[asterisk-biz] Asterisk Tools

Trixter Aka Bret McDanel trixter at 0xdecafbad.com
Tue Aug 29 14:03:28 MST 2006 

When you start playing games with btns you are also close to playing intercarrier compensation games.  Now this may become a moot point if carriers take the lead of mci who marks all tollfree traffic where one endpoint is voip as interstate (read cheaper) for copensation purposes.  Until all carriers do that carriers would be more concerned with getting paid what they hink they should, ie preventing shenanigans that confuse the compensation amounts.

To this end, without federal oversight, carriers have used contracts and lawsuits to prevent mass abuse.  See the sbc v att case a few years ago where att was shorting sbc $100 million a year and note that sbc won in court.

That is likely the most formidable method of controlling games.

-----Original Message-----
From: "Andrew Latham" <lathama at gmail.com>
To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz at lists.digium.com>
Sent: 8/29/06 1:39 PM
Subject: Re: [asterisk-biz] Asterisk Tools

Bret

The 2600 magazine is a 180 look at some topics, sometimes it can open
your eyes thus educational.  They have some silly work I will grant
that but by and large some of the work makes me think about systems in
new ways.

The question to continue on this topic is what the regulators could
bring to the carriers to control this.  What type of real or just buzz
wordy method could they select when presured by congressional
oversight(that was funny..).

Keyed or signed CPE devices
Costly switch replacement or certification
Auditing
New technology not ment for communications


Andrew

On 8/29/06, Trixter Aka Bret McDanel <trixter at 0xdecafbad.com> wrote:
> 2600 is hardly educational but this isn't  the place for that.  I did qualify that the btn could be altered however not norrmally by the end user. It was unclear to me that you ever meant the btn because I didn't see mention initially to it.
>
> It doesn't even take social engineering, many providers let you pick it (but its supposd to be a number that is yours) which lets you pick one that is not in a given state you do traffic to so its all interstate and usually intercarrier compensation is less, thus the cost is less for the call.
>
> Some have used an alaska or hawaii number for us48/conus traffic others have used 2 different states and routed traffic so its all interstate.  This is really popular from a pedestrian side of things with tollfrees, have '2' call centers (even if virtual) in different states and make sure its all intersstate since, especially since some states origination charge exceeds 3-4 cents.
>
> Back to btn spoofing, its often easier to just create phantom traffic which will still have potentially user supplied caller id/ani.  Generally it takes the same access, although phantom traffic is a hot button now.
>
> Since the btn isn't  seen by many people, you gotta ask why it matters, systems often use caller id/ani instead (ie banks).
>
>
> -----Original Message-----
> From: "Andrew Latham" <lathama at gmail.com>
> To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz at lists.digium.com>
> Sent: 8/29/06 11:12 AM
> Subject: Re: [asterisk-biz] Asterisk Tools
>
> Bret
>
> Correct, what I am discussing is systems which alter the BTN, ANI and
> CallerID during a call switch which could be done via some social
> engineering calls or via automated methods.  Please refer to the many
> educational articles in the 2600 magazine.
>
>
> Andrew
>
> On 8/29/06, Trixter Aka Bret McDanel <trixter at 0xdecafbad.com> wrote:
> > Most billing isn't  done via ani on the pstn but the btn or billing telephone number which can be done separate from ani.
> >
> >
> > -----Original Message-----
> > From: "Matt O'Gorman" <mogorman at digium.com>
> > To: "Commercial and Business-Oriented Asterisk Discussion" <asterisk-biz at lists.digium.com>
> > Sent: 8/29/06 10:25 AM
> > Subject: Re: [asterisk-biz] Asterisk Tools
> >
> > it is my understanding to spoof any you would need an ss7 link.  However it is also my understanding that no one spoofs ani as it messes with billing etc.  I am sure you would be shut down quickly.
> >
> > Mog
> > ----- Original Message -----
> > From: Andrew Latham <lathama at gmail.com>
> > To: Commercial and Business-Oriented Asterisk Discussion <asterisk-biz at lists.digium.com>
> > Sent: Tuesday, August 29, 2006 12:13:13 PM GMT-0600
> > Subject: Re: [asterisk-biz] Asterisk Tools
> >
> > 1. Buy a T1
> > 2. Setup
> > 3......
> >
> > I am afraid of why you want to do this, I am also afraid of what the
> > FCC will do to curb this in the future by altering switching on copper
> > and fiber connections.
> >
> > As a BIZ list discussion, what can the FCC do to curb Caller ID and
> > other spoofing, many of us in the business know how insecure and
> > unreliable the system currently is.  Will circuit ID lookups attach an
> > ANI in the future and how long could this tie up new and upgrade
> > installations...
> >
> >
> >
> > On 8/29/06, perl ninja <perlninja at gmail.com> wrote:
> > > Hello,
> > > i was in need of a script for ANI Spoofing as ive read that CallerID
> > > spoofing is relativly easy but now adays places such as purolator and
> > > so on Check with ANI rather then with the CallerID to find the callers
> > > location, thus i was wanting a script that would spoof both, if
> > > possible..
> > >
> > >
> > > Sean
> > > _______________________________________________
> > > --Bandwidth and Colocation provided by Easynews.com --
> > >
> > > asterisk-biz mailing list
> > > To UNSUBSCRIBE or update options visit:
> > >    http://lists.digium.com/mailman/listinfo/asterisk-biz
> > >
> >
> >
> > --
> > ---
> > Andrew Latham - AKA: LATHAMA (lay-th-ham-eh)
> > lathama at lathama.com - lathama at gmail.com
> > If any of the above are down we have bigger problems than my email!
> > Hind sight is most always 20/20 or better.
> > ---
> > _______________________________________________
> > --Bandwidth and Colocation provided by Easynews.com --
> >
> > asterisk-biz mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-biz
> >
> > _______________________________________________
> > --Bandwidth and Colocation provided by Easynews.com --
> >
> > asterisk-biz mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-biz
> >
> >
> > _______________________________________________
> > --Bandwidth and Colocation provided by Easynews.com --
> >
> > asterisk-biz mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-biz
> >
>
>
> --
> ---
> Andrew Latham - AKA: LATHAMA (lay-th-ham-eh)
> lathama at lathama.com - lathama at gmail.com
> If any of the above are down we have bigger problems than my email!
> Hind sight is most always 20/20 or better.
> ---
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
>
>
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-biz
>


-- 
---
Andrew Latham - AKA: LATHAMA (lay-th-ham-eh)
lathama at lathama.com - lathama at gmail.com
If any of the above are down we have bigger problems than my email!
Hind sight is most always 20/20 or better.
---
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --

asterisk-biz mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-biz

More information about the asterisk-biz mailing list