Someone knows some app what can call to mobile phone like a webphone....
I found jssip or sip2sip but i can't put into operation.
This is for a telemarketers company
Unless you're benefiting from some first-time registration bonus, any call to a mobile phone will not come for free. In other words, you must seek to create some kind of account on an online VoIP service (e.g. Localphone, Skype, etc.), and top it up with some credit. In some cases, you may get away for free with the first couple of mobile phone calls, but not much past that.
After you're done setting up your account, you can plug the account's details (provider host, username, password) into either a free SIP mobile app (e.g. Blink, Zoiper, Bria, etc.) or even a SIP web app and starting using the credit you topped off the account with by dialing internationally, or locally for free.
Related
I've been working on a django Web app to manage some data for tenants. Things like their personal contact information, government ID, tenancy agreements etc (in other words, very gdpr sensitive info) as well as personally private information such as expense reports. All of this is displayed on the front end of the app as intended seeing as it's supposed to be a private tool for internal company use.
At the moment I run it at home on a local machine server so there is little risk involved however for my convenience I'd like to take the Web app live so I can access it while I'm out and about. The issue I'm having is that there really is no reason for anyone other than myself or business associates to use this app and therefore no reason for anyone else to connect to the domain.
I've considered making the landing page of the website a login page and locking all other views behind this with CSRF protection but even that is too close for comfort in my opinion as it would mean allowing external entities tor connect to the app. I'd much rather have a server which refuses any connection to the outside world straight away unless it is from me. In other words, a server which does not divulge any part of the app or database until login credentials have been correctly entered.
What I envision is that once you type in the domain and hit enter, the moment a connection is made, the server prompts you with an alert box asking for login credentials before any of the app or templates are loaded.
Is this even possible? I've never hosted any of my software online and do not want to fall into a nasty data breach situation by taking this live. At the same time it isn't ideal that the current system operates on the premise that I'm home all the time.
So basically i'm developing a piece of software that will allow user to call any number he wants right from the website. So i need some help in choosing the correct platform or semi cheap service to use. I guess i need a solution with open API because i want to make a db entry (want to record duration and date) for every call made from website.
I've started research and stumbled upon couple of open source solutions: Asterisk and FreeSWITCH. Trying them out right now, but i still have poor understanding of how SIP works. If it will be a softphone will the user have need to install it on their pc or there are server solutions
One possible solution that works with any SIP server is to use PJSUA Python bindings and to implement in Python a basic softphone. Thus your web application will be seen by the SIP server just as a regular soft phone and the server configuration is much easier.
I have a to write a program with Qt/C++ that is supposed to work with an awkward cryptographic platform based on CAPICOM/IE6 and a USB token holding the private key of digital signature. Users of system must follow these steps to login:
Install a fake root CA on their system
Install CAMICOM
Plug their token
Open Internet Explorer (and no, other browsers won't work), enter the URL, enter username and password, click on login.
I'm planning to remove CAPICOM (if possible) and make the system as cross-platform as possible. I can think of two scenarios:
Remove CAPICOM and make a replacement for it using modern cross-platform tools
Somehow make the Qt code to use CAPICOM and remove web browser's role.
Any help about how CAPICOM works (especially what exactly it is signing) and how to connect to USB token (ePass 3003) is helpful.
I am in the process of designing an application that users will be able to log on remotely and use - via a web interface.
Security is of paramount importance (think credit card and personal banking type information)- so I need to make sure that I get the security aspect nailed down - HARD.
I intend to provide the application functionality via traditional (stateful) web pages , as well as web services.
For what its worth, I am intending to use web2py as my web application framework.
Is there a list of guidelines I can follow to make sure that I have all areas covered?
One stop shopping: https://www.owasp.org/index.php/Main_Page
Read that and take every suggestion to heart.
you should consider at least the following:
authentication. getting users to log on in some manner. which authentication method they use depends on what you aim to provide
privacy. making sure the information they send is only visible to them and your application and not an eavesdropper.
in the simplest case SSL can take care of both of the above. it will always provide encryption but can also be used to authenticate or at least make some simple authentication mechanism more secure. one thing to look at is security of ssl. ssl is suceptible to a man in the middle attack particluarly when the users already have a trust relationship with, say, their employer - who can them proceed to install an ssl gateway which is effectively a mim.
authorisation. making sure users are only allowed to see what you want them to see and no more.
this really depends on technology you are using.
non reputidation. making sure the user cannot dispute the actions they perform
this is a very open ended question. legally this is seldom (never?) used so it depends... something like signed logs of user requested actions for example is probably enough.
Your biggest threat, by far, is writing server-side webapp code that introduces vulnerabilities in your web application layer. This is not something you can checklist. For a starter, make sure you are 100% comfortable with the items in the OWASP Top Ten and understand how to code safely against them. If you are not expert in web application vulnerabilities, strongly consider hiring someone who is to help review the web layer. At the least, i would consider contacting a security testing company to perform some form of penetration testing, preferably with a code review component.
If you ever do anything with credit card data, you will need to comply with the PCI DSS which will require at least quarterly remote-testing from an Approved Scanning Vendor.
My application is running in a domain. It's installed on each Windows PC in this domain. Customers can buy a domain license and register it once, on a server for example. Then domain users on other PCs don't have to register it again. In the case where there are lots of PCs in a domain, registering on each one is quite annoying.
Is it possible to implement the registration this way? The application is coded in C++ and running on Windows, what's the easiest way to implement it?
There's a related question to determine the AD domain. You'd want to do something similar, I think: get the domain, and check if that domain object holds your license information.
(AD is implemented on top of LDAP nowadays, and the Microsoft schema can be extended)