Archive for the ‘General’ Category

Passwords that are Used by Groups

Monday, April 12th, 2010

There are good reasons to not make group passwords, but then there are times when it is the best method, such as during web application development. Then, there is the problem of how to generate these strong passwords and how to communicate about them.

Strong passwords are essential to data security. Passwords are easy enough to produce, but they are not as effective as they should be because human foibles lead to compromises. Humans find strong passwords hard to remember so they write them down. They find them hard to say so they send them in email to coworkers.

These problems can be overcome and it can even be fun.

Make the strong password by making it along with a mnemonic. Like this:

Which bear ate up my donut holes
Wb8^mdOs

Now we can refer to this as the “donut” password without giving much away and it is memorable.

We can also make a family of passwords:

Bears do not care for those expensive holes
B!c4t$Os

Is it useful to have two related passwords that may be called “the bear question” and “the bear answer”? Say, for the admin password and the staff password?

Assigning words to the shift characters on the number keys is the trick here, but not too tricky. “^” is top or up or above. “@” is at or each. “$” is money or cash or dollars ……
You get it.

Now we have pass words that can be remembered without using word combinations, i.e., thefudge, or word bastardizations, i.e., es$enti@l, either of which is easily cracked.

Now we also have passwords that can be named even in the presence of strangers without giving them away, you could just say, “Try the bear answer.”

You may also use these ideas to make your own private passwords.

While you are thinking about this, it is also a great way to generate “family passwords.”

Jane never cared for asparagus
jnc4asparagus or jnc4agus

Have fun!

Tags: groups, passwords, security
Posted in General, Uncategorized | No Comments »

Asterisk and Cisco VOIP Phones

Saturday, April 3rd, 2010

A few years ago we needed an office phone system. Having a limited budget and being a tech-head, I decided to deploy Asterisk, an open-source PBX solution. The outlays were minimal since we only needed a telephony card (Digium TDM400P), several VOIP phones (GrandStream 2000 – hello, eBay!), and an old PC. We chose to install Trixbox, which is based on Asterisk and promotes itself as easier to install than Asterisk.

After perhaps too much futzing, we ended up with a small business phone system without any monthly PBX charges other than the analog phone lines from the phone company. We had an automated phone directory, the phones worked as intercoms, voice mail turned into attached WAV sound files send as e-mail. I was able to add phone extensions easily. I love Asterisk!

Perhaps the success went to my head, since I set my sights on a fancy conference room phone for our growing business. I bought a used Cisco Polycom CP-7935 phone for 1/3rd the price of a new device. I’ll admit it – I’m an amateur at telephony and didn’t know the difference between SIP and SCCP. It turns out that Trixbox only supports SIP extensions by default, and this conference room phone requires SCCP channel protocol.

So finally I am coming to the purpose of this post – simple instructions on to hook up a Cisco VOIP phone (that only uses SCCP protocol) to Trixbox version 2.8. The following instructions were gleaned from some Google searches, and I am summarizing them since no one had simple steps online for the most-recent Trixbox version.

First we need to install some packages and retrieve the most-recent version of an SCCP solution from SourceForge. Do the following commands signed in as root user on your Trixbox server:

# yum install asterisk16-devel gcc subversion
# cd /usr/local/
# wget http://sourceforge.net/projects/chan-sccp-b/files/V2/Chan_SCCP-2.0_Final.tar.gz/download
# tar xvfz Chan_SCCP-2.0_Final.tar.gz/download
# cd /usr/local/chan_sccp-b_20090602
# make

If you perform the above steps, you will see that the make operation will not work without modifying some source code. Thanks to a posting (http://lostentropy.com/2009/09/28/making-chan_sccp-build-with-asterisk-1-6/) I learned that I have to change a reference to a constant from CS_AST_CONTROL_T38 to CS_AST_CONTROL_T38_PARAMETERS. Make this change to the file /usr/local/chan_sccp-b_20090602/sccp_pbx.c on line 587 using your favorite text editor.

# make
# make install
# amportal restart

Now comes the hard part. The CP-7935 gets its provisioning file from a TFTP server. Reset the CP-7935 to its default factor settings. Next use the device menu to set the TFTP server to your Trixbox IP address (follow steps in the manual from the Cisco website). The Trixbox should have its TFTP service activated by default; for my server the TFTP directory on the server is /tftpboot/.

Monitor the TFTP log file (/var/log/atftp.log) while you reboot the CP-7935. You should see a request in the format “SEP#.cnf.xml” in the log file, where the “#” is the MAC address of the CP-7935. Now create the following file /tftpboot/SEP#.cnf.xml (mine is /tftpboot/SEP00e0752442c5.cnf.xml) with this content and replacing the TRIXBOX_IP_ADDRESS with your Trixbox server address:

<Default>
<callManagerGroup>
<members>
<member priority="0">
<callManager>
<ports>
<ethernetPhonePort>2000</ethernetPhonePort>
<mgcpPorts>
<listen>2427</listen>
<keepAlive>2428</keepAlive>
</mgcpPorts>
</ports>
<processNodeName>TRIXBOX_IP_ADDRESS</processNodeName>
</callManager>
</member>
</members>
</callManagerGroup>
<authenticationURL></authenticationURL>
<loadInformation</loadInformation>
<directoryURL></directoryURL>
<idleURL></idleURL>
<informationURL></informationURL>
<messagesURL></messagesURL>
<servicesURL></servicesURL>
<versionStamp>{Apr 03 2010 12:00:00}</versionStamp>
</Default>

The last configuration entry tag for <versionStamp> is important since it is used by the device to determine if the settings have changed. Update this versionStamp value to a later date to force the device to reload the settings in the file.

Next we need to write the SCCP configuration file that Asterisk reads. First make a backup of the existing file, and then we will replace it with one tailored for our solution.

# mv /etc/asterisk/sccp.conf /etc/asterisk/sccp.conf.bak

Here are the new contents for the file /etc/asterisk/sccp.conf, and remember to replace the all-capital letter phrases but the specifics of your setup, for example TRIXBOX_SERVER_IP_ADDRESS is replace by the IP address of your trixbox, and the SEP00e0752442c5 with the string “SEP” and the MAC address of your Cisco phone. Our phone model is 7935, so you will also need to change this to your phone type.

[general]
servername = trixbox
keepalive = 60
debug = 1
context = from-internal
dateFormat = M/D/YA
bindaddr = TRIXBOX_SERVER_IP_ADDRESS
port = 2000
disallow=all
;allow=alaw
allow=ulaw
firstdigittimeout = 16
digittimeout = 8
digittimeoutchar = #
autoanswer_ring_time = 1
autoanswer_tone = 0x32
remotehangup_tone = 0x32
transfer_tone = 0
callwaiting_tone = 0x2d
musicclass=default
language=en
deny=0.0.0.0/0.0.0.0
permit=TRIXBOX_SERVER_IP_ADDRESS/255.255.255.0
localnet = 192.168.93.0/255.255.255.0
dnd = on
rtptos = 184
echocancel = on
silencesuppression = off
trustphoneip = no
tos = 0x68
private = on
mwilamp = on
mwioncall = on
blindtransferindication = ring
cfwdall = on
cfwdbusy = on
[devices]
type = 7935
autologin = CONFERENCE_PHONE_EXTENSION
description = Phone7935
keepalive = 60
transfer = on
park = on
cfwdall = on
cfwdbusy = on
dtmfmode = outband
imageversion = P00308000100
deny=0.0.0.0/0.0.0.0
permit=192.168.93.3/255.255.255.255
dnd = on
trustphoneip = no
private = on
mwilamp = on
mwioncall = on
device => SEP00e0752442c5
[lines]
id = CONFERENCE_PHONE_EXTENSION
pin = 1234
label = CONFERENCE_PHONE_EXTENSION
description = Conference Room
context = from-internal
incominglimit = 3
transfer = on
cid_name = Conference Room
cid_num = CONFERENCE_PHONE_EXTENSION
trnsfvm = 1
secondary_dialtone_digits = 9
secondary_dialtone_tone = 0x22
musicclass=default
language=en
rtptos = 184
echocancel = on
silencesuppression = on
line => CONFERENCE_PHONE_EXTENSION

We’re almost done. Now restart the asterisk service:

# amportal restart

Finally create an extension in the Trixbox administrator interface, and make sure it matches the value of the CONFERENCE_ROOM_EXTENSION in the sccp.conf file above (we used “30″). Do a hardware reboot of the conference room phone.

Missing from this posting is any explanation about firmware and provisioning. Cisco sells firmware upgrades to their devices, and we bet that the existing firmware on the used conference phone device was sufficient. Our bet paid off.

In summary, this solution may still take a few hours of work for your particular Cisco phone. The payoff is grand – our office Trixbox solution saves us money daily by not having to lease or maintain an expensive private PBX system.

Matt Clark worked in academia, corporate research labs and several technology startup companies prior to GORGES. His expertise is software architecture, database development, and system administration. Matt brings GORGES over 25 years experience developing fast and robust software on a multitude of platforms and languages.

Tags: Asterisk, cisco, CP-7935, Polycom, Trixbox, voip phones
Posted in General, Technology | No Comments »

The most important part of your corporate website

Monday, July 6th, 2009

Here at Gorges Web Sites, we have designed and programmed dozens and dozens of corporate websites. Our many years of experience has led us to establish our own process for delivering business websites on a budget.

Most of our customers approach us with great ideas for the graphic design and features they would like to see on their websites. When meeting with customers for our kickoff meeting and planning process, we avoid these topics.

Why? Isn’t the graphic design and features of a site important? Yes, however, our process starts with the main objective your site visitors have when landing on your site. If your website is selling or marketing products or services, your visitors are there for INFORMATION. They don’t really care about colors, web 2.0 whiz-bang features which cost a ton, or how cool your blog software is. They have a question in their heads, and our job as website designers is to answer that question.

So the first most important step in website design is called ‘Information Architecture’. We spend a fair amount of time talking about menus, pages, sidebars, page layouts, headings, and CONTENT.

Our goal in working with you to design your website is to deliver the key information that your customers need in a way that is easy for them to find. We don’t want to keep them guessing which obscure menu name they have to click to find the information they are looking for.

If we can answer your prospective customers’ questions in one or two clicks and get them moving towards making a decision, then we consider our job well done.

After this process, we get into colors, styles, features, and other tactics to get your site looking top-notch.

If you’d like to hear more, we always offer no-obligation consultations to hear from you and make suggestions as to how we can help make your website work for you.

Christopher Grant, CEO of GORGES, has been building Internet web sites and commerce applications since 1994, pioneering early database-driven Web application and e-commerce projects. He has been instrumental in the construction of hundreds of Internet projects, large and small.

Tags: content, corporate, website
Posted in General, Marketing, Website Design | No Comments »

DATA, DATA, DATA

Monday, June 29th, 2009

At Gorges Web Sites, we work on a wide variety of Web-based projects, but data is at the core of everything we do. Over the years, we have worked with all manners of data – from multilingual Web content to online videos; from logistics tracking data to energy efficiency reporting. We understand that your data is at the heart of your business and that is why we offer a wide range of data-specific services.

Reporting
Many businesses already have sophisticated software systems that have been running their business for years. Perhaps you purchased an off-the-shelf package or maybe you built your own custom system from scratch. Over the years, these systems have done the hard work of maintaining your information and are now the custodians to a reservoir of critical business data. What information lies latent in this structured data? What critical business intelligence can you extract from your software’s silo of data? Database reporting is one of the many services we offer that can help transform your business data into meaningful intelligence.

Data Scrubbing
As software architects, we review your business requirements and design the most fitting storage structures to manage and maintain your data. We choose sensible database constraints and implement form validation to ensure that your data stays as clean and flexible as possible. However, as users add data to your system, it can grow in unexpected and surprising ways. This is why we offer data scrubbing and sanitization services. We can help identify inconsistencies in your data and design scripts to correct those issues.

Data Migrations
As your business matures, you may find that you’ve outgrown your existing software systems, but you never outgrow your business data. When your business makes the decision to buy a new software solution, you will need to analyze, export, and migrate your legacy data from the existing system into the new one. This can be a complex and challenging process, especially for larger databases, but with the appropriate amount of research and planning, this process can be executed to maintain a high level of data fidelity. We have proven experience working with legacy business data in software upgrade and migration scenarios.

The name Gorges Web Sites may convey the notion that we simply build Web sites, but in actuality we are a team of skilled and experienced database engineers. We love working with your data and develop solutions that help your business grow and prosper. If your business already has a software system, but you want to get more from your data, please contact us today.

Greg Kops is a project manager at GORGES. After a decade working as a database and systems programmer, Greg uses his skills and experience to help plan and manage our larger, long-term projects.

Tags: data, data scrubbing, reporting
Posted in General, Technology | No Comments »

Maintain Contact with Your Site Visitors

Monday, April 27th, 2009

The web has been around for a while now and if you’re a business owner, you’re probably already online with at least a basic website. However, now that you’ve established a presence on the web, what comes next? How else can you use the power and reach of the web to grow your business?

One of keys to success on the web is developing strategies to convert casual visitors to lifetime customers. There are many simple tools that can help transform your static online presence into a dynamic and living entity that visitors return to again and again.

CORPORATE BLOG
Your business is always growing – changing as you adapt to new clients, customers, and opportunities. Those changes are something worth talking about! A corporate blog is an easy way to show your visitors that your business is alive and thriving. Furthermore, using email notification and RSS, you can easily broadcast your news to a community of readers who care.

EMAIL NEWSLETTERS
Once you make a sale or finish a client’s project, your business moves on and without some effort, your customer/client may soon forget the details of their experiences with you. Regular email newsletters are an invaluable way to keep in touch with your customers, clients, and colleagues and inform them of the most recent projects, products, and/or people in your organization. You can even build the subscription process right into your website with a simple subscribe form.

These tools offer a powerful way to keep people aware of your business. Even if there are no known future sales opportunities, they can help generate a buzz and build your brand through word of mouth. At Gorges Web Sites, we’re passionate about finding ways to use the web to help grow your business! There is a wealth of options and opportunities available and we’re excited to help develop and execute the right strategies for you.

Greg Kops is a project manager at GORGES. After a decade working as a database and systems programmer, Greg uses his skills and experience to help plan and manage our larger, long-term projects.

Tags: blog, branding, customers, Marketing, RSS
Posted in General, Marketing, Web Development | 1 Comment »

It’s a blog, blog, blog, blog world

Friday, March 20th, 2009

"Listen to me!"

After years of pent-up demand from the burgeoning Gorges staff, we have finally added an outlet for our discoveries, musings, tales, and hopefully rare rants.

I think we’ve designed and installed several dozen blogs for folks over the years. Now it’s time for us to stand on the podium. We’re a diverse group of talented techies – I hope you get to know the Gorges team through this blog.

That’s it. Happy reading.

Tags: welcome
Posted in General | 1 Comment »

Archive for the ‘General’ Category

Passwords that are Used by Groups

Asterisk and Cisco VOIP Phones

The most important part of your corporate website

DATA, DATA, DATA

Maintain Contact with Your Site Visitors

It’s a blog, blog, blog, blog world

Recent Posts

Archives

Categories

Authors

What We Do

Our Work

Our Company

FREE QUOTE