Billing

Asterisk Open Source Billing Software

A2Billing

A2Billing is a class 4 and class 5 softswitch with inline billing, designed for providing residential, business and wholesale VoIP services, calling cards, call-back, LCR & LCD, rate-engine, callerID authentication, multi language/currency, Invoicing, DID management, Callback, Agents and much more!



AstPP

ASTPP is a billing solution for Freeswitch and Asterisk. It supports pre-paid and post-paid billing with call rating and credit control. It also provides many other features such as calling cards, least cost routing (LCR), did management, resellers, callbacks, etc. ASTPP is able to integrate with OSCommerce to provide a Web store for your users to purchase calling cards and sign up for VoIP accounts.It is also provides a gui editor for REALTIME devices and dialplans. AstPP is under constant development.


EasyITSP

EasyITSP, an open source ITSP/Hosted PBX solution that sits on top of Digium's open source Asterisk PBX, has been released to the public. EasyITSP allows people with little experience to easily manage and run an ITSP and/or Hosted PBX services with its small footprint and its easy to use admin and customer portals. EasyITSP is quickly gaining ground in its market with constant development of new features.


Freeside

Freeside is the premier open-source billing, CRM, trouble ticketing, network monitoring and provisioning automation software for ISPs and WISPs, VoIP providers, CLECs, colocation and hosting providers and other online businesses.. Freeside Internet Services also offers installation, integration, configuration, migration, training, and customization services.

Security

Better SIP Security with Asterisk IP PBX


We recently have seen an increase in the number of Asterisk IP PBX's being hacked for the purposes of placing free phone calls via those hacked IP PBX's, and in turn through the VoIPVoIP account that is used from that IP PBX, causing customers' accounts to be charged without their knowledge.
Please note that VoIP SP is not responsible for preventing unwanted physical or remote access to your Asterisk IP PBX. If your Asterisk IP PBX is compromised then you will be responsible for any damage caused.

Use STRONG passwords for SIP entities. This is probably the most important step you can take.  Don’t just concatenate two words together and suffix it with “1″ – if you’ve seen how sophisticated the tools are that guess passwords, you’d understand that trivial obfuscation like that is a minor hinderance to a modern CPU.  Use symbols, numbers, and a mix of upper and lowercase letters at least 12 digits long.

Don’t accept SIP authentication requests from all IP addresses. Use the “permit=” and “deny=” lines in sip.conf to only allow a reasonable subset of IP addresess to reach each listed extension/user in your sip.conf file.  Even if you accept inbound calls from “anywhere” (via [default]) don’t let those users reach authenticated elements!

Set “alwaysauthreject=yes” in your sip.conf file. This option has been around for a while (since 1.2?) but the default is “no”, which allows extension information leakage.  Setting this to “yes” will reject bad authentication requests on valid usernames with the same rejection information as with invalid usernames, denying remote attackers the ability to detect existing extensions with brute-force guessing attacks.

Ensure your [default] context is secure.  Don’t allow unauthenticated callers to reach any contexts that allow toll calls.  Permit only a limited number of active calls through your default context (use the “GROUP” function as a counter.)  Prohibit unauthenticated calls entirely (if you don’t want them) by setting “allowguest=no” in the [general] part of sip.conf.

Block your AMI manager ports. Use “permit=” and “deny=” lines in manager.conf to reduce inbound connections to known hosts only.  Use strong passwords here, again at least 12 characters with a complex mix of symbols, numbers, and letters.
Syntax:

permit=<ipaddress>/<network mask>
deny=<ipaddress>/<network mask>


Allow only one or two calls at a time per SIP entity, where possible. At the worst, limiting your exposure to toll fraud is a wise thing to do.  This also limits your exposure when legitimate password holders on your system lose control of their passphrase – writing it on the bottom of the SIP phone, for instance, which I’ve seen.

Make your SIP usernames different than your extensions. While it is convenient to have extension “1234″ map to SIP entry “1234″ which is also SIP user “1234″, this is an easy target for attackers to guess SIP authentication names.  Use the MAC address of the device, or some sort of combination of a common phrase + extension MD5 hash (example: from a shell prompt, try “md5 -s ThePassword5000″)






Fail2Ban with Asterisk

Fail2Ban is a limited intrusion detection/prevention system. It works by scanning log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email, or ejecting CD-ROM tray) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, curier, ssh, etc).

Firewall

Most Asterisk boxes should be located behind a hardware firewall. Configure the firewall to block traffic from anyone that doesn't need to connect to you. Allow your VoIP provider, any remote phones/users, and others that may need to connect, but keep the restrictions as tight as possible. If you do have remote users, lock your firewall down to only allow those users to connect if possible, rather than opening it to the entire internet. If you have mobile users this may not be an option however.


Open inbound ports only for necessary services. (You do have to open a wide range for RTP streams, but this generally isn't an issue since nothing normally listens within that port range.)
- 22/tcp ssh (for management, of course)
- 4520/udp DUNDi (if you are using DUNDi)
- 4569/tcp IAX2 (if you are using IAX)
- 5060/udp SIP registration
- 10000-20000/udp RTP - media transport
Some devices have a much narrower range of ports they use for RTP streams. For instance certain Cisco (formerly Linksys/Sipura; part numbers begin with PAP, SPA or WRP) devices only use 16384-16482 port range.

Asterisk

Asterisk

Asterisk  - free solution to computer telephony (including, VoIP ) to the open source code from Digium , originally developed by Mark Spencer . The application works on the operating systems Linux , FreeBSD , OpenBSD , and Solaris . The project name comes from the character "*" ( the English.  asterisk  - "star").
Asterisk in combination with the necessary equipment has all the features of classical PBX , supports many VoIP -protocols and provides a feature rich call control, including:
Voice mail .
Conference.
Interactive voice response ( IVR ).
Call Center (statement calls in queue and distribution by agents using different algorithms).
Record ( Call Detail Record ).
Asterisk was originally created as the engine for a PBX system (in fact, many refer to it as the Asterisk PBX) and includes all of the components necessary to build a powerful, scalable business phone system. These include advanced features that usually cost extra on a commercial phone system: things like voicemail, automated attendant, call queueing, conference bridging, parking, paging, and intercom calling.
Asterisk is technology and protocol agnostic, which means that you can connect it to the outside world using VoIP or traditional telephony technologies. It also means that you can use virtually any standards-based IP phone: Asterisk includes drivers for SIP and other protocols. That being said, Digium offers a line of IP phones that were specifically designed to compliment Asterisk and take advantage of a number of key productivity features.
Asterisk is future-proof. Unlike traditional phone systems that are generally upgraded using a forklift, Asterisk continues to evolve. Phone systems based on Asterisk see significant improvements each year as new features are included.
To create additional functionality, you can use their own language Asterisk dial plan for writing, writing a module in the language C , or by using the AGI - flexible and versatile interface for integration with external data processing systems. Modules that run through AGI , can be written in any programming language.
Asterisk is distributed under a dual license , by which time the main source, distributed under an open license GNU GPL , you can create private modules containing the licensed code, for example, a module to support the codec G.729 .
Thanks to the free license Asterisk actively developed and supported by thousands of people from all over the world. To get away from the problems created by dual licensing, was created a fork of the project, now called CallWeaver .

History

Mark Spencer, creator of the program, founded Linux Support Services . Spencer wanted to organize a 24-hour service voice support, but an initial budget of $ 4,000 is not allowed to buy extremely expensive systems Call-centers . In 2001, due to the dotcom crisis in Linux Support Services started having problems, and Spencer started to think that the development of software PBX open source can be more interesting than the customer support Linux at all. Jim Dixon of the Zapata Telephony proposed business model for Asterisk . At the same time, and changed the company's name - from Linux Support Services at Digium .

Versions

In Asterisk version numbers adhere to the principle: versions in development - odd, stable - even.

1.0 - released on 23 September 2004.

1.2 - Released November 15, 2005.

1.4 - released December 26, 2006.

1.6 - Released October 2, 2008.
Starting with version 1.6, Asterisk no longer supports Zaptel, leaving only support DAHDI.

1.8 - Released October 21, 2010
Unlike previous versions: Support for SRTP , support for IPv6 in SIP-driver, the integration of the calendar, a new system of logging calls «Channel Event Logging» (CEL), support «Advice of Charge» - service for information about the cost of the call; integration Google Talk and Google Voice ; support the pitch change.

10.0 - Released December 15, 2011
Despite the change of numbering, the tenth version will not be major changes. Adds support for high quality audio, up to 192 kHz , with applications ConfBridge adds support videoconferencing ; Asterisk server can now be text messaging protocols SIP and XMPP , supporting the work of the gateway for the transmission of facsimile communications protocol T.38 ; codec support SILK and CELT.

11 - released on October 31, 2012
Added support for WebRTC , which allows you to make calls directly from your browser , without using any plug-ins in the browser  , the new driver supports the chan_motif Google Talk and Jingle, including video, enhanced support IPv6.

Features

The Asterisk software includes many features available in proprietary PBX systems: voice mail, conference calling, interactive voice response (phone menus), and automatic call distribution. Users can create new functionality by writing dial plan scripts in several of Asterisk's own extensions languages, by adding custom loadable modules written in C, or by implementing Asterisk Gateway Interface (AGI) programs using any programming language capable of communicating via the standard streams system (stdin and stdout) or by network TCP sockets.

Special hardware must be installed in Asterisk servers to attach traditional analog telephones, or to connect to PSTN lines. Digium and a number of other firms sell PCI cards to attach telephones, telephone lines, T1 and E1 lines, and other analog and digital phone services to a server.

Asterisk supports a wide range of video and Voice over IP protocols, including the Session Initiation Protocol (SIP), the Media Gateway Control Protocol (MGCP), and H.323. Asterisk can interoperate with most SIP telephones, acting both as registrar and as a gateway between IP phones and the PSTN. The Inter-Asterisk eXchange (IAX2), a native protocol in Asterisk provides efficient trunking of calls among Asterisk PBXes, in addition to distributed configuration logic, and call completion to VoIP service providers who support it. Some telephones support the IAX2 protocol directly (see Comparison of VoIP software for examples).

By supporting a mix of traditional and VoIP telephony services, Asterisk allows deployers to build new telephone systems, or gradually migrate existing systems to new technologies. Some sites are using Asterisk servers to replace proprietary PBXes; others to provide additional features (such as voice mail or voice response menus, or virtual call shops) or to reduce costs by carrying long-distance calls over the Internet (toll bypass).

Asterisk was one of the first open source PBX software packages.

In addition to VoIP protocols, Asterisk supports many traditional circuit-switching protocols such as ISDN and SS7. This requires appropriate hardware interface cards supporting such protocols, marketed by third-party vendors. Each protocol requires the installation of software modules such as Zaptel, Libpri, Libss7, chanss7, wanpipe and others. With these features, Asterisk provides a wide spectrum of communications options.

Equipment

Asterisk can work with analog lines ( FXO / FXS modules) and digital ( ISDN , BRI and PRI  - flows T1 / E1 ). With certain computer motherboards (the most well-known manufacturers which are Digium , Sangoma , OpenVox , Rhino , AudioCodes ) Asterisk can connect to a high-capacity lines, T1 / E1 , which can work in parallel with tens and hundreds of telephone connections. A complete list of supported hardware for connection to the public telephone network is determined by hardware support in kernel modules, for example:
DAHDI , acronym «Digium Asterisk Hardware Device Interface» (formerly known as Zaptel ), is being developed in parallel with Asterisk by Digium.
mISDN, developed by Karsten Keil from the team SuSE and company Beronet .
CAPI .

Protocols

It supports the following protocols:
SIP ,
H.323 ,
IAX2 ,
MGCP ,
Skinny / SCCP ,
XMPP ( Google Talk ),
Unistim ,
Skype , a commercial channel.

May transmit text and video signals (for example, use the videophone ). In addition, the realized work with other computer protocols:
DUNDi  - protocol, also developed by Digium .
OSP .
T.38 , supports faxing.

Supports a wide range of computer equipment and protocols can host a huge number of scenarios of interaction networks, obtaining and processing information.

Programming

Configuring and programming produced by several mechanisms:
dialplan , which is written in a special language. Available as an older version, and the new - AEL , and the language Lua .
AGI .
AMI .
The configuration of the databases.

Expansion of their functions as possible by writing in C language of the new module, which is possible thanks to the detailed Doxygen -documentation.

Specialized distributions

For ease of installation and use, there are several predefined distributions that include the operating system, the compiled Asterisk, the modules and the standard configuration.
AsteriskNow  - distribution from the company Digium includes 2 web interface options to choose from: Asterisk GUI and FreePBX.
AstLinux.
AstPbx  - Russian distro preconfigured with rich functionality with a focus on . conf -files.
Elastix - distribution from the company PaloSanto Solutions OpenSource implementation of the ideology of unified communications with localized WEB-interface.
FreePBX - a web-based interface for configuring Asterisk.
PBX in a Flash .
PoundKey .
Starfish PBX - has not been updated since 2009.
Switchvox - a product of Digium.
Thirdlane PBX  .
Trixbox , formerly Asterisk @ Home, is based on CentOS .
VirtualPBX  - solution for hosted virtual PBX and IVR, feature-rich Voice 2.0

Hardware

Analog VoIP gateways

Linksys SPA 2102

- Dual ports to connect existing analog phones or fax machines, or to a PBX system
- Two 100BaseT RJ45 Ethernet interfaces (LAN-WAN) to connect to a home or office LAN, as well as an - Ethernet connection for a broadband modem or router (WAN)
- 2 RJ-11 FXS phone ports-for analog circuit telephone device
- Independent configuration of each line using software controlled by the service provider or the end user
- Strong security with reliable, encryption-based methods for communication, provisioning, and servicing.
- Protocol support: SIP


Linksys SPA3102

- One RJ-11 POTS (Plain Old Telephone Service) FXS port to connect an existing analog phone or fax machine

- One PSTN FXO port to connect to a Telco or PBX circuit

- Two 100BaseT RJ-45 Ethernet interfaces to connect to a home or office LAN, and an Ethernet connection to a broadband modem or router

- FXS and FXO lines that can be independently configured

- Secure encryption-based methods for communication, provisioning, and servicing

- Protocol support: SIP

Patton 4022

- Dual RJ-11 FXS ports to connect existing analog phones or fax machines, or to a PBX system
- Two 100BaseT RJ45 Ethernet interfaces (LAN-WAN)
- Protocol support: SIP


Grandstream HT 704

- One 100BaseT RJ45 Ethernet interfaces

- 4 RJ-11 FXS ports to connect existing analog phones or fax machines to a PBX system

- Protocol support: SIP

Grandstream GXW4008

- 8 RJ-11 FXS ports to connect existing analog phones or fax machines to a PBX system
- Two 100BaseT RJ45 Ethernet interfaces (LAN-WAN)
- Protocol support: SIP


Linksys SPA8000

- 8 RJ-11 FXS ports to connect analog telephones to IP-based data networks
- A single multiport RJ-21 50-pin connector, offering an alternative connection choice
- One 10/100 Base-T RJ-45 Ethernet interface to connect to either a router or multilayer switch
- Toll-quality voice and carrier-grade feature support
- Large-scale deployment management
- Strong security with reliable, encryption-based methods for communication, provisioning, and servicing
- Protocol support: SIP


Linksys SPA8800

- 4 RJ-11 FXS ports to connect analog telephones to IP-based data networks

- 4 RJ-11 FXO ports to connect PSTN lines

- One 10/100 Base-T RJ-45 Ethernet interface

- Converts voice traffic into data packets for transmission over an IP network

- Session Initiation Protocol (SIP) standards for voice and data networking provides reliable voice and fax operation

- Secure, encryption-based methods for communicating, provisioning, and servicing

- Toll-quality voice and carrier-grade feature support

- Large-scale deployment management

Digital VoIP gateways

Audiocodes Mediant 600

- 4/8 RJ-45 BRI ports per gateway

- 4 FXS ports using RJ-11 conn.

- Dual 10/100 Base-T RJ-45 Ethernet interface

- RS-232 for configuration and troubleshooting

- Protocol support: SIP

Audiocodes Median 1000

- 4 BRI ports (8 calls) per module, up to 5 modules per gateway with S/T interfaces.

Supports Euro ISDN, NI2, 5ESS or QSIG.

- 4 FXO/FXS ports using RJ-11 connectors per module; Up to 6 modules per gateway, Ground Start and Loop Start.

- 1, 2 or 4 E1/T1/J1 spans using RJ-48c connectors per module. Up to 4 digital modules (maximum 4 spans per gateway). Optional 1+1 or 2+2 fallback spans.

- Voice interface: Equipped with 6 Slots that can host voice modules.

Up to a maximum of 24 analog ports or 4 digital spans.

Digium G100

- One T1/E1 port

- One 10/100 Base-T RJ-45 Ethernet interface
- 30 VoIP channels






VoIP Phones

Digium D40

- 2 SIP lines
- Dual 10/100 Ethernet
- 3.5' LCD
- PoE support
- HD voice
- Full duplex speaker phone


Digium D70

- 6 SIP lines
- Dual 10/100 Ethernet
- 4.5' LCD
- PoE support
- HD voice
- Full duplex speaker phone
- 10 Feature Keys
- 10 Rapid dial keys



Cisco SPA512g

- Pixel-based display: 128 x 64 monochrome LCD graphical display with backlight

- Dedicated illuminated buttons for:

--- Audio mute on/off

--- Headset on/off

--- Speakerphone on/off

- 4 way rocking directional knob for menu navigation

- Voicemail message waiting indicator light

- Voicemail message retrieval button

- Dedicated hold button

- Settings button for access to feature, setup, and configuration menus

- Volume control rocking up/down knob controls handset, headset, speaker, ringer

- Standard 12-button dialing pad

- High-quality handset and cradle

- Built-in high-quality microphone and speaker

- Headset jack: 2.5 mm

- Electronic Hook Switch (EHS) Support with selected Plantronics headsets with adapter

- Gigabit Switch Port and PC Port: 1000BASE-T RJ-45

- 802.3af compliant Power over Ethernet (PoE)

Grandstream GXP1450

- 180x60 pixel backlit graphical LCD display with up to 4 level grayscale

- 2 dual-color line keys (with 2 SIP accounts and up to 2 all appearances) 

- 3 XML programmable context-sensitive soft keys, 3-way conference

- HD wideband audio, superb full-duplex hands-free speakerphone with advanced acoustic echo cancellation and excellent double-talk performance

- Large phonebook (up to 500 contacts) and call history (up to 500 records)

- Automated personal information service (e.g., local weather, etc), personalized music ring tone/ring back tone, flexible customizable screen content & format using XML, and advanced Web and enterprise applications integration (pending)

- Dual switched auto-sensing 10/100Mbps network ports with integrated PoE

- Automated provisioning using TR-069 or encrypted XML configuration file, SRTP{ and TLS for advanced security protection, 802.1x for media access control

Grandstream DP715

- DECT base station registers up to 5 DECT handsets and talks to up to 4 handsets concurrently

- When multiple handsets share the same SIP account, Hunting Group supports the following flexible options:

Linear Mode, all phones ring sequentially in the predestinated order 

Parallel Mode, all phones ring concurrently and after one phone answers,the remaining available phones can place new calls 

Shared Line Mode, all phones ring concurrently and always share the same line similar to analog phones

- Advanced telephony features including Caller ID, Call Waiting, 3-Way Conference, Transfer, Forward, Do Not Disturb, Message Waiting Indication, auto answer, multi-language voice prompt, flexible dial plan

- Support comprehensive voice codecs including G.711, G.723.1, G.729A/B, G.726 and iLBC

- Secure and automated provisioning using HTTP/HTTPS/Telnet/TFTP, multiple SIP accounts, SIP over TCP/TLS, SRTP

- Multi-Languages - English, German, French, Spanish, Dutch, Italian, Czech, Danish, Greek, Norwegian, Polish, Portuguese, Russian, Swedish, Turkish

- Currently Pending - TR069, IPV6(pending)

Snom 720

- 4-line B/W display

- 18 LED function keys

- 12 identities

- Wideband audio

- Hands-free operation

- Power over Ethernet (PoE)

- WLAN / Bluetooth Headset ready

- VLAN

- 2 x Gigabit LAN ports

Yealink T38G

- TI Aries chipset and TI voice engine 

- Dual-port Gigabit Ethernet (Router & Switch) 

- Supports IPV6 

- Power over Ethernet 

- 4.3” TFT-LCD, 480 x 272 pixel, 16.7M colors 

- 6 VoIP accounts, Hotline, Emergency call

- Soft keys programmable

- Supports up to 6 expansion modules(EXP39)

- Supports Wireless Headset Adapter(EHS36)

- 2xRJ45 10/100/1000Mbps Ethernet ports

- 4.3” TFT-LCD, 480 x 272 pixel, 16.7M colors

- 48 keys including 16 programmable keys