Tuesday, December 4, 2007

SMS gateways

Providers

SMS gateway providers facilitate the SMS traffic between businesses and mobile subscribers, being mainly responsible for carrying mission-critical messages, SMS for enterprises, content delivery and entertainment services involving SMS, e.g. TV voting. Considering SMS messaging performance and cost, as well as the level of messaging services, SMS gateway providers can be classified as aggregators or SS7 providers.

The aggregator model is based on multiple agreements with mobile carriers to exchange 2-way SMS traffic into and out of the operator’s SMS platform (Short Message Service Centre – SMS-C). Aggregators lack direct access into the SS7 protocol, which is the network where the SMS messages are exchanged. These providers have no visibility and control over the message delivery, being unable to offer delivery guarantees. SMS messages are delivered in the operator’s SMS-C, not the subscriber’s handset.

Another type of SMS gateway provider is based on SS7 connectivity to route SMS messages. The advantage of this model is the ability to route data directly through SS7, which gives the provider total control and visibility of the complete path during the SMS routing. This means SMS messages can be sent directly to and from recipients without having to go through the SMS-Centres of other mobile operators. Therefore, it’s possible to avoid delays and message losses, offering full delivery guarantees of messages and optimised routing. This model is particularly efficient when used in mission-critical messaging and SMS used in corporate communications.

The University of Duisburg-Essen, in partnership with mobile messaging provider Tyntec, have developed the study for SMS messaging to enable the detailed monitoring of SMS transmissions to ensure a greater degree of reliability and a higher average speed of delivery.[1] The new parameters can be used by mobile network operators, third party SMS gateways and mobile network infrastructure software vendors to monitor the transmission of SMS messages and to detect network transmission problems quickly and accurately.

Landline phone

These services allow cellphone users to send SMS messages to landline phone numbers just as they would to other cellphones. With a representative service, Sprint's Text to Landline, after the customer has sent off the SMS message to the landline number, the recipient's phone rings with the caller ID of the Sprint customer's cellphone. When they pick up, an automated voice reads the text message and allows for a response via a voicemail or via one of a few canned text messages.

Several operators, including BT, Telefonica and Telecom Italia, have true fixed-wire SMS services. These are based on extensions to the ETSI GSM SMS standards and allow fixed-fixed, fixed-mobile and mobile-fixed messaging. These use Frequency-shift keying to transfer the message between the terminal and the SMSC. Terminals are usually DECT-based, but wired handsets and wired text-only (no voice) devices exist. Messages are received by the terminal recognising that the CLI is that of the SMSC and going off-hook silently to receive the message.

When messages are addressed to a device that lacks the ability to receive SMS, then a text-to-speech gateway is employed. The translated message is then either stored in the subscriber's voice mail-box, or the system places a call direct to the end-point and plays the message.

IP SMS Gateways

For high volume SMS traffic IP SMS gateways can be used. These gateways connect directly to the Short Message Service Center (SMSC) of the SMS service providers using one of the following protocols: SMPP, UCP/EMI, CIMD2. Most IP SMS gateways provide various API's that allow software developers to send and receive huge number of messages. An example of an IP SMS gateway is the Ozeki IP SMS Gateway. It is a classic example of a routable SMS gateway, which means it allows connection to multiple SMSC's at the same time and it has a routing table that can be configured for load balancing, least cost routing, etc. Most SMS to E-mail, and Web service to SMS gateways have a similar architecture.?

Home automation systems

Some Home Automation systems have the ability to accept SMS messages from the users' mobile phones to control lighting and other appliances. The system may send an SMS confirmation when the requested action has been performed

Mobile 'hub' to SMS

Some products exist which allow messages to be sent via pre-installed software (via a PC or laptop) and an attached GSM device.This plug-and-play software was recently used to great effect as a monitoring tool during the Nigerian elections,[2] and also won the WSIS "ICT Success Story of the Month" for April 2007.[3]

Webmin Installation

Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on.

Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd. The web server and all CGI programs are written in Perl version 5, and use no non-standard Perl modules.

Installing Webmin in Debian

#apt-get install webmin webmin-core

After the installation If you want to access webmin from any machine in your network edit the /etc/webmin/ miniserv.conf file change the “allow” option

allow=127.0.0.1 to allow=0.0.0.0

If you want to restrict webmin for only your network you can do in this allow option

Once you change this and save your file and restart the webmin using following command

#/etc/init.d/webmin restart

Go to your browser and type:- https://ipaddress:10000 and you can login using the debian linux root as username and password for root.

If you ou need any webmin modules for your applications you can download from here

Update Webmin online from your machine

Click on Webmin Configuration under webmin tab from here click on Upgrade Webmin and select the Latest version from www.webmin.com option now click on upgrade webmin button this will start the webmin upgrade from webmin site

Downloading http://www.webmin.com/download/webmin-1.290.tar.gz ..
Downloading http://easynews.dl.sourceforge.net/sourceforge/webadmin/webmin-1.290.tar.gz (10324511 bytes) ..
Received 1024 bytes (0 %)
Received 1033216 bytes (10 %)
Received 2065408 bytes (20 %)
Received 3097600 bytes (30 %)
Received 4130816 bytes (40 %)
Received 5163008 bytes (50 %)
Received 6195200 bytes (60 %)
Received 7227392 bytes (70 %)
Received 8260608 bytes (80 %)
Received 9292800 bytes (90 %)
Received 10324511 bytes (100 %)
.. Download complete.
No package signature verification done.

Running setup.sh script to upgrade Webmin .. Please wait a minute until it is complete before continuing.

Other available options

From local file
From uploaded file
From ftp or http URL

Installing Webmin from latest .deb package

You can download latest .deb from here

#wget http://prdownloads.sourceforge.net/webadmin/webmin_1.290.deb

#dpkg --install webmin_1.290_all.deb

the install will be done automatically to /usr/share/webmin, the administration username set to root and the password to your current root password. You should now be able to login to Webmin at the URL http://localhost:10000/

Installing Webmin in Ubuntu

You can use the above procedure but if you want to install latest version you can download from webmin site download section

Prerequisites

Perl 5 interpreter and libnet-ssleay-perl

#apt-get install perl5 libnet-ssleay-perl

Now you need to download the latest webmin from the above downloadlink

Download ‘webmin-1.290.tar.gz’ (at the time of writing) to some location in your machine ex:- /usr/local/src

#wget http://prdownloads.sourceforge.net/webadmin/webmin-1.290.tar.gz

#cd /usr/local/src

#tar xzvf webmin-1.290.tar.gz

#cd webmin-1.290

#sh setup.sh

This will start the installation and now it will prompt for several questions answer them as follows

Config file directory [/etc/webmin]:
Leave as default, or change as you wish

Log file directory [/var/webmin]:
Leave as default, or change as you wish

Full path to perl (default /usr/bin/perl):
Leave as default, or change as you wish

Operating system:
Enter ‘6′

Version:
Enter ‘6′

Web server port (default 10000):

This is where you can start to make webmin more secure then the standard install you get with apt-get, Synaptic, or RPM. Leave as default or change it to what ever port you want.

Login name (default admin):

It is ‘admin’, so you can leave it as that, or put in any name that you like.

Login password:

By creating the user above and giving it a password, you have now made it so you will not need to log into webmin with root.

Password again:

enter your password again

If you did not install ‘libnet-ssleay-perl’ you will get the following message:

‘The Perl SSLeay library is not installed. SSL not available.’ You can continue with the install, but it would be more secure if you install sslrelay.

Use SSL (y/n):y

Choose yes here

Start Webmin at boot time (y/n):y

select here y

At this point it is going to configure things, install things, and create things…

It will then tell you that you can log in to https://hostname:10000 and to accept the certificate.

Webmin User Password Change

If you want to change root password in webmin use this included Perl script:

# /usr/share/webmin/changepass.pl /etc/webmin root

If you want to install any standard modules you can download from here

If you want to install third party modules you can download from here

How To Install VPN Software

Information Resources is pleased to offer Virtual Private Network (VPN) access to all students, faculty, and staff at UTD. Our VPN service is based on Cisco products and consists of hardware servers on our network connecting to software clients installed on individual computers. The results are secure, encrypted communications between client computers and the UTD network. Only the IR-provided Cisco VPN clients are supported at this time.

In order to use the VPN service, you must first download an appropriate VPN client from IR's secure website. IR also provides "profiles" which contain all of the necessary information to connect the client to our server. After installing the client and importing the proper profile, the VPN client will be able to connect to the server and you will be prompted to authenticate to the UTD network using your NETID and password. This will allow a secure VPN tunnel to be established after which your connection is secure and you will be effectively a part of the UTD network.

There are two main profiles being provided initially, one for Remote Users coming from off-campus via dialup, cable modem, or DSL, and one for on-campus wireless users. The two profiles are not interchangable and will not work except in the stated respective environments.

Please note: in order to connect to the University Library Database you must not use VPN. A regular connection is all that is needed in order to access the library’s resource.

Step-by-Step Installation Procedure

Connecting

• Using an Internet Browser (e.g., Netscape, Internet Explorer), go to UTD's VPN Download Site.
• If prompted for certificate acceptance, continue to click "Next" and finally "Finish" until you reach the login page.
• If you receive an error or "Document contains no data" message, click on the link again - you should now get the "VPN Registration and Downloads" page.

Authenticating

• Log in to the system using your NETID (UNIX username/password).
• Read the service agreement, and click "I accept" to continue.
• If you receive an error, click "LOGOUT" and repeat the previous two steps.

Downloading

• Download the appropriate Client for your machine/OS. NB: Windows (XP/2000/98/95) clients proceed to INSTALLING from here.
• Download the appropriate Profile for user usage:
• UTD-ISP for remote user/off-Campus access;
• UTD-Wireless for on-Campus wireless access.
• Download any desired Documentation for installation.
• Click "LOGOUT" after all downloads are completed.

Unix Security

This document shows system administrators how to better secure their UNIX systems. There are no guarantees of its completeness. In addition, the author takes no responsibility if a person misuses this information. There are many versions of Unix. This paper gives examples for HP-UX.

Often the subject of internal security is overlooked. However, often it is fairly easy for someone to get access to systems they are not supposed to have access by simply walking up to a valid users desk. This can be the cleaning staff or a disgruntled (ex)employee making a visit. This is the easiest type of security to implement and should definitely be included in any security plan.

  • Console security

    Machines and consoles need to be secure. A person can simply turn off a computer if one has access to it. If they have access to the console, they can often interrupt the boot process to get access to the root prompt. If this doesn't work, they can keep guessing the root password in hopes of compromising the system.

    For these reasons (and more), the computers and associated consoles should be kept in a secure room. A limited number of people should have access to this room, of course with a limited number of keys. Some places actually have security guards let people into the computer rooms for guaranteed secure access.

    If your data is sensitive, be certain to verify that there are no alternative methods for getting into the room. This includes hidden spare keys in an unsecured place, gaps in the raised floors that go past the locked access point, and space above the ceilings.

  • Data Security

    Companies that value their data need a detailed backup recovery scheme. This includes on site backups for least amount of down time, a copy of this data off site in case of computer room disasters, as well as contingency plans in place. Unfortunately, an easy way to get access to a companies data is to gain access to backup tapes and sensitive printouts. Hence, all sensitive information should be stored in locked cabinets. Backup tapes sent off site should be in locked containers. Old sensitive printouts and tapes should be destroyed.

    To protect against computer damage from power outages (and spikes), be certain to have your computers on a UPS. This provides consistent power, protects against outages, as well as protects the computer from power spikes. Ideally, there should be a backup generator for production systems. For non-production systems, there should be a automatic way to shutdown the computer if the power has switched to the UPS for more than 1/2 the time the UPS is rated to supply.

    To prevent snooping, secure network cables from exposure.

  • Users practice secure measures

    Always have users lock their screen when away from their desk. It is best if they log off of their terminal/workstation at night. There should be no written passwords or password hints on a users desk. If users are using X, verify that they are using xauth/xhost to prevent others from reading their screen.

Vista piracy rate is half that of XP

Posted by Ina Fried

Microsoft said Monday that it's seeing piracy rates for Windows Vista that are half those of Windows XP.

Now cynical me wanted to write this up as "even pirates prefer XP two to one over Vista," but that wouldn't be fair. In reality, the decline in piracy rates is largely due to the fact that Vista is much tougher to fake than XP.

"Piracy rates are lower because it's harder," Microsoft Vice President Mike Sievert said in an interview Monday.

There are a variety of reasons for that, including the fact that businesses no longer have volume license keys that can be used to activate an unlimited number of machines. Another is the fact that Vista machines that aren't properly activated pretty quickly become basically unusable once they enter "reduced functionality mode."

For Microsoft, the gains have been significant. In its last earnings call, Microsoft said that five percentage points of Windows growth could be attributed to gains in piracy.

Interestingly, though, Microsoft makes the experience a little less harsh for those running pirated versions of Vista. With Service Pack 1, Microsoft is doing away with reduced functionality mode in favor of putting prominent notifications on systems that are not found to be genuine.

Non-genuine systems with SP1 will display a warning at start-up that the system is not properly activated. Users will have the option to "activate now" or "activate later," though the second option won't show up for a time. Users will also have their desktop background changed to white and a prominent notification placed in the lower right hand corner saying that the machine is not genuine.

Still, in a significant change, those with non-genuine or non-activated copies of Vista will still be able to use their systems. Sievert said the change is designed to minimize the impact on customers who might unwittingly have gotten an illegitimate copy of Vista while still discouraging piracy.

"People won't want this experience," he said. "At the same time it will be broadly interpreted as being more fair."

Still, I wonder if the move won't cause Vista piracy rates to trend back up. I would think there are people who will deal with a copy of Vista they don't pay for but that has a big ugly notification on it. With the current Vista, they don't even have that option.

Also with SP1, Microsoft is closing two key loopholes that pirates have used to evade Microsoft's security measures. One involves mimicking the process used by large computer makers to preactivate their Vista machines, while the other extends the grace period that customers have to activate their machine, in some cases extending it for decades. It's not the first time that Microsoft has moved to close holes in its activation process. A year ago, the company changed Vista to disable a hack known as "Frankenbuild" that merged elements of the final Vista with a prerelease version.