So, how do we start?

First step: We will no longer use the words SIP, Brute, Force, and Attack. =)

What we’re talking about is a scheme to make expensive calls through your phone system. Of course, this isn’t true for all scenarios, but the vast majority simply want to make expensive calls on your dime.

How does it work?

The bad guys trick your phone system into thinking they are a valid user.

How can they do that?

When phones connect to your phone system, the system replies with different messages. Based on those messages, the bad guys can figure out phone names. Think of your phone system as the receptionist. An attempt might be similar to…

Bad Guy: “Hi, is Alice there?”
Receptionist: “No, there is no Alice here. You have the wrong number.”
Bad Guy: “Hi, is Bob there?”
Receptionist: “Yes, who may I say is calling?”

Basically, there’s a different response based on if that person exists in the company. Same thing with the phones. Once the Bad Guys find out phone names, they then use their computers to crack the phone password.

Once the password is detected, they connect their phone to your system and begin making calls.

What can I do to stop this?

If the person in charge of your phone system doesn’t understand what this attack is, you need to hire a consultant to help you and/or train your administrator. If you or your administrator understand this attack, then you need to make sure you are following the best practices for SIP security (here’s a good link for asterisk best practices).

If you’re running asterisk, you might wish to install a script that checks for attacks and blocks those connections.

Even better… consider Kamailio.

Kamailio (pronounced KAMA-ILLY-OH) is an open-source SIP proxy, registrar, application that is extremely robust and powerful. The software includes anti-flood features that really help protect your system and truly helps to minimize these annoying attacks.

Remember, the Internet is like a big city. Sure there’s great museums and entertainment, but there’s also bad, bad places filled with bad, bad people. If you’re going to leave your BMW unlocked in Hell’s Kitchen, don’t be surprised when it’s been taken around the block a few times.

Team Forrest works with all businesses, incorporating open source technology to help make the business more productive while reducing costs. In the case of Dream Day Cakes, Team Forrest conducted a cost analysis and implemented a hybrid VoIP / Analog phone system at the bakery.

For more information on how Team Forrest can benefit your business, please call 888-295-0025.

Team Forrest has one simple goal: Help the client. Whether you need emergency assistance, maintenance, planning a deployment, or more, Team Forrest is here to help. Our team will quickly assess your needs and help deploy the most appropriate solution.

Dream Day Cakes custom creates beautifully unique cake creations for client celebrations. From weddings to birthdays, special occasions to surprise events, Dream Day Cakes not only look great– they taste fantastic, too. From their bakery in Gainesville, Florida, Dream Day Cakes delivers to Gainesville, Ocala, High Springs, Lake City, and all of North Central Florida.

ENUM (read the wiki) refers to the mapping of telephone numbers to internet addresses. Think of it almost as reverse DNS for your phone number. Although there are many methods of integrating ENUM into your system, our current “favorite” is ENUMPlus.org.

From their website:

ENUM sources are very segregated and there was no global repository – until now. ENUMPlus queries all of the top ENUM lookup sources and returns the most accurate result with minimal overhead; meaning you only need to specify one source. ENUMPlus allows you to offload all of the query processing to our powerful servers so you don’t have to waste time and precious resources.

Integrating ENUMplus into Asterisk can be very quick and there’s a few choices/methods of going about it. You can choose to use their php scripts, go direct from the dialplan, or run your own lookup script. Here, we’ve chosen to write our own lookup script that basically does the following:

1. Checks ENUMplus.org for a result (with a 2 second timeout)
2. Sets a variable of ENUMRESULT and returns to dialplan
3. The dialplan then evaluates that variable, and if a sip value is provided calls the number directly via SIP.

Here’s an example dialplan:

exten => _X.,1,Set(CALLTO=${EXTEN})
exten => _X.,n,Goto(out,1)
exten => out,1,AGI(enumcheck.pl,${CALLTO})
exten => out,n,GotoIf($["${ENUMRESULT}" = "FAIL"]?pstn)
exten => out,n,GotoIf($[${ISNULL(${ENUMRESULT})}]?pstn)
exten => out,n,Dial(${ENUMRESULT},55)
exten => out,n,GotoIf($["${DIALSTATUS}" = "CHANUNAVAIL" ]?pstn)
exten => out,n,GotoIf($["${DIALSTATUS}" = "CONGESTION" ]?pstn)
exten => out,n,GotoIf($["${DIALSTATUS}" = "BUSY" ]?busy)
exten => out,n,Hangup()
exten => out,n(pstn),Dial(SIP/${CALLTO}@yourprovider); or DAHDI, etc.
exten => out,n,GotoIf($["${DIALSTATUS}" = "CHANUNAVAIL" ]?busy)
exten => out,n,GotoIf($["${DIALSTATUS}" = "CONGESTION" ]?busy)
exten => out,n,GotoIf($["${DIALSTATUS}" = "BUSY" ]?busy)
exten => out,n,Hangup()
exten => out,n(busy),Busy(5)
exten => out,n,Hangup()

And here’s the script:

#!/usr/bin/perl -w
use strict;
$|=1;
my ($phone, $url, $apikey, $result, @sip);

while(<STDIN>) {
	chomp;
	last unless length($_);
}

if ($ARGV[0]) {
	$phone = &URLEncode($ARGV[0]);
} else {
	&setvar("ENUMRESULT", "FAIL");
	&printverbose("enumlookup: No CALLTO received.",2);
	exit(0);
}

#Get via WEB
$apikey = "REPLACE WITH YOUR KEY";
$url = "http://enumplus.org/api";

$result = qx(curl -m 2 -s -d 'key=$apikey' $url/$phone);

if ($result) {
	if ($result =~ /SIP/i) {
		@sip = split(/\|/, $result);
		&setvar("ENUMRESULT", $sip[0]);
		&printverbose("enumlookup: $sip[0]",2);
	} else {
		&setvar("ENUMRESULT", "FAIL");
		&printverbose("enumlookup: No sip address found.",2);
	}
} else {
	&setvar("ENUMRESULT", "FAIL");
	&printverbose("enumlookup: Timeout or error",2);
}

sub URLEncode {
   my $theURL = $_[0];
   $theURL =~ s/([\W])/"%" . uc(sprintf("%2.2x",ord($1)))/eg;
   return $theURL;
}

sub setvar {
	my ($var, $val) = @_;
	print STDOUT "SET VARIABLE $var \"$val\" \n";
	while(<STDIN>) {
		m/200 result=1/ && last;
	}
	return;
}

sub printverbose {
	my ($var, $val) = @_;
	print STDOUT "VERBOSE \"$var\" $val\n";
	while(<STDIN>) {
		m/200 result=1/ && last;
	}
	return;
}

Happy Coding!

Set up IP Tables

We will not be discussing the intricacies of iptables in this post. There are excellent tutorials on iptables, and with most things linux, help is only a google away. To help identify the traffic blocked as asterisk related, a new chain will be created appropriately called… asterisk.

Here’s how to add the new chain:

iptables -N asterisk
iptables -A INPUT -j asterisk
iptables -A FORWARD -j asterisk

This will help identify hosts blocked for failed registrations.

Asterisk’s Log for Failed Registrations

In most cases of a sip flood attack, the host attempts registration to Asterisk. These hosts are identified in the Asterisk log (/var/log/messages) as “No matching peer found.” The following perl script scans /var/log/messages for these patterns, strips the IP address, and puts the IP address into an array.

After the file has been read, the IP addresses are counted (each count is a failed attempt), compared against the existing blocked hosts, and new occurrences are blocked. With this script we are blocking any host after the 4th failed attempt.

Here’s the script (last updated 05 SEP 2010):

#!/usr/bin/perl -w
use strict;
use warnings;
my (@failhost);
my %currblocked;
my %addblocked;
my $action;

open (MYINPUTFILE, "/var/log/asterisk/messages") or die "\n", $!, "Does log file file exist\?\n\n";

while (<MYINPUTFILE>) {
	my ($line) = $_;
	chomp($line);
	if ($line =~ m/\' failed for \'(.*?)\' - No matching peer found/) {
		push(@failhost,$1);
	}
	if ($line =~ m/\' failed for \'(.*?)\' – Wrong password/) {
		push(@failhost,$1);
	}
}

my $blockedhosts = `/sbin/iptables -n -L asterisk`;

while ($blockedhosts =~ /(.*)/g) {
	my ($line2) = $1;
	chomp($line2);
	if ($line2 =~ m/(\d+\.\d+\.\d+\.\d+)(\s+)/) {
		$currblocked{ $1 } = 'blocked';
	}
}

while (my ($key, $value) = each(%currblocked)){
	print $key . "\n";
}

if (@failhost) {
	&count_unique(@failhost);
	while (my ($ip, $count) = each(%addblocked)) {
		if (exists $currblocked{ $ip }) {
			print "$ip already blocked\n";
		} else {
			$action = `/sbin/iptables -I asterisk -s $ip -j DROP`;
			print "$ip blocked. $count attempts.\n";
		}
	}
} else {
	print "no failed registrations.\n";
}

sub count_unique {
    my @array = @_;
    my %count;
    map { $count{$_}++ } @array;
    map {($addblocked{ $_ } = ${count{$_}})} sort keys(%count);
}

Schedule the script with cron

The final step is to schedule your script to run every X minutes in cron. We’ve chosen to run our script every 2 minutes, but you can change this to 1 minute or any other time period you choose. Just remember… you can receive thousands of attempts within 2 minutes.

If you have named your script check-failed-regs.pl and placed it in your /usr/local/bin directory, your cron statement would look like this:

*/2 * * * * perl /usr/local/bin/check-failed-regs.pl &> /dev/null

Questions? Comments? We love feedback. Or, contact us for more information.

#!/usr/bin/perl -w
use strict;
use warnings;
my (@failhost);

open (MYINPUTFILE, "/var/log/asterisk/$ARGV[0]") or die "\n", $!, "Does log file file exist\?\n\n";

while (<MYINPUTFILE>) {
	my ($line) = $_;
	chomp($line);
	if ($line =~ m/\' failed for \'(.*?)\' - No matching peer found/) {
		push(@failhost,$1);
	}
}

if (@failhost) {
	&count_unique(@failhost);
} else {
	print "no failed registrations.\n";
}

sub count_unique {
    my @array = @_;
    my %count;
    map { $count{$_}++ } @array;

	#print them out:

    map {print "$_ = ${count{$_}}\n"} sort keys(%count);

}

And while we duck from @Merlyn’s criticisms (although we love his criticism), the basic usage is:

perl [Whatever you named it].pl messages
or perl [Whatever you named it].pl messages.1

Results look like:

184.73.53.22 = 13586
64.76.45.100 = 9895
78.46.87.14 = 9960

Or “no failed registrations.” if you have no failed attempts.

Following is a list of SIP Response Codes:

Information SIP Responses – 1xx

Informational responses, indicate that the server contacted is performing some further action and does not yet have a definitive response. A server sends a 1xx response if it expects to take more than 200 ms to obtain a final response.

• 100 Trying
• 180 Ringing
• 181 Call Is Being Forwarded
• 182 Queued
• 183 Session Progress

Successful SIP Responses – 2xx

The action was successfully received, understood, and accepted.

• 200 OK
• 202 Accepted (request understood, but cannot be processed)

Redirection SIP Responses – 3xx

Further action needs to be taken in order to complete the request.

• 300 Multiple Choices
• 301 Moved Permanently
• 302 Moved Temporarily
• 305 Use Proxy
• 380 Alternative Service

Client Error SIP Responses – 4xx

The request contains bad syntax or cannot be fulfilled at the server.

• 400 Bad Request
• 401 Unauthorized (Used only by registrars or user agents. Proxies will/should use 407)
• 402 Payment Required
• 403 Forbidden
• 404 Not Found
• 405 Method Not Allowed
• 406 Not Acceptable
• 407 Proxy Authentication Required
• 408 Request Timeout
• 409 Conflict
• 410 Gone (The user is not available here but once was)
• 412 Conditional Request Failed
• 413 Request Entity Too Large
• 414 Request-URI Too Long
• 415 Unsupported Media Type
• 416 Unsupported URI Scheme
• 417 Unknown Resource-Priority
• 420 Bad Extension
• 421 Extension Required
• 422 Session Interval Too Small
• 423 Interval Too Brief
• 424 Bad Location Information
• 428 Use Identity Header
• 429 Provide Referrer Identity
• 433 Anonymity Disallowed
• 436 Bad Identity-Info
• 437 Unsupported Certificate
• 438 Invalid Identity Header
• 480 Temporarily Unavailable
• 481 Call Leg/Transaction Does Not Exist
• 482 Loop Detected
• 483 Too Many Hops
• 484 Address Incomplete
• 485 Ambiguous
• 486 Busy Here
• 487 Request Terminated
• 488 Not Acceptable Here
• 489 Bad Event
• 491 Request Pending
• 493 Undecipherable (Could not decrypt S/MIME body part)
• 494 Security Agreement Required

Server Error SIP Responses – 5xx

The server failed to fulfill an apparently valid request.

• 500 Server Internal Error
• 501 Not Implemented (SIP request method is not implemented at the server)
• 502 Bad Gateway
• 503 Service Unavailable
• 504 Server Time-out
• 505 Version Not Supported (The server does not support the version of the SIP protocol used)
• 513 Message Too Large
• 580 Precondition Failure

Global Failure SIP Responses – 6xx

The request cannot be fulfilled at any server.

• 600 Busy Everywhere
• 603 Decline
• 604 Does Not Exist Anywhere
• 606 Not Acceptable

Benefits

• Store faxes electronically
• Reduce printing costs
• Share faxes via email

Requirements

• Server running Asterisk (32 bit compatibility needed)
• Fax for Asterisk Software Add-on

Step One: Get the Fax for Asterisk Software License

First, choose the licensing based on your needs. If you will only need to support 1 simultaneous fax “session,” you may be interested in the Free Fax For Asterisk License. Digium provides the Free Fax for Asterisk software at no cost, limited one per installation of Asterisk. You can combine the Free Fax for Asterisk license with the paid Fax for Asterisk licensing if you will need additional simultaneous fax sessions.

For example, you can download and install Free Fax for Asterisk providing your system one (1) fax session. If you find you need additional simultaneous sessions, simply purchase a paid license (currently $39.99 per session).

To get the Fax for Asterisk software, go to the Digium Store. Once “purchased” you will receive your license via email.

Step Two: Download and Install the Fax for Asterisk Software

Once you’ve received your license, there are many small steps needed to download, register, and install the software.

• Download and run the registration software (outgoing network traffic to TCP port 443 (SSL) must be allowed)

cd /root
wget http://downloads.digium.com/pub/register/x86-32/register
chmod 500 /root/register
/root/register

• Complete the registration
• Go to http://www.digium.com/en/docs/FAX/faa-download.php and discover which files to download
• Download both the res_fax and res_fax_digium files
• Untar the res_fax file and copy it to the source file directory (example res_fax-1.6.0_1.0.3-x86_32.tar.gz)

tar xzvf res_fax-1.6.0_1.0.3-x86_32.tar.gz
cp /root/res_fax-1.6.0_1.0.3-x86_32/res_fax.so /usr/lib/asterisk/modules

• Untar and install the res_fax_digium software (example res_fax_digium-1.6.0_1.0.3-pentium4m_32.tar.gz)

tar xzvf res_fax_digium-1.6.0_1.0.3-pentium4m_32.tar.gz
cp /root/res_fax_digium-1.6.0_1.0.3-pentium4m_32/res_fax_digium.so /usr/lib/asterisk/modules

• Make a directory for your fax files

mkdir /var/spool/asterisk/fax

Step Three: Test if the Software Installed Correctly

Restart asterisk and test if that the fax module has loaded:

asterisk -rx "restart now"
asterisk -r
*CLI> fax show stats

If the software installed successfully, you should see something similar to:

Fax Statistics:
---------------

Current Sessions     : 0
Transmit Attempts    : 0
Receive Attempts     : 0
Completed Faxes      : 0
Failed Faxes         : 0
*CLI>
Digium T.38
Licensed Channels    : 1
Max Concurrent       : 0
Success              : 0
Canceled             : 0
No Fax               : 0
Partial              : 0
Negotiation Failed   : 0
Train Failure        : 0
Protocol Error       : 0
IO Partial           : 0
IO Fail              : 0
*CLI>
Digium G.711
Licensed Channels    : 1
Max Concurrent       : 1
Success              : 0
Switched to T.38     : 0
Canceled             : 0
No Fax               : 0
Partial              : 0
Negotiation Failed   : 0
Train Failure        : 0
Protocol Error       : 0
IO Partial           : 0
IO Fail              : 0

Step Four: Make a dialplan

Make a dialplan that fits your needs. Here’s an example for sending and receiving:

[inboundfax]
exten => s,1,NoOp(**** FAX RECEIVED from ${CALLERID(num)} ${STRFTIME(${EPOCH},,%c)} ****)
exten => s,n,Set(FAXOPT(ecm)=yes)
exten => s,n,Set(FILENAME=fax-${STRFTIME(${EPOCH},,%Y%m%d-%H%M%S)})
exten => s,n,Set(FAXFILE=${FILENAME}.tif)
exten => s,n,Set(FAXOPT(ecm)=yes)
exten => s,n,Set(FAXOPT(headerinfo)=Received by MYCOMPANY ${STRFTIME(${EPOCH},,%Y-%m-%d %H:%M)})
exten => s,n,Set(FAXOPT(localstationid)=5555551212)
exten => s,n,Set(FAXOPT(maxrate)=14400)
exten => s,n,Set(FAXOPT(minrate)=2400)
exten => s,n,NoOp(FAXOPT(ecm) : ${FAXOPT(ecm)})
exten => s,n,NoOp(FAXOPT(headerinfo) : ${FAXOPT(headerinfo)})
exten => s,n,NoOp(FAXOPT(localstationid) : ${FAXOPT(localstationid)})
exten => s,n,NoOp(FAXOPT(maxrate) : ${FAXOPT(maxrate)})
exten => s,n,NoOp(FAXOPT(minrate) : ${FAXOPT(minrate)})
exten => s,n,NoOp(**** RECEIVING FAX : ${FAXFILE} ****)
exten => s,n,ReceiveFAX(/var/spool/asterisk/fax/${FAXFILE})
exten => s,n,Hangup()
exten => h,1,NoOp(FAXOPT(ecm) : ${FAXOPT(ecm)})

[outboundfax]
exten => s,1,NoOp(send a fax)
exten => s,n,Set(FAXOPT(filename)=${FAXFILE})
exten => s,n,Set(FAXOPT(ecm)=yes)
exten => s,n,Set(FAXOPT(headerinfo)=Fax from MYCOMPANY +1 555 555 1212)
exten => s,n,Set(FAXOPT(localstationid)=15555551212)
exten => s,n,Set(FAXOPT(maxrate)=14400)
exten => s,n,Set(FAXOPT(minrate)=2400)
exten => s,n,SendFAX(/tmp/${FAXFILE},d)
exten => h,1,NoOp(FAXOPT(ecm) : ${FAXOPT(ecm)})

Step Five: Test

How do you test? Simple point an incoming number to inboundfax,s,1 and watch the magic happen. Faxes will be saved to /var/spool/asterisk/fax/ in tiff format.

But Wait! There’s More!

Sure, you could stop there, but wouldn’t it be neat to automatically email the received fax in pdf format? Using an AGI script, you can simply convert the tiff file into pdf format, attach it to an email, and off it goes!

Now, there are literally a thousand ways to do this. You can write your AGI scripts in the programming language of your choice; every language has it’s pros and cons. In our example, we’re going to demonstrate this process using a Perl script.

Install the Pre-reqs

You will want to install ghostscript to help convert the graphic files. On a centos install, this is as easy as typing yum -y install ghostscript. If you are using a different build you can install how you like or download the code directly from http://www.ghostscript.com/.

For the Perl pre-reqs, you will want to install a few packages from CPAN (to send mail and use smtp authentication):

perl -MCPAN -e shell
install MIME::Lite
install MIME::Base64
install Authen::SASL

Next create your perl script. In this case, call it receivedfax.pl and place it in /var/lib/asterisk/agi-bin:

#!/usr/bin/perl
use strict;
use MIME::Lite;

my ($msg,$stdinresult);

# $ARGV[0] = msgfrom, $ARGV[1] = msgto, $ARGV[2] = cidnum, $ARGV[3] = filename,
chomp($stdinresult = );

if ($#ARGV != 3) {
	print qq(VERBOSE "FAIL: 4 Arguments needed" 2\n);
	chomp($stdinresult = );
	exit(0);
}

system("tiff2ps -a /var/spool/asterisk/fax/$ARGV[3].tif | ps2pdf13 -sPAPERSIZE=letter - > /var/spool/asterisk/fax/$ARGV[3].pdf");

$msg = MIME::Lite->new(
	From => "$ARGV[0]",
	To => "$ARGV[1]",
	Subject => "FAX from $ARGV[2]",
	Type => 'multipart/mixed'
);

$msg->attach(
	Type => 'TEXT',
	Data => "Greetings.\n\nYou have received a fax from $ARGV[2]. (attached)\n\nSincerely,\nCOMPANY NAME\n\n"
);

$msg->attach(
	Type => 'image/pdf',
	Path => "/var/spool/asterisk/fax/$ARGV[3].pdf",
	Filename => "$ARGV[3].pdf",
	Disposition => 'attachment'
);

MIME::Lite->send('smtp', 'SMTP.SERVER.COM', Timeout=>60,
	AuthUser=>'MAILUSER', AuthPass=>'PASSWORD');

$msg->send;

system("rm -f /var/spool/asterisk/fax/$ARGV[3].pdf");

#example: receivedfax.pl "asterisk@mydomain.com" "JohnDoe@mydomain.com" 55512345678 fax-20091115-170217

Then, modify your dialplan to run the AGI script:

[inboundfax]
exten => s,1,NoOp(**** FAX RECEIVED from ${CALLERID(num)} ${STRFTIME(${EPOCH},,%c)} ****)
exten => s,n,Set(FAXOPT(ecm)=yes)
exten => s,n,Set(FILENAME=fax-${STRFTIME(${EPOCH},,%Y%m%d-%H%M%S)})
exten => s,n,Set(FAXFILE=${FILENAME}.tif)
exten => s,n,Set(FAXOPT(ecm)=yes)
exten => s,n,Set(FAXOPT(headerinfo)=Received by MYCOMPANY ${STRFTIME(${EPOCH},,%Y-%m-%d %H:%M)})
exten => s,n,Set(FAXOPT(localstationid)=5555551212)
exten => s,n,Set(FAXOPT(maxrate)=14400)
exten => s,n,Set(FAXOPT(minrate)=2400)
exten => s,n,NoOp(FAXOPT(ecm) : ${FAXOPT(ecm)})
exten => s,n,NoOp(FAXOPT(headerinfo) : ${FAXOPT(headerinfo)})
exten => s,n,NoOp(FAXOPT(localstationid) : ${FAXOPT(localstationid)})
exten => s,n,NoOp(FAXOPT(maxrate) : ${FAXOPT(maxrate)})
exten => s,n,NoOp(FAXOPT(minrate) : ${FAXOPT(minrate)})
exten => s,n,NoOp(**** RECEIVING FAX : ${FAXFILE} ****)
exten => s,n,ReceiveFAX(/var/spool/asterisk/fax/${FAXFILE})
exten => s,n,Hangup()
exten => h,1,GotoIf($["${FAXOPT(ecm)}" = "no" ]?end)
exten => h,n,AGI(receivedfax.pl,from@domain.com,to@domain.com,${CALLERID(num)},${FILENAME})
exten => h,n(end),NoOp(FAXOPT(ecm) : ${FAXOPT(ecm)}) 

You can even create a similar script to transform a pdf into a tiff file and send via outbound fax:

#!/usr/bin/perl -w
use strict;
use warnings;
sub random_name_generator($);

# usage: faxout.pl number filename
# example: faxout.pl 5555551212 myfax.pdf

if ($#ARGV != 1) {
	print qq(FAIL: 2 Arguments needed\n);
	exit(0);
}

my ($callto,$pdfname,$callfile,$filename);

$callto = $ARGV[0];
$pdfname = $ARGV[1];

my $tifname = $pdfname;
$tifname =~ s/.pdf/.tif/i;

system("gs -q -dNOPAUSE -dBATCH -sDEVICE=tiffg4 -sOutputFile=$tifname $pdfname");

if ($callto) {
	$filename = &random_name_generator(12).".call";
	open (MYFILE, ">>/tmp/$filename") or die $!;
	$callfile = "Channel: Local/$callto\@outboundialcontext\n";
	$callfile = $callfile . "MaxRetries: 1\n";
	$callfile = $callfile . "RetryTime: 60\n";
	$callfile = $callfile . "WaitTime: 60\n";
	$callfile = $callfile . "Archive: yes\n";
	$callfile = $callfile . "Context: outboundfax\n";
	$callfile = $callfile . "Extension: s\n";
	$callfile = $callfile . "Priority: 1\n";
	$callfile = $callfile . "Set: FAXFILE=$tifname\n";
	print MYFILE $callfile;
	close (MYFILE);
	system("mv /tmp/$filename /var/spool/asterisk/outgoing");
}

sub random_name_generator($) {
	my ($namelength, $randomstring, @chars);
	$namelength = shift;
	@chars = ('a'..'z','A'..'Z','0'..'9');
	foreach (1..$namelength) {
		$randomstring .= $chars[rand @chars];
	}
	return $randomstring;
}

Happy Coding!

Human Resources Consulting

Strong Human resources policies and procedures provides a great defense against expensive lawsuits and complaints. Our professional HR Consultants use their experience and knowledge to evaluate your existing procedures and correct potential liability. From training to policy development, strong Human Resources policies provide a level of protection for both your employees and company.

We look forward to working with you and helping your business.

For more information about our new services, please visit the Human Resources page or contact us.

They wrote the article in a Billy Mays style:

Limited Time Offer – Skype for Asterisk Public Beta

For a typical household, VoIP remains a very cost-effective telephone solution; although you must remember that without good (and we mean good), high-speed Internet, your VoIP will be unusable. Many local phone companies offer a “dial tone only” line for less than $15.00 monthly. With the use of VoIP and a dial-tone only landline, you can still save more than $150.00 yearly while providing your family a reliable method of calling during emergencies and power outages.