Messages

1

Yate server for Google Voice / Re: Beginner in need of help!

« on: October 04, 2013, 10:56:11 AM »

Here is the log file with the dropped and silent call again after applying the changes you suggested:
https://dl.dropboxusercontent.com/u/14809899/log3.txt

I have the -Dt option added, I'm not sure why it's not working.  Here is the full command I am running via command prompt:
yate-console.exe -Dt -l log.txt -t

2

Yate server for Google Voice / Re: Beginner in need of help!

« on: October 03, 2013, 08:05:23 AM »

It took me a while to figure out how to disable jabber/jingle from the debug logs but I finally got it.  Now I feel a little safer knowing I'm not exposing my contacts' personal details.  Here is a sanitized log file of a call which had no sound and ended after 15 seconds:
https://dl.dropboxusercontent.com/u/14809899/log2.txt

This call is using UDP, I was able to call with TCP configured, but, unfortunately, that did not resolve my intermittent problem of no audio.

I was unsuccessful in trying to enable the signalling channel debug, can you instruct me on how to do that?

3

Other Yate server issues / Re: Yate Server Security

« on: October 02, 2013, 01:32:20 PM »

I just wanted to follow up and say that I have now let Yate run for a full week and the log file is a reasonable size and does not show signs of any additional "break ins".  As I previously mentioned, the two changes I made were moving to a non-default port and strengthening my SIP password.  I am also now using a unique, non-default SIP username.

If I run into any other security issues, I will post them here, otherwise, thank you for your suggestions, Bob!

4

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 24, 2013, 03:12:10 PM »

Thanks again for all your followups to this thread, Marian!  Your suggestion to monitor the traffic between the secondary Yate client and my server allowed me to discover no traffic was being sent at all!  Apparently, by just installing the Yate client from the installation package, some core dependencies must be missing.  Using Wireshark on the client machine helped me see no packets were being sent to my server's IP.  I uninstalled the Yate client, and reinstalled the complete package and then I was able to connect instantly!

Unfortunately, the Yate client on the other machine also suffers from the silent calls issue.  It does not drop calls after 15 seconds, but without audio it isn't very useful!  The problem may be that the machine does not have a microphone plugged in, however, I would still expect to hear incoming audio from the connected land-line.  I will find a microphone or use another machine with a mic and let you know if that changes anything.  Still, I should be able to hear the other end, right?  Every call from Android is now silent as well, I'm not sure what changed.

I'm hesitant to post my latest log files since there is a lot of personal data--including my gmail contacts' information (which I can't seem to prevent from being logged).  The log file is also significantly larger now that I am able to connect and place calls.  I attempted to clean the data but there is simply too much (1000's of lines of connection status).   The "-q" option does not seem to help reduce the amount of data being logged.  I will try to analyze the code some more and post what parts I think are significant.  If there is a specific part of the log file you think would be helpful to see, let me know and I'll see if I can easily extract it.  Here are a couple snippets towards the end of the call:

param['answered'] = 'true'

param['direction'] = 'incoming'

param['domain'] = 'MYPUBLICIPADDRESS'

param['callid'] = 'sip/2QPiY4kU99J9BkUNQ9r5rtnGS7iXk03k/fz4lTZi-UREsJZMtD5R8iOZqWVAt9SNa/1957772561'

param['reason'] = 'Request Timeout'
Returned false 'chan.hangup' delay=0.004000

param['operation'] = 'finalize'

param['direction'] = 'outgoing'

param['duration'] = '18.287'

param['billtime'] = '15.513'

param['ringtime'] = '2.715'

param['status'] = 'hangup'

param['cdrwrite'] = 'true'

param['caller'] = 'MYGMAILNAME@gmail.com/213B7834'

param['billid'] = '1380054387-2'

param['reason'] = 'noconn'

As for the security concerns I had, I have moved to a non-default port (configured in "ysipchan.conf") and significantly improved my SIP password strength.  If anyone reading this thread is interested in reading more about Yate security, checkout the spin-off thread I started here: http://forum.yate.ro/index.php?topic=214.0

5

Other Yate server issues / Re: Yate Server Security

« on: September 24, 2013, 01:12:05 PM »

Thank you for reply!  These are all good tips to look into implementing.  So far, the two primary changes I have made was significantly improving my SIP password strength and changing to a non-default port number.  I will be carefully watching my log file to see if anyone is able to break in again.  I would also like to implement the "fail2ban" script to help block repeated attempts at cracking my password(s).  Unfortunately, my use of Yate will require accepting connections from dynamic IPs, so the IP table/white-list option may not work for me, but a good suggestion nonetheless.

I will reply back if I encounter any additional server "attacks".  Hopefully the information you posted will help other Yate users in the future.  If anyone else on these forums has any additional suggestions, I would be happy to hear them!

Thanks for spending the time to post all that helpful information, Bob.  These forums could use more users like you!

6

Other Yate server issues / Yate Server Security

« on: September 21, 2013, 07:05:25 AM »

I'd like to address something that I haven't seen any posts about yet on here, and that's server security.  Unfortunately, I'm still very much of a newbie when it comes to Yate and SIP servers in general, so I don't have any good answers to my question.  I would like to know if anyone out there has any experience using Yate in a production environment or has learned to secure their server beyond the default configuration.

I recently followed this guide on using Yate to communicate with Google Voice (http://docs.yate.ro/wiki/Connecting_To_Google_Voice), and that remains the only changes I have made beyond the default configuration.  While attempting to debug some communication issues, I had Yate running via command line with "yate-console.exe -Dt -l log.txt".  Within 5 hours of starting the server, my log file had grown to 2GB in size.  I quickly stopped the server and looked in the config file to find countless call entries with a user-agent of a "friendly-scanner".  Searching this on Google turned up a number of pages about SIP bots.  Due to the sheer number of entries from this bot, it would take me a very long time to figure out what exactly they were trying to do, but clearly I now have reason to worry about using my server.

What concerns me is that I am operating the latest version of Yate with the default configuration, changing ONLY what was recommended to me on Yate's documentation for using Google Voice.  Fortunately, I was able to detect this exploit due to another user on the forum's help in suggesting file logging.  I worry there are countless others using Yate that are unaware of what's happening on their machines.

In any case, I am posting here in hopes someone has experience securing Yate server, perhaps for production purposes.  The SIP user I had configured was using a strong, 8-character password with a non-default user name.  I will be changing the password to a much longer, more secure password, but I am still hesitant to leave Yate running for very long.  I do not host any public services from my IP, so I am genuinely surprised I was discovered so quickly.

If anybody has any experience with this or general security tips for SIP, please let me know!

7

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 21, 2013, 06:33:31 AM »

I think the best solution will be to start a new thread in a different section regarding security.  However, it's sad to see so many unanswered posts on this forum, some date back to almost a year ago without any replies.  Regardless, I'll try my luck.

Thanks again for your help thus far, marian.  For now, as long as you're still willing to help, I'd still like to get some of the issues I posted earlier resolved.  That goes for anyone else who might be reading this too!

8

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 20, 2013, 02:30:30 PM »

For the sake of community knowledge, I would hate to kill this thread before we document how to resolve these problems, but I'm starting to rethink operating my own SIP server.  Since my last post, I left Yate server running with file logging enabled.  Now, less than 5 hours later, my log file is 2GB in size showing countless entries of "friendly-scanner".  A quick Google search suggests there are a number of bots out there looking to take advantage of loosely configured SIP servers.  I am amazed my server was discovered so quickly.

I am very thankful that you had suggested I enable file logging, otherwise I might not have noticed this or given much thought to Yate security.  Since this has been brought to my attention, I'm now a bit hesitant to proceed with this project until I can be confident Yate is not creating a major exploit on my server.  If you (or anyone on here) has experience securing Yate (perhaps for a production environment), could you please enlighten me on the matter?  Perhaps there are some common precautions Yate users should be aware of beyond the default configuration?

9

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 20, 2013, 09:47:56 AM »

Awesome!  After renaming "yate.conf" to "yate-console.conf", I can now make calls from Yate client AND my Android device via CSipSimple!  This is a huge step forward but, unfortunately, some things still aren't working.

1)  I can't receive incoming calls on either client
2)  50% of my outgoing calls on Android are silent
3)  15 seconds into every call on Android, the call suddenly ends (does not happen on Yate client)
4)  I cannot connect to my server using a Yate client on another computer/network (probably a port issue)
5)  Starting Yate via "net start yate" does not appear to be working, regardless of whether the file is called "yate.conf" or "yate-console.conf".  I can only make outgoing calls work only when Yate is started via "yate-console.exe" (not a major problem but something I'll eventually want resolved)

I don't expect you to be an expert on the particular Android app I'm using, but are there any general tips you can think of for resolving dropped calls?  Also, since Yate client on another machine is not able to even sign in to my SIP account (hangs forever with the message "Connecting..."), do I need to open more ports?  So far, I have 5060, 5061, and 5222.  I found those ports listed in one of my config files, but I have yet to find any pages on Yate's website which specify the ports each service requires.  Do you know of any other ports required for Yate/GV?

Finally, I've been coming across a lot of posts online with people talking about NAT issues with SIP.  Does Yate handle this automatically or is there additional configuration that needs to take place for my router/Yate?

Sorry, I know I just asked about 20 questions!  Thank you very much for your help so far!

10

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 19, 2013, 04:30:35 PM »

I don't know how to check if Yate has connected to my Google Voice account.  As for my routing rules, the only changes I have made to my config files are exactly what I was told to do in the GV guide on this site (http://docs.yate.ro/wiki/Connecting_To_Google_Voice).

The log file below is what is generated after starting my server then attempting to make a call to an 800 number with the Yate client.  There are several "fail" codes, but Google searches have not turned up any answers for me.

https://dl.dropboxusercontent.com/u/14809899/log.txt

11

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 18, 2013, 02:26:15 PM »

Okay, I was able to answer both my own questions!  Changing the file extensions from ".conf.sample" to just ".conf" appears to cause those settings to take.  Also, I'm not sure why, but the default SIP username the guide had listed (user: "username", pass: "something") did not work.  I changed it to something different and now I am able to connect to my server with the Yate client!

Now I can make calls from Yate client using the test numbers found in "regexroute.conf" (99991001 - 999901008), but any other number fails.  I will try opening some ports, maybe the server isn't able to communicate outside yet?

12

Yate server for Google Voice / Re: Beginner in need of help!

« on: September 18, 2013, 06:58:28 AM »

Thanks for listing those resources.  I had followed the "Connecting To Google Voice" guide earlier but was unable to get that working.  After reviewing the links you provided, I am still left with a couple questions:

1)  After modifying each config file, I removed the ".sample" file extension, what else (if anything) must be done to activate these modules?  (Server was then started with the "net start yate" command)
2)  Following the Yate client's new account wizard, I am asked which provider to user, I have chosen the default option, "none", then specified the SIP server as 127.0.0.1, is this correct?

I am unable to authenticate with the SIP account I created in "regfile.conf", so either my Yate server is not correctly configured or I am not selecting the correct options in the Yate client account wizard.

13

Yate server for Google Voice / Beginner in need of help!

« on: September 17, 2013, 04:06:15 PM »

Please forgive me for my ignorance, I have an extensive IT background, but am completely new to the world of VoIP!  My ultimate goal here is to get Yate configured to work with Google Voice so that I can make calls from my Android phone without using my cellular minutes.

I am currently utilizing VoIP on my Android phone in the form of CSipSimple, Pbxes.org, and Google Voice.  With this setup, I can successfully make and receive calls using my Google Voice number without burning my plan's minutes.  Woohoo, data-only VoIP!  The problem is connection reliability while using the free Pbxes service.  I am frequently disconnected and call quality is non-ideal.  My hopes are that an in-house solution will improve my VoIP experience.  I may be way off on this, but it is my understanding the Yate server can fill this gap.

I have been researching VoIP services for the past week and a half and am still completely lost in the sea of telephony terms and various software solutions out there.  I have browsed the Yate website and attempted a couple tutorials, but I have hit a wall and don't know where else to turn to for answers.  I have a Windows server with Yate client and server installed.  The client works fine when connected to Google Voice, however, it appears to be connected directly to Google instead of through my Yate server.

I hate to ask such a vague question, but my hopes are someone can help guide me through the configuration process with Google Voice (or at least point me in the right direction).  So far, I have attempted to follow the tutorial posted here: http://www.tuxguides.com/yate-server-free-google-voice-calling/
However, as a Linux guide (and dated from 2011), I suspect there are some incompatibilities.  If anyone has experience with Google Voice integration (and hopefully Android SIP too!), your help would be greatly appreciated!