarms based on various rules ❖ it’s all about caching data for a while and searching Do It Yourself ❖ four important events ❖ a new call: initial INVITE ❖ call is not answered: 300 or higher response code to initial INVITE (covers CANCEL) ❖ call is answered: 200 ok to initial INVITE ❖ call is terminated: BYE
kamailio voip wild world ❖ track active calls and history, then rise alarms based on various rules ❖ it’s all about caching data for a while and searching ❖ initial request of dialog (new call) ❖ check if active calls limit is reached, if yes, alert/reject ❖ check if limit per day is reached, if yes, alert/reject ❖ requests within dialog ❖ remove from active calls ❖ Lua: flexible language and fast embedded interpreter in Kamailio ❖ MongoDB: fast storage, replication, easy access from many Kamailio instances as well as from web portal due to JSON documents ❖ maybe I will get the time for it, watch the news … DIY: Kamailio, Lua and MongoDB
kamailio voip wild world www.kamailio.org
kamailio voip wild world ❖ http://www.kamailio.org/wiki/tutorials/security/kamailio-security ❖ http://kb.asipto.com/kamailio:usage:k31-sip-scanning-attack ❖ SIP Security Book: ❖ http://eu.wiley.com/WileyCDA/WileyTitle/productCd-0470516364.html ❖ http://kb.asipto.com ❖ http://www.kamailio.org/wiki/
kamailio voip wild world http://www.asipto.com/sw/kamailio-admin-book/
http://www.kamailioworld.com YouTube Kamailio World Channel https://www.youtube.com/channel/UCElq4JNTPd7bs2vbfAAYVJA
Kamailio World 2016 - Planning a Special Edition Kamailio Project 15 YEARS OF DEVELOPMENT 2001-2016 from SER to Kamailio www.kamailioworld.com Thank you! Questions? @miconda

Recommandé

Kamailio - Surfing Big Waves Of SIP With Style
Kamailio - Surfing Big Waves Of SIP With StyleKamailio - Surfing Big Waves Of SIP With Style
Kamailio - Surfing Big Waves Of SIP With StyleDaniel-Constantin Mierla
 
Kamailio Updates - VUC 588
Kamailio Updates - VUC 588Kamailio Updates - VUC 588
Kamailio Updates - VUC 588Daniel-Constantin Mierla
 
Using Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityUsing Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityFred Posner
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Kamailio - Unifying SIP and Web Worlds with Lua
Kamailio - Unifying SIP and Web Worlds with LuaKamailio - Unifying SIP and Web Worlds with Lua
Kamailio - Unifying SIP and Web Worlds with LuaDaniel-Constantin Mierla
 
KazooCon 2014 - Introduction to Kazoo APIs!
KazooCon 2014 - Introduction to Kazoo APIs!KazooCon 2014 - Introduction to Kazoo APIs!
KazooCon 2014 - Introduction to Kazoo APIs!2600Hz
 
2600Hz - The Next Wave - KazooCon 2015
2600Hz - The Next Wave - KazooCon 2015 2600Hz - The Next Wave - KazooCon 2015
2600Hz - The Next Wave - KazooCon 2015 2600Hz
 
KazooCon 2014 - Playing Kazoo Dudka Style
KazooCon 2014 - Playing Kazoo Dudka StyleKazooCon 2014 - Playing Kazoo Dudka Style
KazooCon 2014 - Playing Kazoo Dudka Style2600Hz
 

Recommandé

Kamailio - Surfing Big Waves Of SIP With Style
Kamailio - Surfing Big Waves Of SIP With StyleKamailio - Surfing Big Waves Of SIP With Style
Kamailio - Surfing Big Waves Of SIP With StyleDaniel-Constantin Mierla
 
Kamailio Updates - VUC 588
Kamailio Updates - VUC 588Kamailio Updates - VUC 588
Kamailio Updates - VUC 588Daniel-Constantin Mierla
 
Using Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityUsing Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityFred Posner
 
Expanding Asterisk with Kamailio
Expanding Asterisk with KamailioExpanding Asterisk with Kamailio
Expanding Asterisk with KamailioFred Posner
 
Kamailio - Unifying SIP and Web Worlds with Lua
Kamailio - Unifying SIP and Web Worlds with LuaKamailio - Unifying SIP and Web Worlds with Lua
Kamailio - Unifying SIP and Web Worlds with LuaDaniel-Constantin Mierla
 
KazooCon 2014 - Introduction to Kazoo APIs!
KazooCon 2014 - Introduction to Kazoo APIs!KazooCon 2014 - Introduction to Kazoo APIs!
KazooCon 2014 - Introduction to Kazoo APIs!2600Hz
 
2600Hz - The Next Wave - KazooCon 2015
2600Hz - The Next Wave - KazooCon 2015 2600Hz - The Next Wave - KazooCon 2015
2600Hz - The Next Wave - KazooCon 2015 2600Hz
 
KazooCon 2014 - Playing Kazoo Dudka Style
KazooCon 2014 - Playing Kazoo Dudka StyleKazooCon 2014 - Playing Kazoo Dudka Style
KazooCon 2014 - Playing Kazoo Dudka Style2600Hz
 
SIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile NetworksSIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile NetworksDaniel-Constantin Mierla
 
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
 
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz
 
SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 2015SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 20152600Hz
 
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsKamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsDaniel-Constantin Mierla
 
Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 2015Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 20152600Hz
 
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaKamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaSebastian Damm
 
2600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 20142600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 20142600Hz
 
Zabbix Console
Zabbix ConsoleZabbix Console
Zabbix ConsoleRicardo Santos
 
KazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo GloballyKazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo Globally2600Hz
 
PSGI and Plack from first principles
PSGI and Plack from first principlesPSGI and Plack from first principles
PSGI and Plack from first principlesPerl Careers
 
Intro to PSGI and Plack
Intro to PSGI and PlackIntro to PSGI and Plack
Intro to PSGI and PlackTatsuhiko Miyagawa
 
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGIPhpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGIMarcelo Gornstein
 
Automatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With PuppetAutomatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With PuppetGiacomo Vacca
 
Plack at YAPC::NA 2010
Plack at YAPC::NA 2010Plack at YAPC::NA 2010
Plack at YAPC::NA 2010Tatsuhiko Miyagawa
 
2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600Hz
 
Distributed Developer Workflows using Git
Distributed Developer Workflows using GitDistributed Developer Workflows using Git
Distributed Developer Workflows using GitSusan Potter
 
Network Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with AnsibleNetwork Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with AnsibleAPNIC
 
Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Tatsuhiko Miyagawa
 
Plack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and serversPlack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and serversTatsuhiko Miyagawa
 
Kamailio - SIP Servers Everywhere
Kamailio - SIP Servers EverywhereKamailio - SIP Servers Everywhere
Kamailio - SIP Servers EverywhereDaniel-Constantin Mierla
 
Kamailio - API Based SIP Routing
Kamailio - API Based SIP RoutingKamailio - API Based SIP Routing
Kamailio - API Based SIP RoutingDaniel-Constantin Mierla
 

Contenu connexe

Tendances

SIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile NetworksSIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile NetworksDaniel-Constantin Mierla
 
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
 
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz
 
SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 2015SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 20152600Hz
 
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsKamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsDaniel-Constantin Mierla
 
Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 2015Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 20152600Hz
 
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaKamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaSebastian Damm
 
2600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 20142600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 20142600Hz
 
KazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo GloballyKazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo Globally2600Hz
 
PSGI and Plack from first principles
PSGI and Plack from first principlesPSGI and Plack from first principles
PSGI and Plack from first principlesPerl Careers
 
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGIPhpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGIMarcelo Gornstein
 
Automatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With PuppetAutomatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With PuppetGiacomo Vacca
 
2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600Hz
 
Distributed Developer Workflows using Git
Distributed Developer Workflows using GitDistributed Developer Workflows using Git
Distributed Developer Workflows using GitSusan Potter
 
Network Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with AnsibleNetwork Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with AnsibleAPNIC
 
Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Tatsuhiko Miyagawa
 
Plack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and serversPlack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and serversTatsuhiko Miyagawa
 

Tendances (20)

SIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile NetworksSIP Server Optimizations for Mobile Networks
SIP Server Optimizations for Mobile Networks
 
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...
 
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 20152600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
2600Hz - Tuning Kazoo to 10,000 Handsets - KazooCon 2015
 
SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 2015SIPLABS - Hard Rocking Kazoo - KazooCon 2015
SIPLABS - Hard Rocking Kazoo - KazooCon 2015
 
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsKamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
 
Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 2015Voxter - Building Value with Kazoo - KazooCon 2015
Voxter - Building Value with Kazoo - KazooCon 2015
 
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with LuaKamailioworld 2018 - Modular and test driven SIP Routing with Lua
Kamailioworld 2018 - Modular and test driven SIP Routing with Lua
 
2600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 20142600hz CTO Karl Anderson speaks at Kamailio World 2014
2600hz CTO Karl Anderson speaks at Kamailio World 2014
 
Zabbix Console
Zabbix ConsoleZabbix Console
Zabbix Console
 
KazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo GloballyKazooCon 2014 - Deploying Kazoo Globally
KazooCon 2014 - Deploying Kazoo Globally
 
PSGI and Plack from first principles
PSGI and Plack from first principlesPSGI and Plack from first principles
PSGI and Plack from first principles
 
Intro to PSGI and Plack
Intro to PSGI and PlackIntro to PSGI and Plack
Intro to PSGI and Plack
 
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGIPhpconf 2013 - Agile Telephony Applications with PAMI and PAGI
Phpconf 2013 - Agile Telephony Applications with PAMI and PAGI
 
Automatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With PuppetAutomatic Kamailio Deployments With Puppet
Automatic Kamailio Deployments With Puppet
 
Plack at YAPC::NA 2010
Plack at YAPC::NA 2010Plack at YAPC::NA 2010
Plack at YAPC::NA 2010
 
2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA2600hz WebRTC Meetup at WeWork, San Francisco, CA
2600hz WebRTC Meetup at WeWork, San Francisco, CA
 
Distributed Developer Workflows using Git
Distributed Developer Workflows using GitDistributed Developer Workflows using Git
Distributed Developer Workflows using Git
 
Network Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with AnsibleNetwork Automation (NetDevOps) with Ansible
Network Automation (NetDevOps) with Ansible
 
Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011Deploying Plack Web Applications: OSCON 2011
Deploying Plack Web Applications: OSCON 2011
 
Plack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and serversPlack perl superglue for web frameworks and servers
Plack perl superglue for web frameworks and servers
 

Similaire à Kamailio and VoIP Wild World

East Bay Ruby Tropo presentation
East Bay Ruby Tropo presentationEast Bay Ruby Tropo presentation
East Bay Ruby Tropo presentationAdam Kalsey
 
Designing High Performance RTC Signaling Servers
Designing High Performance RTC Signaling ServersDesigning High Performance RTC Signaling Servers
Designing High Performance RTC Signaling ServersDaniel-Constantin Mierla
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stackBram Vogelaar
 
How to build a High Performance PSGI/Plack Server
How to build a High Performance PSGI/Plack Server How to build a High Performance PSGI/Plack Server
How to build a High Performance PSGI/Plack Server Masahiro Nagano
 
OSMC 2014: Monitoring VoIP Systems | Sebastian Damm
OSMC 2014: Monitoring VoIP Systems | Sebastian DammOSMC 2014: Monitoring VoIP Systems | Sebastian Damm
OSMC 2014: Monitoring VoIP Systems | Sebastian DammNETWAYS
 
Monitoring VoIP Systems
Monitoring VoIP SystemsMonitoring VoIP Systems
Monitoring VoIP Systemssipgate
 
FOSDEM 2017 - RTC Services With Lua and Kamailio
FOSDEM 2017 - RTC Services With Lua and KamailioFOSDEM 2017 - RTC Services With Lua and Kamailio
FOSDEM 2017 - RTC Services With Lua and KamailioDaniel-Constantin Mierla
 
Skydive, real-time network analyzer, container integration
Skydive, real-time network analyzer, container integrationSkydive, real-time network analyzer, container integration
Skydive, real-time network analyzer, container integrationSylvain Afchain
 
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...Aman Kohli
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)Fred Posner
 
OpenIRIS OpenAP
OpenIRIS OpenAPOpenIRIS OpenAP
OpenIRIS OpenAPymtech
 
Chloe and the Realtime Web
Chloe and the Realtime WebChloe and the Realtime Web
Chloe and the Realtime WebTrotter Cashion
 
Puppet and the HashiStack
Puppet and the HashiStackPuppet and the HashiStack
Puppet and the HashiStackBram Vogelaar
 
Kamailio - SIP Firewall for Carrier Grade Traffic
Kamailio - SIP Firewall for Carrier Grade TrafficKamailio - SIP Firewall for Carrier Grade Traffic
Kamailio - SIP Firewall for Carrier Grade TrafficDaniel-Constantin Mierla
 
Presto anatomy
Presto anatomyPresto anatomy
Presto anatomyDongmin Yu
 

Similaire à Kamailio and VoIP Wild World (20)

Kamailio - SIP Servers Everywhere
Kamailio - SIP Servers EverywhereKamailio - SIP Servers Everywhere
Kamailio - SIP Servers Everywhere
 
Kamailio - API Based SIP Routing
Kamailio - API Based SIP RoutingKamailio - API Based SIP Routing
Kamailio - API Based SIP Routing
 
East Bay Ruby Tropo presentation
East Bay Ruby Tropo presentationEast Bay Ruby Tropo presentation
East Bay Ruby Tropo presentation
 
Designing High Performance RTC Signaling Servers
Designing High Performance RTC Signaling ServersDesigning High Performance RTC Signaling Servers
Designing High Performance RTC Signaling Servers
 
Bootstrapping multidc observability stack
Bootstrapping multidc observability stackBootstrapping multidc observability stack
Bootstrapping multidc observability stack
 
How to build a High Performance PSGI/Plack Server
How to build a High Performance PSGI/Plack Server How to build a High Performance PSGI/Plack Server
How to build a High Performance PSGI/Plack Server
 
OSMC 2014: Monitoring VoIP Systems | Sebastian Damm
OSMC 2014: Monitoring VoIP Systems | Sebastian DammOSMC 2014: Monitoring VoIP Systems | Sebastian Damm
OSMC 2014: Monitoring VoIP Systems | Sebastian Damm
 
Monitoring VoIP Systems
Monitoring VoIP SystemsMonitoring VoIP Systems
Monitoring VoIP Systems
 
FOSDEM 2017 - RTC Services With Lua and Kamailio
FOSDEM 2017 - RTC Services With Lua and KamailioFOSDEM 2017 - RTC Services With Lua and Kamailio
FOSDEM 2017 - RTC Services With Lua and Kamailio
 
Skydive, real-time network analyzer, container integration
Skydive, real-time network analyzer, container integrationSkydive, real-time network analyzer, container integration
Skydive, real-time network analyzer, container integration
 
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
 
Zendcon 09
Zendcon 09Zendcon 09
Zendcon 09
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)
 
OpenIRIS OpenAP
OpenIRIS OpenAPOpenIRIS OpenAP
OpenIRIS OpenAP
 
Chloe and the Realtime Web
Chloe and the Realtime WebChloe and the Realtime Web
Chloe and the Realtime Web
 
Skydive 5/07/2016
Skydive 5/07/2016Skydive 5/07/2016
Skydive 5/07/2016
 
Puppet and the HashiStack
Puppet and the HashiStackPuppet and the HashiStack
Puppet and the HashiStack
 
Kamailio - SIP Firewall for Carrier Grade Traffic
Kamailio - SIP Firewall for Carrier Grade TrafficKamailio - SIP Firewall for Carrier Grade Traffic
Kamailio - SIP Firewall for Carrier Grade Traffic
 
Frontend Servers and NGINX: What, Where and How
Frontend Servers and NGINX: What, Where and HowFrontend Servers and NGINX: What, Where and How
Frontend Servers and NGINX: What, Where and How
 
Presto anatomy
Presto anatomyPresto anatomy
Presto anatomy
 

Plus de 2600Hz

Telnexus - Quote to Cash – KazooCon 2015
Telnexus - Quote to Cash – KazooCon 2015Telnexus - Quote to Cash – KazooCon 2015
Telnexus - Quote to Cash – KazooCon 20152600Hz
 
2600Hz - Least Cost Routing in the Cloud
2600Hz - Least Cost Routing in the Cloud2600Hz - Least Cost Routing in the Cloud
2600Hz - Least Cost Routing in the Cloud2600Hz
 
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...2600Hz
 
2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz
 
2600Hz - Telecom Rating and Limits
2600Hz - Telecom Rating and Limits2600Hz - Telecom Rating and Limits
2600Hz - Telecom Rating and Limits2600Hz
 
2600Hz - Detecting and Managing VoIP Fraud
2600Hz - Detecting and Managing VoIP Fraud2600Hz - Detecting and Managing VoIP Fraud
2600Hz - Detecting and Managing VoIP Fraud2600Hz
 
KazooCon 2014 - Kazoo Scalability
KazooCon 2014 - Kazoo ScalabilityKazooCon 2014 - Kazoo Scalability
KazooCon 2014 - Kazoo Scalability2600Hz
 
Build your first Monster APP
Build your first Monster APPBuild your first Monster APP
Build your first Monster APP2600Hz
 
KazooCon 2014 - Ziron, SMS for voice people
KazooCon 2014 - Ziron, SMS for voice peopleKazooCon 2014 - Ziron, SMS for voice people
KazooCon 2014 - Ziron, SMS for voice people2600Hz
 
KazooCon 2014 - Range Networks, the Future of Mobile
KazooCon 2014 - Range Networks, the Future of Mobile KazooCon 2014 - Range Networks, the Future of Mobile
KazooCon 2014 - Range Networks, the Future of Mobile 2600Hz
 
KazooCon 2014 - Control Cellular Service via APIs
KazooCon 2014 - Control Cellular Service via APIsKazooCon 2014 - Control Cellular Service via APIs
KazooCon 2014 - Control Cellular Service via APIs2600Hz
 
KazooCon 2014 - A Primer on Telecom Law
KazooCon 2014 - A Primer on Telecom LawKazooCon 2014 - A Primer on Telecom Law
KazooCon 2014 - A Primer on Telecom Law2600Hz
 
KazooCon 2014 - WebRTC
KazooCon 2014 - WebRTCKazooCon 2014 - WebRTC
KazooCon 2014 - WebRTC2600Hz
 
KazooCon 2014 - Building Your Business: Behind the Numbers!
KazooCon 2014 - Building Your Business: Behind the Numbers!KazooCon 2014 - Building Your Business: Behind the Numbers!
KazooCon 2014 - Building Your Business: Behind the Numbers!2600Hz
 

Plus de 2600Hz (14)

Telnexus - Quote to Cash – KazooCon 2015
Telnexus - Quote to Cash – KazooCon 2015Telnexus - Quote to Cash – KazooCon 2015
Telnexus - Quote to Cash – KazooCon 2015
 
2600Hz - Least Cost Routing in the Cloud
2600Hz - Least Cost Routing in the Cloud2600Hz - Least Cost Routing in the Cloud
2600Hz - Least Cost Routing in the Cloud
 
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...
VirtualPBX - Back Office, Delivering Voice in a Competitive Market - KazooCon...
 
2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo2600Hz - Billing Data with Kazoo
2600Hz - Billing Data with Kazoo
 
2600Hz - Telecom Rating and Limits
2600Hz - Telecom Rating and Limits2600Hz - Telecom Rating and Limits
2600Hz - Telecom Rating and Limits
 
2600Hz - Detecting and Managing VoIP Fraud
2600Hz - Detecting and Managing VoIP Fraud2600Hz - Detecting and Managing VoIP Fraud
2600Hz - Detecting and Managing VoIP Fraud
 
KazooCon 2014 - Kazoo Scalability
KazooCon 2014 - Kazoo ScalabilityKazooCon 2014 - Kazoo Scalability
KazooCon 2014 - Kazoo Scalability
 
Build your first Monster APP
Build your first Monster APPBuild your first Monster APP
Build your first Monster APP
 
KazooCon 2014 - Ziron, SMS for voice people
KazooCon 2014 - Ziron, SMS for voice peopleKazooCon 2014 - Ziron, SMS for voice people
KazooCon 2014 - Ziron, SMS for voice people
 
KazooCon 2014 - Range Networks, the Future of Mobile
KazooCon 2014 - Range Networks, the Future of Mobile KazooCon 2014 - Range Networks, the Future of Mobile
KazooCon 2014 - Range Networks, the Future of Mobile
 
KazooCon 2014 - Control Cellular Service via APIs
KazooCon 2014 - Control Cellular Service via APIsKazooCon 2014 - Control Cellular Service via APIs
KazooCon 2014 - Control Cellular Service via APIs
 
KazooCon 2014 - A Primer on Telecom Law
KazooCon 2014 - A Primer on Telecom LawKazooCon 2014 - A Primer on Telecom Law
KazooCon 2014 - A Primer on Telecom Law
 
KazooCon 2014 - WebRTC
KazooCon 2014 - WebRTCKazooCon 2014 - WebRTC
KazooCon 2014 - WebRTC
 
KazooCon 2014 - Building Your Business: Behind the Numbers!
KazooCon 2014 - Building Your Business: Behind the Numbers!KazooCon 2014 - Building Your Business: Behind the Numbers!
KazooCon 2014 - Building Your Business: Behind the Numbers!
 

Dernier

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dashnarutouzumaki53779
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 

Dernier (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dash
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate AgentsRyan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
Ryan Mahoney - Will Artificial Intelligence Replace Real Estate Agents
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 

Kamailio and VoIP Wild World

  • 1. asipto.com KAMAILIO & VOIP WILD WORLD Daniel-Constantin Mierla Co-Founder Kamailio Project @miconda kamailio.org Oct 5-6, 2015, San Francisco
  • 3. kamailio voip wild world SIP signalling routing • fast • reliable • flexible In other words • not initiating calls • not answering calls • no audio-video processing
  • 4. kamailio voip wild world 2002 Jun 2005 Jul 2008 Aug 2008 Nov 2008 SIP Express Router (SER) OpenSER Kamailio Other Forks... Same application: Kamailio - SER Oct 2009 Jan 2010 v3.0.0 Integration Completed v1.5.0 Sep 2011Sep 2001 First Line Of Code Open Source GPL FhG Fokus Institute Berlin rename Awarded Best Open Source Networking Software 2009 By InfoWorld 10 Years Jun 2012 v3.3.0 ITSPA UK Award Mar 2013 v4.0.0 Kamailio v4.1.0 Dec 2013 ………. v4.2.0 Oct 2014 now over 100 on github June 2015 v4.3.0 Continuous development since 2001! a very large set of feature
  • 5. kamailio voip wild world Highlights 2014 evapi db_mongodb core tm dispatcher uac rtpengine dialog enhancements tsilo kazoo jsonrpc-s debugger (per module debug) (log pv assignment) usrloc - dmq - ims uuid nosip ndb_mongodb http://www.kamailio.org/wiki/features/new-in-4.1.x http://www.kamailio.org/wiki/features/new-in-4.2.x
  • 6. kamailio voip wild world Highlights 2015 statsd tcpops core pv rr uac http://www.kamailio.org/wiki/features/new-in-4.3.x http://www.kamailio.org/wiki/features/new-in-devel janson dialplan enhancements erlang auth_xkeys jansonrpc-c ims usrloc - dmq - registrar jsonrpc-s fifo ndb_redis ndb_mongodb geoip2 rtjson new performat memory manger webrtc
  • 8. kamailio voip wild world ❖ protect your customers ❖ protect your business Very important to
  • 9. kamailio voip wild world ❖ penetrate customer premises equipment ❖ penetrate core platform Attackers try to
  • 11. kamailio voip wild world Protecting everything as much as possible in the core network
  • 12. kamailio voip wild world ❖ no universal solution ❖ security is a 24/7 duty ❖ very important ❖ ability to adjust rules as needed ❖ agile monitoring and alerting mechanisms ❖ have access to a flexible toolset to enable new security policies Expect new type of attacks every day
  • 13. kamailio voip wild world ❖ monitor, detect and block high traffic volume from same source address ❖ monitor and detect too many failed authentications in a row ❖ allow traffic only from your customers regions ❖ alert, block or two factor authentication for calls to expensive destinations ❖ alert and limit on number of active calls ❖ alert and limit on the duration for active calls ❖ alert and limit on the cost of overall calls ❖ check and allow only strong passwords ❖ enable TLS Always good to consider
  • 14. kamailio voip wild world ❖ allow calls only from registered users ❖ INVITE with To tag must match an existing dialog ❖ limit number of allowed registrations ❖ restrict allowed User-Agent header ❖ restrict capabilities when subscriber not in home country ❖ rules based on time frames Extra little bits
  • 16. kamailio voip wild world ❖ useful kamailio modules: mtree, userblacklist or dialplan Block calls to destinations by prefix or regexp
  • 17. kamailio voip wild world Blocking with mtree loadmodule “mtree.so" # ----- mtree params ----- modparam("mtree", "db_url", DBURL) modparam("mtree", "char_list", "+0123456789") modparam("mtree", "mtree", "name=pblock;dbtable=pblock") modparam("mtree", "pv_value", "$var(mtval)") request_route { … $var(dstnr) = $rU; # match if blocked prefix if(mt_match("pblock", "$var(dstnr)", "0")) { send_reply(“403”, “Destination blocked”); exit; } … } CREATE TABLE `pblock` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `tprefix` varchar(32) NOT NULL DEFAULT '', `tvalue` varchar(128) NOT NULL DEFAULT '', PRIMARY KEY (`id`), UNIQUE KEY `tprefix_idx` (`tprefix`) ); mysql> select * from pblock; +----+---------+--------+ | id | tprefix | tvalue | +----+---------+--------+ | 1 | +44 | 1 | | 2 | +49 | 1 | +----+---------+--------+
  • 18. kamailio voip wild world ❖ useful kamailio modules: geoip, geoip2, permissions, sqlops Block traffic based on source address
  • 19. kamailio voip wild world Blocking countries with GeoIP loadmodule “geoip.so" # ----- geoip params ----- modparam("geoip", "path", "/usr/local/share/GeoLiteCity.dat") request_route { … if(geoip_match("$si", “src”)) { xlog("SIP message from: $gip(src=>cc)n”); if($gip(src=>cc) =~”DE|UK”) { send_reply(“403”, “Originating country not allowed”); exit; } } else { send_reply(“403”, “Unknown originating country not allowed”); exit; } … }
  • 20. kamailio voip wild world Block addresses due to high traffic rate
  • 21. kamailio voip wild world ❖ pike or pipelimit and htable modules — htable can be replaced by fail2ban Block addresses due to high traffic #!ifdef WITH_ANTIFLOOD loadmodule "htable.so" loadmodule "pike.so" #!endif #!ifdef WITH_ANTIFLOOD # ----- pike params ----- modparam("pike", "sampling_time_unit", 2) modparam("pike", "reqs_density_per_unit", 16) modparam("pike", "remove_latency", 4) # ----- htable params ----- # ip ban htable with autoexpire after 5 minutes modparam("htable", "htable", "ipban=>size=8;autoexpire=300;") #!endif # Per SIP request initial checks route[REQINIT] { #!ifdef WITH_ANTIFLOOD # flood dection from same IP and traffic ban for a while # be sure you exclude checking trusted peers, such as pstn gateways # - local host excluded (e.g., loop to self) if(src_ip!=myself) { if($sht(ipban=>$si)!=$null) { # ip is already blocked xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)n"); exit; } if (!pike_check_req()) { xlog("pike blocking $rm from $fu (IP:$si:$sp)n"); $sht(ipban=>$si) = 1; exit; } } if($ua =~ "friendly-scanner") { sl_send_reply("200", "OK"); exit; } #!endif …
  • 22. kamailio voip wild world ❖ using pipelimit loadmodule "pipelimit.so" # ----- pipelimit params ----- modparam("pipelimit", "timer_interval", 1) modparam("pipelimit", "reply_code", 505) modparam("pipelimit", "reply_reason", "CPS limit exceeded") modparam("pipelimit", “db_url", DBURL) modparam("pipelimit", "rlp_table_name", "traffic_limits") request_route { … $var(pipe) = “all-traffic”; if (!pl_check(“$var(pipe)")) { pl_drop(); exit; } … } Block addresses due to high traffic
  • 23. kamailio voip wild world Block too many failed authentications route[AUTH] { if( $sht(userban=>$au::auth_count) >= 10 ) { $var(exp) = $Ts - 900; if($sht(userban=>$au::last_auth) > $var(exp)) { xlog("L_DBG", "auth - id[$mi] m[$rm] r[0] [$fu -> $ru ($tu)]: User blocked - IP: $sin"); sl_send_reply("403", "Try later"); exit; } else { $sht(userban=>$au::auth_count) = 0; } } if(!(is_present_hf("Authorization") || is_present_hf("Proxy-Authorization"))) { auth_challenge("$fd", "0"); exit; } # authenticate requests if (!auth_check("$fd", "subscriber", "1")) { $var(auth_count) = $shtinc(userban=>$au::auth_count); if( $var(auth_count) >= 10 ) xlog("many failed auth in a row - [$rm] from <$fu> src ip: $sin"); $sht(userban=>$au::last_auth) = $Ts; auth_challenge("$fd", "0"); exit; } $sht(userban=>$au::auth_count) = $null; # user authenticated - remove auth header if(!is_method("REGISTER|PUBLISH")) consume_credentials(); xlog("L_INFO", "id[$mi] m[$rm] r[0] [$fu -> $ru ($tu)]: User $fu Authenticated Correctlyn"); return; } Rules: - allow 10 failed authentications - block user for 15 minutes - reset when authentication is ok - could be combined with IP ban
  • 24. kamailio voip wild world ❖ dialog, htable or sqlops modules Restrict number of active calls # active calls/dialog management # execute route(DIALOG) inside route(RELAY) before t_relay() route[DIALOG] { if (is_method("CANCEL") || (has_totag() && is_method("INVITE|BYE|ACK"))) { dlg_manage(); return; } if (is_method("INVITE") && !has_totag() && !isflagset(FLT_ACALLS)) { if( $xavp(caller[0]=>active_calls) != $null && $xavp(caller[0]=>active_calls) > 0 ) { if(!get_profile_size("caller", "$fU@$fd", "$var(acsize)")) { send_reply("500", "No more active calls"); exit; } if($var(acsize)>=$xavp(caller[0]=>active_calls)) { send_reply("403", "No more active calls"); exit; } set_dlg_profile("caller", "$fU@$fd"); } setflag(FLT_ACALLS); dlg_manage(); } } $xavp(caller=>active_calls) = 1;
  • 25. kamailio voip wild world ❖ track active calls and history, then rise alarms based on various rules ❖ it’s all about caching data for a while and searching Do It Yourself ❖ four important events ❖ a new call: initial INVITE ❖ call is not answered: 300 or higher response code to initial INVITE (covers CANCEL) ❖ call is answered: 200 ok to initial INVITE ❖ call is terminated: BYE
  • 26. kamailio voip wild world ❖ track active calls and history, then rise alarms based on various rules ❖ it’s all about caching data for a while and searching ❖ initial request of dialog (new call) ❖ check if active calls limit is reached, if yes, alert/reject ❖ check if limit per day is reached, if yes, alert/reject ❖ requests within dialog ❖ remove from active calls ❖ Lua: flexible language and fast embedded interpreter in Kamailio ❖ MongoDB: fast storage, replication, easy access from many Kamailio instances as well as from web portal due to JSON documents ❖ maybe I will get the time for it, watch the news … DIY: Kamailio, Lua and MongoDB
  • 28. kamailio voip wild world ❖ http://www.kamailio.org/wiki/tutorials/security/kamailio-security ❖ http://kb.asipto.com/kamailio:usage:k31-sip-scanning-attack ❖ SIP Security Book: ❖ http://eu.wiley.com/WileyCDA/WileyTitle/productCd-0470516364.html ❖ http://kb.asipto.com ❖ http://www.kamailio.org/wiki/
  • 30. http://www.kamailioworld.com YouTube Kamailio World Channel https://www.youtube.com/channel/UCElq4JNTPd7bs2vbfAAYVJA
  • 31. Kamailio World 2016 - Planning a Special Edition Kamailio Project 15 YEARS OF DEVELOPMENT 2001-2016 from SER to Kamailio www.kamailioworld.com Thank you! Questions? @miconda