[CentOS] Asterisk and VOIP was Re: CentOS for non-tech user

Thu Oct 1 07:03:46 UTC 2009
Les Bell <lesbell at lesbell.com.au>

Chan Chung Hang Christopher <christopher.chan at bradbury.edu.hk> wrote:

>>
Ah, well, if you want to keep the landlines, then yeah, I guess asterisk
is the way to go. If your goal is to replace keyline systems, then
asterisk definitely has that kind of support which, it appears, even
Cisco's solution does not (from the mouth of Datacraft Asia personnel
selling the school Cisco's voip solution).
<<

I replaced our PBX with an Asterisk box and Snom VoIP phones for just this
reason. All calls are made over POTS lines, although I did have it working
over IAX2 with FreeWorldDialup back when they offered a free service. The
functionality is significantly better than the old PBX, with a menu system
to connect callers to the right extension during business hours,
conferencing, voicemail with forwarding by email, etc. I have an OpenVPN
connection from my desktop machine at the university where I work back to
my home office LAN and can use a softphone to answer my home phone while at
the office, etc. Quite neat.

I've even programmed it to fetch the area weather forecast and read it out
when you dial one extension. This has been much more useful than I expected
- when I get sales calls from people I really don't want to deal with, I
just say, "Please hold the line - I'm going to transfer you to the right
person" and then transfer the call to the weather forecast. The sales
person now gets what sounds like Stephen Hawking reading them the weather.
Easily the best use for Asterisk ever.

My setup is running on Centos 4.8 and has been a breeze to maintain.
Nothing is exposed to the outside world, so I haven't felt pressured to
apply updates, etc. However, I did do a little experimenting and found that
it's remarkably easy to record calls using Cain+Abel to conduct an ARP
cache poisoning attack between any phone and the Asterisk server. The only
defences against this are to implement SRTP (Secure Real-Time Protocol),
but last time I looked, this required SIP over TCP, which Asterisk did not
support (not to mention having to set up a PKI and issue certs to the
phones), or the much simpler control of ensuring that all phones are on a
separate VLAN from the computers. For any reasonable-sized setup this isn't
too hard to achieve as you may well want to buy a PoE switch to power the
phones (wall warts are a PITA). There's also an excellent publication on
VoIP in the NIST 800-series Special Publications, which is worth looking
at.

Best,

--- Les Bell
[http://www.lesbell.com.au]
Tel: +61 2 9451 1144