ulphone an asterisk based freephone system for ul … · asterisk is an open source framework for...
TRANSCRIPT
FINAL YEAR PROJECT REPORT
ULPHONE
AN ASTERISK BASED FREEPHONE SYSTEM FOR UL
Shane McCausland
13142976
Supervised by Dr. Conor Ryan
September 2016 – Apri1 2017
LM110
B.Sc. Computer Games Development
Project Summary
This project involves setting up a Private Branch Exchange (PBX) and the systems to
manage it. A PBX is a private telephone network used within a company. Users of the PBX
phone system share several outside lines for making external calls. Not only does a PBX
connect internal telephones within the system but it can also connect to the Public switched
telephone network (PSTN). The PSTN is the aggregate of the world’s circuit switched
telephone networks that are operated by national, regional, or local telephone operators,
providing infrastructure and services for public telecommunications (Rouse, 2005). Simply
put, it is the phone network used for the majority of phone calls made by the public.
Users will be able to apply for a new phone number through a web based front end which
will communicate with the asterisk based private branch exchange server.
Care and accountability will be taken to prevent abuse on the PBX. Security for a PBX
system is critical, this is due to the fact the system is exposed to the internet. There is a lot
of money to be made by attackers in exploiting systems to make free phone calls.
To understand this Final Year Project, it is first important to understand what Asterisk is.
Asterisk is an open source framework for developing and building communication
applications. It turns an ordinary computer into a communications server (Digium, 2015)
and it is the core element to my PBX system. Asterisk has many different applications such
as, an IP PBX, VoIP gateways and for conference servers and other custom solutions. It is
used by small business, large businesses, call centers, carriers, government agencies and
for personal use. It is sponsored by Digium but is built to be completely open-source
From the outset, I knew that there was a huge variety of ways to approach the project, this
was evident when researching the many different Asterisk applications used globally. The
motto of Asterisk is “There’s more than one way to do things” (Madsen, 2011), this
becomes more applicable with each release of the flexible toolkit. There is a massive
amount implementation possibilities with dozens of supported languages. Asterisk is also
compatible with all major Linux distributions.
I made the decision early in the project to implement my Asterisk based PBX in the cloud.
There were several options available to me in upon making this decision but I found the
must applicable option to be an AWS (Amazon Web Services) EC2 (Elastic Cloud
Compute) instance. The EC2 instance provided by Amazon is completely free and allowed
me to create an instance of an Ubuntu Linux server on which I could install the PBX. I had
many reasons for choosing a cloud based PBX, the main reason being; cloud based PBX’s
are the current state of the art of communications used by businesses today, with many
business abandoning their more expensive to maintain non-hosted solutions in favor of the
cloud based alternative. The many benefits of a cloud based PBX include dynamic
resizable compute capacity and savings on IT resources by outsourcing the maintenance of
the system, the up-keep of the system is managed by the host, so dedicated in house staff
is not necessary for maintenance. It can also be considered massively cost effective, mainly
due to the fact businesses can avoid paying for maintenance fees typically associated with
a traditional phone system. This contrasts with the cloud based solution which gives the
business a predictable monthly billing charge and eliminates the need for upfront costs for
heavy installations. Reliability is also a positive trait of a hosted PBX system, it can be
counted on to connect every call without lagging response times, delays or lapses in over
that of traditional PSTN connection. In many legacy systems, the first thing that is affected
during an unforeseen event such as a storm, fire or power outage is the phone lines. A
hosted PBX solves this issue as the infrastructure is protected in the hosted environment.
As such, flow of communications can continue.
Acknowledgements
I would like to convey my sincerest gratitude and earnest appreciation to the following
people who have supported me throughout this Final Year Project:
My project supervisor, Conor Ryan, for his extremely beneficial guidance throughout this
project and his continuous advice to keep me on track to complete the project.
I would also like to thank the University of Limerick’s Department of Computer Science
and Information Systems for their four extremely educational years of learning and for the
high-quality facilities made available for students.
I would also like to thank my friends for helping with the user testing of the project by
completing the feedback sheet. Your help was greatly appreciated.
Finally, I would like to thank my family for their constant encouragement and level of
understanding throughout this academically challenging year.
Without this support and advice, the Final Year Project would have been an unreachable
goal.
Declaration Page
I hereby declare that the development of this Final Year Project was undertaken without
the illicit assistance of any third-party source or aid other than those specified and that this
dissertation, in whole or in part, has not been submitted to any University as an exercise
for a degree. I further declare that, except where reference is made in the text, the contents
are entirely my own work. The author agrees that the library of Final Year Projects within
the department of Computer Science and Information Systems of the University of
Limerick may lend or copy this thesis upon request for study purposes, subject to normal
conditions of acknowledgement.
___________________
Shane McCausland
18th April 2017
1
Contents 1. Project Introduction ........................................................................................................ 3
1.1. Overview .................................................................................................................. 3
1.2. Motivations .............................................................................................................. 4
1.3. Objectives ................................................................................................................ 4
2. Research .......................................................................................................................... 6
2.1. Existing products ..................................................................................................... 6
2.1.1. PBX in a Flash ................................................................................................................. 6
2.1.2. Free PBX ......................................................................................................................... 6
2.1.3. Asterisk Now .................................................................................................................. 6
2.2. Relevant research ..................................................................................................... 7
2.3. Implementation technologies ................................................................................... 7
2.3.1. AWS EC2 ......................................................................................................................... 7
2.3.2. LAMP .............................................................................................................................. 8
2.3.3. Fail2Ban .......................................................................................................................... 9
2.3.4. Go Trunk ......................................................................................................................... 9
2.3.5. PHPStorm ..................................................................................................................... 11
2.3.6. FileZilla & PuTTY ........................................................................................................... 11
2.4. Core Concepts & Definitions ................................................................................. 13
3. Implementation ............................................................................................................. 16
3.1. Introduction ............................................................................................................ 16
3.2. AWS EC2 Instance Configuration and Asterisk Installation ................................. 17
3.2.1 Making a call ................................................................................................................. 20
3.3. Web based front end development ......................................................................... 21
3.4. Connection between front end and server. ............................................................. 23
2
3.5. Connections to PSTN using go trunk..................................................................... 26
4. Security ......................................................................................................................... 27
4.1. Issues and Complications ....................................................................................... 27
4.2. Solutions and Protection Methods ......................................................................... 28
5. System Testing & Evaluation ....................................................................................... 29
5.1. General Introduction .............................................................................................. 29
5.2. Testing methods ..................................................................................................... 29
5.3. Findings.................................................................................................................. 29
5.4. Implementation of user feedback ........................................................................... 30
6. Summary & Conclusions .............................................................................................. 31
6.1. Conclusions ............................................................................................................ 31
6.2. Recommendations .................................................................................................. 31
7. References ..................................................................................................................... 33
8. Bibliography ................................................................................................................. 35
9. Appendices .................................................................................................................... 36
9.1 Appendix 1: User testing sheet ............................................................................... 36
9.2 Appendix 2: Screenshots & Images ........................................................................ 37
3
1. Project Introduction
1.1. Overview
This final year project, UL Phone, involves setting up a private branch exchange (PBX)
system and systems to manage it. Users should be able to apply for a new phone number
on a web based front end and use the number on the PBX. Care and accountability should
be taken to prevent abuse. The PBX will be able to connect to the PSTN (Public switched
telephone network) and allow users of the system to request credits to make calls on the
PSTN.
While there are many open-source PBX’s available online, such as PBXInAFlash or
OpenPBX which would have worked for this Final Year Project, I chose to create my PBX
using Asterisk. Asterisk is the core framework when it comes to creating custom PBX’s
and it is what the majority of the open source communications software is built on.
The web based front end will act a medium between the user and the Asterisk based PBX
server. Users will register with an appropriate student or staff email, name and password
and will be issued with an extension within the PBX. The web front end will also collect a
directory of registered extensions with their associated names.
Once issued with an extension the user will be able to connect to the PBX server using a
software based telephone (softphone) and make free calls to other users within the PBX
registry.
The Asterisk server is cloud based, using an Amazon Web Services (AWS) based Elastic
Cloud Computing (EC2) Instance. I made the decision to make the server cloud based to
support scalability and because having a cloud based PBX is becoming the current state
of the art in PBX technology.
4
1.2. Motivations
My reasons for undertaking this final year project are motivated by the fact that I worked
in a call center for several years, I was extremely interested in learning the technology
behind such a huge industry. Learning about the power and scale of which Asterisk is used
in business is another factor that motivated me into picking this project. Today there is
more than 1 million Asterisk-based communications systems in use, in more than 150
countries. Almost the entire Fortune 1000 list of customers uses it (Digium, 2015).
The fact that Asterisk is so accessible and open source is another reason which aided me
in choosing this project, the ability to get under the hood and see how Asterisk works, along
with making any changes or enhancements I see fit is a very interesting aspect of the project
for me.
The Asterisk community is also very well supported, with a vast knowledge base on the
official website as well as many in-depth textbooks available for all skill levels it is easy
to pick up if you are a beginner.
Creating the PBX in the cloud was another motivating factor, this was because I was
looking for a topic which gave me some experience deploying software on a cloud based
system as cloud computing is taking over in the IT industry.
1.3. Objectives
My key objectives for this project were, to research and learn about Asterisk and its various
PBX based applications, to learn how to deploy an instance of an EC2 Linux server and
install Asterisk after the instance is launched and to deploy a LAMP based web front end
on the same EC2 instance and to have this web based front end communicate with the
Asterisk server.
Once I had achieved these primary objectives I hoped to give the user the ability to log into
the web based front end and request credits. These credits will enable the users to make
calls from the PBX to the PTSN. The final objectives of the project will be to polish the
5
web based front end and provide security and protection on the PBX. The front end will
eventually display a directory of users which details their specific credentials on the
communications server.
As the product of the final year project is now complete, I have achieved the milestones as
intended and delivered the product in accordance to the initial requirements. I have
successfully created a functioning cloud based asterisk built PBX system wherein users
can sign up (Using the web based front end) and make free calls to other users registered
on the asterisk server. The web based front end has also been created successfully, allowing
a user to register their details to the PBX and make calls to other users as well as calls to
the PSTN. The web based front end also houses a directory of all the users within the PBX
as well as a knowledge base of information on ULPhone detailing various aspects of the
product, such as the initial phone configuration.
6
2. Research
2.1. Existing products
With most businesses using a PBX for their telephony traffic, there is a vast number of
existing products and solutions available on the market. One of the very first tasks I
completed on this project was to install many different open source PBX distributions to
give me a better understanding of the technology. I focused primarily on PBX distributions
that were created with Asterisk. The three most popular distributions I researched included
PBX in a Flash, Free PBX and Asterisk Now, each with their own respective advantages
and disadvantages.
2.1.1. PBX in a Flash
This PBX comes with the latest version of the Debian Linux operating system and installs
in under 30 minutes. One of the key advantages to this distribution is the ease of
upgradability. It is also preconfigured with trunks and gateways. Trunks are the
connections shared between two entities on the PBX while the gateway is the way in which
the PBX accesses the PSTN. Asterisk 1.4 or 1.6 come preloaded with this distribution.
2.1.2. Free PBX
FreePBX is the world’s most deployed open source business communications system, with
millions of active installations and over 400 new installs per day (Sangoma Technologies,
2010). The distribution is incredibly feature rich. It also has support for other advanced
add-ons such as Zulu, which is an all in one desktop softphone system, and other phone
based applications. It can be installed a number of ways and is very versatile. I installed
the PBX on a very old laptop and it worked perfectly, allowing me to make phone calls
between two configured softphones.
2.1.3. Asterisk Now
This a complete Linux distribution with Asterisk, the DAHDI driver framework (Section
3.2), and the FreePBX administrative GUI. The installer handles all the complexity,
making this PBX very accessible in terms of ease of use.
7
All three of these PBX distributions helped to give me a better understanding of the
Asterisk technologies.
2.2. Relevant research
My core piece of research material was the textbook ‘Asterisk the Definitive Guide’ by
Leif Madsen, Jim Van Meggelen and Russel Brand which I purchased for this project. The
book details the process involved in designing a complete VoIP or analogue PBX with
Asterisk. I used the book as a reference when I was installing Asterisk on the EC2 instance.
It details the different commands needed for the install of Asterisk on each major Linux
distribution.
It gave me a basic understanding of some key telephony concepts such as trunking, dial
plans and the configuration of devices (defined in section 2.6.7) which enabled me to work
better and more confidently with the PBX system. The book also explains how to connect
to the PSTN which is extremely relevant for my project.
2.3. Implementation technologies
2.3.1. AWS EC2
The core piece of technology I am using for this project is an Amazon Web Services Elastic
Cloud Compute instance running an Asterisk PBX on an Ubuntu Linux server. This allows
me to have a cloud based PBX. Figure 1 shown below shows the configuration on a hosted
PBX system, similar to what is used for ULPhone. My reason for choosing an Amazon
based cloud instance is that the AWS EC2 instance is scalable in response to popularity
spikes, so as more people use the PBX the instance will scale in response to this.
Amazon EC2 is also a highly secure method of operation, it provides secure login
information for the instances using key pairs. AWS stores the public key while I store the
private key. A firewall that enables the user to specify the protocols, ports and source IP
ranges is also available to further enhance the security of the instance (Microsoft, 2016).
8
An EC2 instance is also incredibly easy to set up for a first-time user, it is as simple as
clicking a button and choosing which operating system you want your instance to have.
The final reason I had in choosing AWS is their free tier account options, which mean I
did not have to pay for any of my EC2 instances. The free tier access lasts for a year and
allows the user to have 750 hours per month of Linux EC2 usage (Amazon, 2015) which
is perfect for what I will be undertaking.
Figure 2.1: Hosted PBX Diagram.
2.3.2. LAMP
The LAMP (Linux, Apache, MySQL, and PHP) model of web service stacks is what the
web based front end will be developed with. One reason for this is that I can install all the
web services on the same EC2 instance as the Asterisk server allowing for easier
maintainability and cost effectiveness. LAMP is also a good choice for the project as it is
open-source, and has a huge community which offer support and have also developed a
wide variety of extra components and modules which give extended usefulness. It is also
widely regarded as a very secure method of web service development.
9
2.3.3. Fail2Ban
Fail2Ban is an intrusion avoidance software framework that protects computer servers from
brute force attacks. Written in the Python programming language, it is able to run on
POSIX (section 2.4) systems that have an interface to a packet-control system or firewall
installed locally, for example, iptables or TCP wrapper.
While Fail2ban can reduce the rate of incorrect authentication attempts by banning the IP
address of the brute force attacker from the PBX server, it is by no means a substitute for
strong authentication procedures. Fail2ban should be used in combination with strong
authentication methods in order to achieve maximum security of the PBX server as it alone
cannot eliminate the threat weak authentication presents.
I chose to use Fail2ban for my system as it is very proficient at working with Asterisk
systems. It is very common for Asterisk based PBX to have Fail2ban scanning the log files
for breach attempts. Once the scanning has found a possible breach on the communications
server the IP address is added to an IP table and banned from accessing the server for an
administrator specified amount of time.
2.3.4. Go Trunk
GoTrunk is a SIP trunking service that provides inbound numbers for the PBX at a cost
and connects the PBX to the PSTN (public switched telephone network). A SIP trunk is
necessary for ULPhone as it acts as a tunnel from the created PBX communication server
to the PSTN. A SIP trunk utilizes the Session Initiation Protocol (section 2.4) which is an
IETF (Internet Engineering Task Force) standard that dictates how voice over IP (VoIP)
sessions are initiated, handled and terminated. While there are other proprietary protocols
available such as IAX (section 2.4), SIP has become the most commonly utilized and
implemented format.
When a phone call is made over the SIP trunk, it may begin as an IP call or eventually be
converted into one at some point. The point in question maybe an ATA adapter, which
10
converts an ordinary analogue telephone signal to an IP call, the IP PBX itself or a SIP
compatible router.
While there are many SIP trunk providers available. One such provider is Blueface which
is an Irish owned SIP trunk provider, the SIP trunk for ULPhone was GoTrunk for the
following reasons:
• Flexible month’s trial for first time users: This was essential for this project as it
allowed me to test the connection to the PSTN without having to give credit card
details. This meant I could test ULPhone connectivity to the PSTN without the fear
that a breach by an attack would cause loss of money. This also allowed me to test
the security of the PBX once it was connected as any communication server which
can make calls to the PSTN is a target for hackers.
• Extremely versatile control console: The GoTrunk control console is a defining
characteristic of the SIP Trunk provider and indeed a benefit. From the dashboard,
the administrator of the PBX can view detailed analytics of calls made from their
PBX server through the SIP Trunk as well as detailed call logs of previous calls
made. The dashboard also includes a knowledge base of Country Dialing Codes
with their associated cost.
• Pay as you go system: GoTrunk works on a pay as you go system. You only spend
the money you need at that time. This means that there is no fear of exceeding
expected cost as the administrator determines the level of credit in the SIP trunk
which can be used to make calls. This is also something which enhances security
of the PBX, because there is only a set amount of credit in the PBX server at one
specific time, a hacker can never go over the amount which is present to make free
calls to international or long-distance phones.
11
2.3.5. PHPStorm
PHPStorm is a commercial cross-platform interactive development environment for PHP
built on the IntelliJ IDEA platform and it is the IDE I chose to use for ULPhone’s front end
development. The main reason I was drawn to PHPStorm was the positive reputation it has
received as a development environment and the fact it is built upon the extremely robust
IntelliJ IDEA platform. Throughout the development of the front end I the most common
and extremely useful feature I used included:
• The IDE’s smart code completion: As someone who is relatively new to PHP
development the development environment’s code completion, syntax highlighting
and automatic refactoring were hugely beneficial to my development process.
• Debugging & testing: PHPStorm had many debugging tools which I frequently
made use of to inspect variable, set breakpoints and evaluate an expression in
runtime. PHPUnit tests can be developed in the editor with statistics on code
coverage to show what code is covered with the developed tests.
2.3.6. FileZilla & PuTTY
The project’s Linux instance is a virtual server in the Amazon Web Services cloud. To
connect to this instance, an SSH client was needed. I chose to use PuTTY for this function.
As well as having the SSH client to connect to the Linux instance, I needed to have a
method of file transfer to the server, I chose to use the FTP solution FileZilla. All of the
work done with Asterisk was completed using an instance created by PuTTY and all of the
front-end development files were uploaded to the EC2 server using FileZilla. In order to
connect to the instance securely I had to make use of the EC2 key pair authentication
method.
Amazon EC2 uses public-key cryptography to encrypt and decrypt login information.
Public key cryptography uses a public key to encrypt a piece of data, such as a password,
the recipient uses the private key to decrypt the data, the public and private keys are known
as a key pair. In order to login into the instance with PuTTY, I had to create a key pair,
which is done in the EC2 control console, the key pair is also named in this process and is
associated to the public key which is stored by Amazon. The private key is then
12
downloaded to a secure directory. When logging into the instance the private key is given
to PuTTY and acts as a password to EC2 instance (Amazon 2017). Amazon stores the
public key only, and I, as the administrator of the EC2 instance store the private key.
Anyone who possesses the private key however, can decrypt login information so it is
important to keep it secure.
Figure 2.2: Connection to EC2 instance using PuTTY.
Figure 2.2. shows the virtual machine running on windows. It also shows the asterisk CLI
which is entered by using the ‘asterisk -r’ command.
13
2.4. Core Concepts & Definitions
Trunking: Is the process of using a SIP trunk to connect the PBX to the PSTN. The sip
trunk itself acts as a gateway between the PBX and the PSTN.
Dialplans: Dialplans are essentially a scripting language specific to Asterisk and one of the
primary ways of instructing Asterisk on how to behave. It ties everything together, allowing
the PBX admin to route and manipulate calls in a programmatic way (Jordan 2016).
Contexts: The Asterisk dialplan is divided into sections, and each section is known as a
context (Wintermeyer 2010). Any dialplan must include a [general] context where
configuration entries that are global are located. Any subsequent context can have any
name. Contexts act as means by which any physical devices, in ULPhone’s case
Softphones, are bound to the dialplan. An example context specification from the sip.conf
would include the following.:
In the above example the sip device is called alice and will initiate calls in the hardcoded-
phones context. This means that if the SIP device alice calls another device by dialing an
extension, Asterisk will then search the context hardcoded-phones for a device matching
that extension and will proceed to dial it if it exists. If it does not exist Asterisk will do
nothing. The actual context itself is defined by its name within square brackets:
[alice]
type = friend
context = hardcoded-phones
secret = 1234
host = dynamic
[hardcoded-phones]
Rules, instructions etc.
14
Endpoints:
1. Hardphone: A hard phone is a physical device. It looks just like an office telephone,
it has a handset, numbered buttons etc. It connects directly to the network and it is
commonly referred to as a VoIP telephone.
2. Softphone: A softphone is a software application that runs on a computer or smart
device and acts as a phone that connects to the PBX. The audio passes through the
devices audio system. This is the primary end point which is used for ULPhone as
it is a portable and cost effective solution. The softphone application Zoiper is the
softphone used, it can be downloaded for free on all major OS’s and smart devices
for free.
3. ATA: An analog terminal adapter (ATA) is designed to allow traditional analog
telephones and other machines such as fa machines to connect to a SIP network or
PBX.
Asterisk Realtime Architecture (ARA): The ARA moves all database specific code to
database specific drivers. It is a method of storing the configuration files (normally located
in the /etc/asterisk directory) and their configuration files in a database table (Madsen et
al. 2013). There are two types of Realtime;
• Static: Similar to the tradition method of reading a configuration file, except that
the data is read from the database.
• Dynamic: This is used for things such as user and peer objects (SIP, IX2) which
loads and updates the information as it is required.
POSIX (Portable Operating System Interface): POSIX is a set of standard operating system
interfaces based on the Unix operating system (Rouse 2005).
15
SIP (Session Initiation Protocol): is an application level signaling protocol for setting up,
modifying and termination real-time sessions between participants over an IP data network.
(Stallings 2016). SIP is commonly used for telecommunications applications and is the
most popular protocol used in Asterisk, which is why I chose to use it for ULPhone. Figure
2.3 shows how SIP components relate to one another and the protocols that are employed.
A user agent (in this case Alice) uses SIP to set up a session with another user agent that
acts as a server (Bob).
Figure 2.3: SIP components and protocols.
IAX (Inter-Asterisk eXchange) – is another communications protocol used by Asterisk. It
differs from SIP as it is native to Asterisk while SIP has a wider variety of applications. It
is used primarily for transporting VoIP telephony sessions between servers and to terminal
devices.
16
3. Implementation
3.1. Introduction
One of the most important tasks in the initial development of ULPhone was planning the
work to be done. Using various project management techniques such as work breakdown
structures and Gantt charts I set very clear milestones for myself. From the outset this made
the project more approachable as it broke the development down into sections rather than
having one huge project with no clear starting point or goals.
I also initially outlined the success criteria for the project before starting any stage of actual
development. The core goals for the project as defined by myself with advice from my
supervisor, Conor Ryan, included:
• Create a functioning PBX installed on a cloud based EC2 instance.
• Develop a functioning web based front end which users can register to with
their credentials and login to a user portal.
• The developed front end will have the ability to assign an extension to the
newly registered user and communicate the user details to the asterisk based
PBX.
• The web based front end will also have a directory of users registered of the
PBX.
• The newly registered user will be able to register to the PBX using a
softphone of their choice and make calls to other users of the PBX for free.
• The PBX users will have the ability to make calls to the PSTN if authorized
by the administrator of the communications sever.
Once the main planning element of the project’s development was completed and the
success criteria was defined the project was split in to four core milestones.
1. Asterisk setup/installation on the AWS EC2 instance.
2. Development of the web based front end.
3. Configuration of the intercommunication between the front end and Asterisk based
PBX.
17
4. Configuration of the PSTN connectivity.
Once I completed these four core milestones, the project had met most of the specified
success criteria and was considered a success. The final stages of securing and testing
ULPhone were then undertaken. The way in which the core milestones were undertaken is
specified in the following sections
3.2. AWS EC2 Instance Configuration and Asterisk Installation
This aspect of the project was initially very challenging a number of reasons. The key
reason being that, even though there is a lot of support for Asterisk installations for specific
systems, there is a lack of material for installing it on a cloud based instance, more
specifically an AWS cloud based instance. I had to combine various methodologies to get
the communications framework running in the cloud.
The first step taken when installing Asterisk was to correctly initialize the AWS EC2
instance. To create the instance, I had to sign up for an Amazon AWS account which was
a straight forward process. AWS offers various tiers of accounts when signing up, some
geared towards enterprise level systems and some towards small personal systems. The tier
I chose was the free tier account. The account type entitled me to 750 hours per month of
always on micro instance usage for free. This was more than enough compute time for
ULPhone as it is only possible to exceed the plan’s constraints if more than once instance
is running, and, in the case of ULPhone only one instance is necessary as Asterisk, and the
web based front end are installed on the same single EC2 instance.
Once the account was registered, the setup of the instance was very intuitive, all that was
necessary was clicking the launch EC2 instance button from the control console home page
and specifying a few user preferences. AWS EC2 allows the user to specify which flavor
of Linux to install with various options including:
1. The Amazon Linux AMI: which is an operating system developed by amazon
specifically for EC2.
2. Red Hat Enterprise Linux.
18
3. SUSE Linux.
4. Ubuntu Linux: Flavor used for ULPhone.
5. Windows Server OS
Once this process is complete the instance is launched, the EC2 control console can be used
and the virtual machine can be connected to using SSH. The EC2 control console is tailored
to act as a central hub for the instance. It presents all the instance information as well as UI
to perform various functions such as:
• Launching, terminating, or pausing an instance.
• Assigning an elastic IP address. An elastic IP address is a static IPv4 address made
specifically for cloud computing. It is associated with the AWS account and, in the
case of ULPhone it is used as the domain name for the web based front end.
• Creating security groups and forwarding ports for SSH, HTTP and SIP
Once the AWS EC2 was complete I began the Asterisk installation process. The first tasks
in this process included installing the various dependencies such as
• Libpri: Libpri is an open source library that encapsulates the protocols used to
communicate over ISDN interfaces. ISDN, the Integrated Services Digital Network
is a set of communication standards for simultaneous digital transmission of voice,
data, and other network services over the traditional circuits of the public switched
telephone network (Alfian’s Linux 2013).
• DAHDI – DAHDI is the Digium Asterisk Hardware Device Interface, which is a
collection of open source drivers for Linux that are used to interface with a variety
of telephony related hardware.
Once these dependencies were installed I was able to begin the Asterisk installation. I
chose Asterisk 13 as the version to be installed on the EC2 instance. Asterisk 13 was
released in 2014 and many user reviews says it is the best and most robust version of
Asterisk. The focus of the development of Asterisk 13 was improving the usability and
features and features developed in the previous standard release, Asterisk 12. To install
Asterisk on the EC2 I followed instructions from the textbook ‘Asterisk, the Definitive
Guide’, which details the commands necessary to install the framework. Once the
19
install is complete the user is presented with the Digium logo to indicate a successful
installation (Figure 16 Appendix 2).
Once Asterisk was installed, I completed the initial configuration by modifying the
following configuration files, which are installed with asterisk into the /etc/asterisk
directory of the EC2 instance to my own specific preferences for ULPhone:
• modules.conf: This configuration file tells Asterisk what modules to load on
startup. A module provides its own specific functionality and capability to the
Asterisk PBX such as voicemail or the automated voice attendant module.
While this file is not strictly required in an Asterisk installation, without it
Asterisk won’t have any modules loaded and won’t be able to do anything.
• asterisk.conf: This file allows for tweaking of various settings that affect how
asterisk runs as a whole. I used this configuration file to edit the directory path
of where Asterisk stored the configuration files on the EC2 instance as it was
different on the initial Asterisk generated file.
• sip.conf: This file specifies the configuration of the Session Initiation Protocol
(SIP) module. Channel. It is also used for defining parameters which SIP
devices communicate with the Asterisk communications server. Initially to test
the PBX, I hardcoded to users to the sip.conf file in other to test my first call on
the PBX. Once the intercommunication between the front end and the Asterisk
server was configured, the sip.conf read from a database of registered users in
order to dynamically register these users to the PBX in real time as well as
assign them an extension using the extensions.conf file.
• extensions.conf: I used this configuration file to generate an extension number
for the SIP users specified in the sip.conf file.
After I completed the installation of the Asterisk framework on the AWS EC2
instance and the initial configuration I made my first call. To do this I hardcoded to
users to the sip.conf file, I then downloaded a softphone and registered it to the
PBX, I signed in using one of the hardcoded users, repeated these steps on another
device with the other hardcoded user and then I called the extension of the other
signed in user which proceeded to make the other softphone notify me of an
incoming call.
20
3.2.1 Making a call
Once the asterisk server has been installed and configured correctly on the EC2 instance a
test call can be made. To make a call I completed the following steps:
• Initially I configured two users in the sip.conf file and assigned
them specific extensions within the extensions.conf file.
• Using my preferred android Softphone Zoiper, I entered the
specific username and password of one user I had created. For the
host credential, which is necessary to connect to the PBX I
entered the elastic IP/domain of the front end followed by the SIP
port being used which in the case of ULPhone was:
35.160.192.57:5080. Figure 3.1 shows the account information
input page of the Zoiper softphone.
• I repeated this process on a windows softphone for the other user
with their specific username and password.
• Once both users were registered successfully, which was indicated
by the screen shown in figure 3.2. I made a call between them by
dialing one user’s extension from the other user’s softphone interface.
• All SIP user’s extensions within the PBX begin with a 6 and when
dialing out to the PSTN the extension begins with a 9 followed by the
PSTN phone number.
Figure 3.1: Zoiper
user data input.
Figure 3.2 - Zoiper
registration successful.
21
3.3. Web based front end development
This was the most important step I found in the development of the web based front end
was knowing exactly the functionality I wanted it to have in the system. The main
functional requirements and nonfunctional requirements I developed the front end to have
are as follows:
• Functional Requirements
➢ Provide a platform to register users and assign them an extension. The
extension acts a phone number within the PBX.
➢ Provide a directory of users in registered on the PBX. The directory displays
the name of each user, their extension in the PBX and other credentials such
as email and surname
➢ Provide a functional comprehensive knowledge base of the ULPhone
system. This knowledge base details the initial configuration of the user’s
softphone, information on the various softphones available as well as their
pros and cons, an about section detailing the purpose of ULPhone as well
as a contact form which users can use to request credits to make calls to the
PSTN or seek help with a problem. In the final product, all users can make
calls to the PSTN as they are assigned one credit in the system. The reason
for this being for the demonstration purposes of ULPhone, the second reader
can automatically make calls to the PSTN without needing approval initially
from the admin.
• Non-functional Requirements
➢ Usability & performance on mobile devices. I want ULPhone to act as an
all-in-one system, such that a user of the system can perform all the products
functionality on one device, be it on mobile or computer. The front end was
developed with this in mind, across all platforms the front-end scales
appropriately to appear in a user-friendly manner.
➢ Security. Every piece of user data should be safe and the PBX should be
safe from attacks as there is a lot of money to be made in exploiting a PBX
system to make free calls.
22
With these requirements in mind I decided to use the open-source LAMP web development
platform for the front end. LAMP which is the acronym for Linux-Apache-MySQL-PHP
is the most popular web development platform available. One reason I chose LAMP as the
platform for ULPhone is due to the fact it is a very well supported for platform for
development on EC2 instances. Being new to PHP development, a LAMP based platform
suited my needs perfectly as there is a vast amount of documentation and support available
on using the language and platform. Some other reasons LAMP was well suited to this
project were:
• Customization: Because LAMP components are open source, they have
accumulated a wide variety of additional components and modules that provide
additional functionality. This open source approach enabled me to do the same in
development, that is, customizing components and functionality to suit my specific
needs.
• Ease of deployment: With no licensing issues or the need to compile applications
deployment was as simple as copying the locally developed.php files to the EC2’s
/www directory using FileZilla.
• Security: Since many people use the platform and because it has been available
and used for years LAMP technology is secure and stable. Problems are fixed very
quickly, so there was no need for me to worry about the initial security of ULPhone.
• Community: There is a wide array of experienced people willing to provide help
and support for the development and deployment of LAMP based applications. This
was particularly useful in the case of ULPhone due to my initial low level of
experience with LAMP at the beginning of the project.
The base layout of every page on the front end was developed first, including a dynamic
user credentials section based on $_SESSION variables and a base container layout for
content to be slotted into with a section menu fixed on the right-hand side of the page on
computer devices or on top for mobile devices. In the diagram shown below (Figure 3) is
an example page that shows the general layout of the front end when an end user logs into
ULPhone, a simple header navigation bar on the right followed by a container for all page
content to be displayed.
23
Figure 3.3: Standard web page layout.
3.4. Connection between front end and server.
Linking the Asterisk based PBX of ULPhone to the web based front end was probably the
most difficult aspect of this project. Most of the solutions I used were created completely
from trial and error, as resources for this specific of a solution are just not available.
However, this was a major milestone for the project as once I had completed this, ULPhone
was a functional service that allows users to register and make free calls. The underlying
backbone of the intercommunication between the web based front end and back end
Asterisk communications server was a proper implementation of MySQL databases. These
databases act as a medium between the front and back end, transferring necessary data and
communicating with each. ULPhone consists of two databases, these are, in more detail:
• front_end: The front_end database contains the user table. This table and database
deal solely with the web based front end. Every piece of user data entered on the
front-end registration page is stored in this table. The data is then passed to the
asterisk database using MySQL triggers to be passed to the Asterisk
communication server.
24
• asterisk: The asterisk database deals mainly with data that is given to the Asterisk
PBX. It receives the user data from the front_end database and consists of three
tables:
1. ast_sipfriends: This table stores all the user data that is dynamically passed
to the PBX for use. When a user’s credentials are added to the ast_sipfriends
table they are sent to the PBX’s sip.conf file for registration. This is done
once Asterisk Realtime is enabled which allows asterisk to populate its
configuration files with data from MySQL databases. The table also
contains a lot of NULL values which are populated once the user has
registered their softphone to the PBX using their username and password.
These values include the host of the specific softphone device and the IP
address of the device. This data allows for checking is the specific user is
online, meaning, if the user has NULL values for their registered device’s
IP address the user is not connected via softphone, so the online status can
be set to false and passed to the directory table and vice versa if the data is
not NULL the online status can be set to true. The ast_sipfriends also allows
for specification of the SIP users context (defined in section 2.3.7.).
2. extensions: This table takes any new registered user and assigns them an
extension to be used within the PBX. Once the extension is assigned it is
passed to the Asterisk PBX and associated with the newly registered SIP
user.
3. directory: The directory table takes specific user information from all
tables and is used to display the user directory on the ULPhone front end
customer homepage. This table shows if a specific is online and eligible to
be called within the PBX.
25
Figure 3.4: Asterisk database schema.
Figure 3.4 clearly shows the schema of the backend MySQL asterisk database, with its
relations highlighted via entity relationship indicators.
Once the back-end MySQL tables were configured correctly the next step was to set up the
ODBC driver for use with ULPhone. The ODBC driver uses the Open Database
Connectivity interface that allows applications to access data in database management
systems (DBMS) using SQL. The ODBC driver is set up by creating the res_odbc.conf file.
In this file, the credential for accessing the MySQL backend databases are specified, this
allows Asterisk to pull information from them once Asterisk Realtime Architecture
(Section 2.3.7) is enabled.
The last step of the intercommunication process was to edit the sip.conf and
extensions.conf file and enable Asterisk Dynamic Realtime. Once this was enabled
Asterisk gets all its SIP information from the specified database in the ODBC
configuration, in the case of ULPhone the asterisk table. Once this final step was complete
users were dynamically registered to the PBX from the front end and ULPhone and could
make calls to other dynamically registered users.
26
3.5. Connections to PSTN using go trunk
The final step of development was to connect the PBX to the Public Switched Telephone
Network (PSTN) and allow users to make calls to PSTN mobile numbers. This step was
accomplished by making use of a SIP trunk (Section 2.3.7.), adding the trunk to the sip.conf
file and assigning it an extension within the extensions.conf file. The SIP trunk acts as
gateway from the PBX to the PSTN. There are many SIP trunks available offering a wide
variety of plans for a diverse array of implantations but for the purposes of the development
of ULPhone I chose to go with the SIP trunk provider GoTrunk. My reasoning for choosing
GoTrunk included:
• Free trial: GoTrunk offers new users a month’s free trial with credit. This was
perfect for my implementation as I needed to test the trunk within my PBX
thoroughly before committing to purchasing a plan.
• Credit System: GoTrunk is a pay as you go service which means you only pay for
talk time you need. This means that for any breach attempts the potential hacker
can only use the credit that is left on the account and not exceed any monthly plan.
• Versatile control console: GoTrunk’s admin portal is very well designed. It
provides helpful analytics on calls made, a directory of international extensions
codes and call rates, very detailed call history log and 24-hour customer support
instant messaging for any problems or queries.
Once the specific account is set up, the supplied trunk needs to be added to the PBX’s
sip.conf and extensions.conf. In the case of ULPhone the sip trunk acts as a SIP user
essentially. Any call beginning with the number nine is sent to the SIP trunk defined in
sip.conf , and then the remaining numbered dialed is sent out through the trunk to be dialed
on the PSTN.
27
4. Security
Security is an important factor in all telephony related software that must be addressed.
Care and accountability must be taken in the development of such communications servers
as there is a lot of money to be made by attackers who aim to exploit a system to make free
calls. During the development of ULPhone, security was an aspect I initially neglected as
I was unaware of the security risks posed. As the development process iterated, it was clear
that the security of the PBX needed to be addressed as I experienced several different
breach attempts.
4.1. Issues and Complications
To understand why security is important in a PBX situation it is first important to
understand the benefits of attacking a PBX. The main things hackers want is to find a
weakness that will allow them to make a long distance, international or other chargeable
calls for free. In some cases, the malicious infiltrators sell the hijacked time from the server
to end users who think they are a part of a legitimate service when, in reality, they are using
minutes stolen from a hacked PBX.
During the development of ULPhone, the PBX experienced several different breach
attempts by unknown intruders. These attempts included:
• Breach 1: The most common way intruders gain access to a PBX system is by
listening to and intercepting traffic on the common SIP port 5060. Once the hacker
finds an acceptable target the PBX is brute forced attacked with user credentials to
try and gain access to the system. This happened with ULPhone, several thousand
brute force attacks were registered from unknown IP addresses trying to breach the
system. The brute force attack was indicated in the Asterisk log files as shown in
figure 5 in appendix 2.
• Breach 2: Before I could implement the solution to Issue 1, which is detailed in
section 5.2., the PBX was unfortunately breached for a short amount of time. When
the breach occurred, the hacker made a series of calls out through the SIP trunk to
many various Asian countries trying to steal all the allocated minutes on the
GoTrunk SIP trunk, fortunately, GoTrunk’s customer care team realized there was
28
an unusual amount of foreign calls made to Vietnam, roughly 500 (Figure 5
Appendix 2), so they shut the trunk down and contacted me immediately. The task
then was to secure the PBX correctly to prevent further attacks and have the SIP
trunk relaunched.
4.2. Solutions and Protection Methods
After the breach of the system I did a lot of research into the best way to secure a PBX in
my specific scenario. The AWS EC2 instance was the most secure aspect of ULPhone as
it is secured by Amazon with encrypted keys that are required to access the instance. The
PBX however needed to be more secure, for this reason I implemented two popular PBX
security methodologies.
1. The common SIP port was changed from 5060 to 5080. Once this step was
implemented the hacker was no longer able to find the PBX on the common SIP
port. To do this, I forwarded the port 5080 in the EC2 control console and changed
the default SIP port in the Asterisk sip.conf configuration file. Once the change was
made the end user had to change their softphone credentials which are used to
connect to the PBX. The host credential changed from 35.160.192.57 to
35.160.192.57:5080. This alleviated much of the security concerns
2. Fail2Ban was installed on the system. Fail2Ban is a package which was installed
on the communications server, it scans the log files of a specific system, in
ULPhone’s case, the Asterisk log files for repeated entries of an IP and bans IPs
that exhibit behavior which would indicate malicious intent. Entries which contain
too many login attempts or too many failed password entries are flagged by the
package and added to an IP table where the admin can specify the time of the ban,
or if the IP should be banned in the first place. The configuration of Fail2Ban is
done with two files, the jail.conf file, which specifies ban times, communication
ports and protocols and the fail2ban.conf file which specifies where the log file
information should be stored as well as the path to the socket which is to be used.
29
5. System Testing & Evaluation
5.1. General Introduction
The overall testing of ULPhone was a continuous process. The nature of the PBX
development involved constant addition of features, which meant after every piece of
functionality was added to the system I had to test that all the previous functionality was
still operational.
The php, html and CSS code used to develop the web based front end was tested for errors
using the PHPStorm IDE’s built in testing techniques. I was able to write PHPUnit test
cases to test the functionality of the code and to use the IDE’s inspection tools to check for
syntax errors.
5.2. Testing methods
Once the project was completed and met the initial success criteria, I felt user testing was
extremely important for ULPhone as it is a system designed for use by people with different
areas of technical proficiency. In other words, it should not be a daunting task for potential
end users to set up and make calls using service. I developed an instruction sheet and
questionnaire for user testing (shown in appendix 1). The questionnaire contains
instructions for registering an account to the web based front end, connecting to the PBX
with the registered softphone using the registered credentials and making calls to test
number on the PBX as well as making calls to the PSTN. I distributed the document to ten
peers from various academic backgrounds and recorded the results.
5.3. Findings
From the users who completed the test document:
• 80% could follow the instructions, connect to the PBX and make calls to both the
PSTN and numbers within the PBX.
• 100% found the web based front end helpful.
• 50% found the softphone set up intuitive and user-friendly.
Most of the feedback given was positive but some of the common constructive criticism
was that the softphone setup was confusing and it was hard to understand how to connect
30
it the server. The feedback from the 20% of users who could not complete the instruction
sheet was that they didn’t really understand the concept of the PBX system and for one
user the fact that they did not possess a capable smartphone meant they could not physically
complete the test.
5.4. Implementation of user feedback
From the tests, I could target some key areas which needed to be addressed to improve the
overall functionality of ULPhone. These key areas plus my solutions to the issues include:
1. The way in which users connect their softphone to the PBX needs to be improved.
My initial concept to tackle this issue was to build my own custom android based
softphone which, once installed, was automatically connected to the ULPhone PBX
when launched. However, after some discussion with my supervisor we concluded
that was beyond the scope of the project as an FYP. Instead I opted to make the set-
up section of the web based front end more understandable to all users.
2. The web based front end needed to contain more concise information on the
ULPhone PBX system. Similar the first issue I fixed, this problem by providing
more detailed information on the front end which is easily read and comprehensible
to all ULPhone users.
31
6. Summary & Conclusions
6.1. Conclusions
In conclusion, it is fair to say that Asterisk is an extremely versatile and robust piece of
software. Not only is Asterisk extremely beneficial for small to enterprise systems but it is
also an option for personal projects that wish to reap the benefits of a corporate PBX but
lack the capital to produce one. Not only is Asterisk exceptionally cost effective when
compared to most other PBX options, it also boasts many more features and functions than
competitors.
I believe cloud based PBX’s are the future and it is clear why it is expected that the hosted
PBX market will reach a net worth of $18 Billion by 2018 (festeban, 2015). The cost
effectiveness on reduction on maintenance fees are reason enough for any PBX using
corporation to switch to a cloud- based solution.
My Final Year Project, ULPhone enabled me to set up a functional cloud based PBX with
an interconnected web based front end used to interact with the Asterisk based PBX. This
factor alone I feel shows the versatility of the framework. I also so feel that because of the
fact the initial success criteria had been met, my final year project was in fact, a success.
6.2. Recommendations
If I were to continue the development of ULPhone there are several factors of development
I would address:
• SoftPhone: I would develop a ULPhone specific softphone, my reasoning for this
is that Zoiper, as helpful as it was throughout the project, is prone to bugs and errors.
My goal would be to create a very simple UI based softphone that connects directly
to the ULPhone PBX and only prompts the user for their username and password
and does not ask them for a host name with a specific SIP port, a process which
proved confusing for some of the user tests.
• Directory Improvement: I would also enhance the directory which is located on the
user dashboard. I would divide each user into their specific education faculty within
32
the university and give them access to all the faculties’ specific information,
lecturer emails, lecturer office hours etc.
• Docker: Once all the development improvements have been completed, I would
consider possible Docker integration for the whole system. I would like to see
ULPhone as an all in one service which would include the softphone, the Asterisk
based PBX and the web based front end. With the possible Docker Container file
integration, the all in one service could be distributed to system administrators and
the whole PBX, front end and softphone service could be rolled out by simply
running a few command line prompts and customizing specific configuration files
to match their companies need.
33
7. References
1. Amazon Web Services, Inc. (2015). AWS Free Tier. [online]
Available at: https://aws.amazon.com/free/
[Accessed 1 Dec. 2016].
2. Asterisk.org. (2017). Get Started. [online]
Available at: http://www.asterisk.org/get-started
[Accessed 2 Dec. 2016].
3. Digium, (2015). Build Communications Applications, Solutions and Products
with Asterisk. [online] Digium,com.
Available at: https://www.digium.com/sites/digium/files/who-is-digium-
asterisk.pdf
[Accessed 10 Nov. 2016].
4. festeban, (2015). Market Size for Hosted PBX Growing >20% and Reaching $12
Billion in 2018. [online] SkySwitch.
Available at: http://www.skyswitch.com/market-size-hosted-pbx-growing-20-
reaching-12-billion-2018/
[Accessed 2 Jan. 2016].
5. Microsoft, (2016). Firewalls. [online] Technet.microsoft.com.
Available at: https://technet.microsoft.com/en-us/library/cc700820.aspx
[Accessed 15 Dec. 2016].
6. Samgoma Technologies, (2010). Top 6 Reasons to Choose freePBX. [online]
freepbx.org.
Available at: https://www.freepbx.org/wp-content/uploads/2016/08/Infographic-
FreePBX-Phones-web.pdf
[Accessed 15 Nov. 2016].
7. SearchNetworking. (2017). What is PSTN (public switched telephone network)? -
Definition from WhatIs.com. [online]
Available at: http://searchnetworking.techtarget.com/definition/PSTN
[Accessed 2 Jan. 2017].
8. VOIP / Asterisk – Alfian’s Linux (2017) What is LIBPRI [online],
Available at Alvienuxs.wordpress.com.
[Accessed 2 Jan. 2017].
34
9. Amazon EC2 Key Pairs - Amazon Elastic Compute Cloud (2017) Key Pairs
[online],
Available at http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-
pairs.html
[Accessed Nov. 2016].
10. Jordan, M. (2016) Dialplan - Asterisk Project - Asterisk Project Wiki [online],
Wiki.asterisk.org,
Available at: https://wiki.asterisk.org/wiki/display/AST/Dialplan
[accessed 17 Jan 2017].
11. Wintermeyer, S. (2010) 2.1. Context [online], The-asterisk-book.com,
Available at: http://the-asterisk-book.com/1.6/der-context.html
[accessed 12 Nov 2016].
12. Rouse, M. (2005) What Is POSIX (Portable Operating System Interface)? -
Definition from Whatis.Com [online], SearchEnterpriseLinux,
Available at: http://searchenterpriselinux.techtarget.com/definition/POSIX
[accessed 28 Nov 2016].
13. Stallings, W. (2016) The Session Initiation Protocol - The Internet Protocol
Journal - Volume 6, Number 1 [online], Cisco,
Available at: http://www.cisco.com/c/en/us/about/press/internet-protocol-
journal/back-issues/table-contents-23/sip.html
[accessed 9 Dec 2016].
35
8. Bibliography
1. Meggelen, J., Madsen, L. and Smith, J. (2007). Asterisk. 1st ed. Sebastopol,
Calif.: O'Reilly.
2. Wintermeyer, S., Bosch, S. (2010) Practical Asterisk 1.4 And 1.6, 1st ed,
Addison-Wesley: Upper Saddle River, NJ.
3. Lewis. T.R. (2016) Building an Asterisk GUI in C# Proven Method.1st ed.
Create Space.
4. Gotrunk: Ultimate SIP Trunking Solution [online] (2017) [online], GoTrunk.
5. Amazon Web Services (AWS) - Cloud Computing Services [online] (2017)
[online], Amazon Web Services, Inc.
6. Meloni, J. (2012) Sams Teach Yourself PHP, Mysql And Apache All In One, 1st
ed, Sams Pub.: Indianapolis, Ind.
7. Business Phone Systems | Unified Communications | Digium [online] (2017)
[online], Digium.com.
36
9. Appendices
9.1 Appendix 1: User testing sheet
ULPHONE USER TESTING INSTRUCTIONS
Step 1. Download the Zoiper softphone application to your smartphone via the app store or google play
store.
Step 2. Visit http://35.160.192.57/ and fill out the registration form with your own unique credentials.
Upon successful registration, a confirmation email will be sent to the email address you registered.
Step 3. Log into ULPhone using the username and password entered during registration and make note of
your extension in the PBX which is located at the top of the page in the ‘Your Details’ section.
Step 4. Read carefully the ‘Set Up’ section which details how to connect your Zoiper softphone to the
PBX.
Step 5. Connect your softphone to the PBX using the instructions.
Step 6. Once connected successfully dial the test extension 6001 from the Zoiper dial pad. You can also
dial your own extension which you made note of to test you can receive calls.
Step 7. Dial a number on the PSTN by entering 9 + the number you want to dial. For example, an Irish
mobile would be reached by dialing 9353851234567
Questionnaire (Please circle the answers which applies)
Q1. Did you find the web based front end helpful?
YES NO
Q2. Did you find the softphone set up intuitive and user friendly?
YES NO
Q3. Were you successfully complete step 6 and 7?
YES NO
Please provide any feedback of your experience with ULPhone:
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
37
9.2 Appendix 2: Screenshots & Images
Figure 1: ast_sipfriends table.
Figure 2: Notification of successful registration in Asterisk CLI.
Figure 3: Information displayed when call is made.
38
Figure 4: Brute force attack.
Figure 5: SIP trunk breach.
39
Figure 6: EC2 free tier.
Figure 7: EC2 control console.
40
Figure 8: Front-end home page.
Figure 9: Home page on mobile 1. Figure 10: Home page on mobile 2.
41
Figure 11: User dashboard with directory and user credentials.
Figure 12: Set Up instructions page.
42
Figure 13: Initial breakdown of work.
Figure 14: GoTrunk admin portal.
43
Figure 15: Asterisk make menuselect.
Figure 16: Successful Asterisk install notification.