So, 6am this morning. The ProVu techies were up trying to get their hand’s on a RasperryPI.

This is a new mini computer which runs Linux. They are cheap at $35. We all really excited about the launch. We all have ideas of things we want to build with the device. The educational aspect that kids can have a computer cheap enough to just play with is fantastic.

This morning, the announcement was that they had decide to use RS and Farnell for distribution. These are both huge companies. Farnell’s turnover is £990 million.

We have an account with Farnell, so thought buying would be easy.

Unfortunately, I slept in until 6.03 by which time the websites of the both distributors had gone offline. Only now at 11:59 has the Farnell website been up enough to place a pre-order for the next batch.

It is all good.

IPv6 is becoming a big topic at the moment.

We expect IPv4 addresses to run out this year. This isn’t so bad as we expect ISPs will start selling addresses to each other which will even out supplies for a few years.

But the future is IPv6. At ProVu we have had our network IPv6 activated for about 5 years. This has given us lots of experience.

We are also pushing all of our suppliers to update us on their IPv6 status. Ideally, all phones would support IPv4 and IPv6 dual stacked at same time.

We’ll update you as time goes on.

In the meantime, you could test your IPv6 connectivity using http://test-ipv6.com/

Just recently we’ve learnt of several automated attacks on IP based phone systems.

This is the rough sequence of events when an attack occurs:

• The robot sends a sip invite to the target IP address on the standard SIP port 5060 UDP (I don’t know how it decides which addresses to attack in the first place).
• If it receives a SIP error response then it knows that it is dealing with a SIP agent. Beginning at 200 it repeatedly sends in SIP register invites using the extension number as the password. The two that I’ve seen tried all extensions between 200 and 9999.
• If there are any extensions with SIP passwords the same as the extension number then the robot will register with the PBX and make a very short call (just a couple of seconds) to test connectivity.
• If the call is successful the robot disconnects.
• It returns and re-registers on Friday evening at about 18:00 local time and then it starts as many calls as your PBX will allow, all to the same premium rate number. The two we’ve seen called numbers in Sierra Leon.

The scam is that the owners of the robot also own the premium rate line so they are effectively siphoning money from you to them.

The two cases that we’ve actually investigated both burnt about £4500 in the course of about 24 hours of constant calling. In both cases the user/owner of the PBX was running one or more extensions with passwords set to the same value as the extension number.

This is a pretty serious problem but it’s very easy to guard against provided you use passwords which are different to the extension number. Releases of SARK starting from V2.1.14 generate strong passwords for your extensions when you create them. You will also be OK if you use some secret password that isn’t the same as the extension number.

If you do have extensions with passwords the same as the extension then we would strongly recommend that you change them as soon as possible in order to survive any attacks you may receive.