Entries by Gavin Henry

My Yubikey arrived yesterday and I was keen to check out the apps already enabled for it, but it was better just using Google.



A search for Yubikey Drupal found the Drupal Yubikey plugin. So I dropped that into one of the main Suretec websites, got my Yubico API Key for the plugin config and now I can log in with a password plus the key (or just the one-time-password from teh Yubikey is I so desire)!

I love the usb keyboard that just pastes the OTP key into whereever your cursor is. But what happens if you loose your key and vital services are enabled with Yubikey I wonder?

Gavin.

It's taken us a while to get round to ordering one of these Yubikeys from Yubico, but they do look great and have lots of documentation via the wiki.

We're going to be testing them via the pam module for SSH access (and of course using pam_ldap).

So, users in LDAP^[?] via pam, and a Yubikey, let's see how it goes!

(will be interesting for logging in a SIP handset via Asterisk or FreeSWITCH that needs one too and all the others technologies Suretec use and support (Catalyst, Perl, PostgresSQL, Squid and more....). We'll see....

Hi all,

Andreas Andersson posted this on the openldap technical list last week about CN=Montior:

My name is Andreas and I want to inform you about a little project I've been working on called CN=Monitor.
It's about monitoring and verifying directory servers with focus on open source LDAP^[?] servers. From single installed servers to large scaled deployments.

Its a webbased application where you can:
- Verify availability, compare load and performance between servers
- Collect historical events for long term analysis (and get weekly reports by mail)
- Verify cluster and load balancing functionality
- Query several directories at the same time for data consistancy verification
... and a lot more.

Why the name CN=Monitor. Well.. a lot of the information collected and analyzed is gathered from the CN=Monitor base DN.

Looks very promising!!!

Will keep you posted,

Gavin.

We founded the TechMeetup because there is an abundance of events for entrepreneurs to meet investors and lawyers, and next to nothing for techies and tech. Considering the wealth of tech talent around (yes you), why haven’t we made the effort before to get to know everyone – see what else everyone is working on – get help on our projects from others – and talk about some of the cool stuff we’re doing – web apps, software, mobile apps, hardware, games…

I'll be there at the Aberdeen Techmeetup 6.30pm tomorrow:

TIME: Wed, 21th Oct, 6.30pm

VENUE: North Side Meston Building, Aberdeen Uni (map)

SPEAKERS: Gavin MacLean, James Littlejohn

It's been a long process, almost 6 weeks, what with the new laws regarding PCI DSS compliance as of the 1st of October 2009, PCI DSS Scans, Business plans, website terms and connditions and many more things we have a merchant account at last!!!

This is mainly for our new Internet Telephony Service Provider called SureVoIP which is currently live with various customers but has no front facing sales and marketing site yet, only the admin and customer portal.

We'll keep you posted with a proper press release in due course.

Thanks,

Gavin.

After almost 7 months from the last major release (1.5.0), OpenSIPS evolves with a new major release, 1.6.0.

OpenSIPS 1.6.0 comes with several critical improvements (DB area, dialog support), but also with new functionalities
(like memchaced support, B2Bua implementation, virtual DB URLs, STUN server, JSON support, new AAA/RADIUS interface, etc).

A complete compilation with all the additions and improvements for *OpenSIPS 1.6.0 *release is available under:
http://www.opensips.org/Main/Ver160

Many thanks to all the people who got involved in this release (and in the overall OpenSIPS project) and contributed with code, with testing and debuging, with patches or reports, with support on the lists, help with packaging and documentation.
I will avoid listing names, not because they do not deserve it, but simply because it will impossible to list list everybody here and I do not what to be unfair with some of them (because I simply forgot a name or because of the limited space).

But nevertheless, I want to thanks you all for out great job and not in my behalf, but in the behalf of people who will find this piece of software a useful tool.

The full Changelog is available here:
http://opensips.org/pub/opensips/1.6.0/src/ChangeLog


To get the OpenSIPS 1.6.0 version, see :

website page: http://www.opensips.org/Resources/Downloads

SF project:
https://sourceforge.net/project/showfiles.php?group_id=232389&package_id=281827&release_id=670379

Note that for the moment only the source tarballs are available. The packages (debs,rpms, etc) will be generated starting now. If anybody can help in generating packages for different distros or architectures, please let me know and I will upload them on the website.


Best regards,
Bogdan

Some of you out there may be using RBL for checking incoming mail. We do via Exim and you may have noticed blackhole.us is now gone. Our hosting company GladServ Ltd. kindly called us up on a Sunday evening to let us know emails we bouncing.

Now that is customer service!

Gavin.

As OpenLDAP sets the standard for being the most standards based LDAP^[?] directory, you'll be pleased to know that our partners Symas are keeping everyone updated about the wonderful world of collaboration in the LDAP world and in the process updating some much needed draft RFCs.

So, when you've got a second have a read of:

Password Policy for LDAP Directories - draft-behera-ldap^[?]-password-policy-10.txt

and

An Approach for Using LDAP as a Network Information Service - draft-howard-rfc2307bis-02.txt

Gavin.

There's been lot's of hard work gone into 2.4.17 and I say it every time, but this is the best release so far!

A huge thanks to the following significant contributors to this release:

Howard Chu (Symas Corp)
Hallvard Furuseth (University of Oslo)
Quanah Gibson-Mount (Yahoo! Inc)
Ralf Haferkamp (SUSE Linux)
Gavin Henry (Suretec Systems)
Pierangelo Masarati (Sys-Net)
Rein Tollevik (Basefarm AS)

It's been 3 months almost to the day since 2.4.16 so you'll see lot's of fixes and a new tool. It always amazes me that there are still bugs even though OpenLDAP is so stable, widely deployed and so fast! Well, software will always have bugs

The nice new tool is Slapschema: "Slapschema is used to check schema compliance of the contents of a slapd(8) database." See man slapschema (8)

For complete fixes etc. see the OpenLDAP CHANGES file.

Oh, and where are all my new docs? We've been so busy with existing and new clients that things have slipped, sorry. Lots of work with our partners Symas too and we're also prepping a new VoIP platform for Suretec Telecom called SureVoIP (which OpenLDAP plays a big part!).

More later and upgrade, upgrade, upgrade!!

The Definitive Guide 2 Catalyst: Writing Extendable, Scalable & Maintainable Perl-Based Web Applications

Thanks to all for listening last night, here is the PDF version and OpenOffice version of my slides
from last night:

OpenLDAP Replication Strategies PDF version

OpenLDAP Replication Strategies OpenOffice version

Thanks,

Gavin.

This is why you need to get backups of your data when using cloud based services:

Unlocking the cloud

Grab it whilst it's hot!

If these are available for anyone to download, then you should be testing your deployments with them. Here's a list of must have tools, guides and a great new book:

What is SIPVicious tool suite?

SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of four tools:

- svmap - this is a sip scanner. Lists SIP devices found on an IP range
- svwar - identifies active extensions on a PBX
- svcrack - an online password cracker for SIP PBX
- svreport - manages sessions and exports reports to various formats

• Read the SIPVicious getting started guide. Scary.
  
• Read the new SIP Security book just released.


• Read about SIP Hacking Tools (should say Cracking).


• Read a great primer on general open source pbx security.


• Use google, even worse!

Of course, you'll already know this stuff.

Gavin.

Dear all,

Just a quick update to say things are moving forward on the OpenLDAP build farm and very soon (after more testing) you'll be able to submit your desired platform for testing and upload your build results!

More later (next month),

Gavin.