Since changing my website to be only available via TLS, I've noticed a dramatic decrease in page loads. Most of the missing hits seem to be ones I didn't want anyway, comment spammers and other wastes of electrons. So could TLS be a short-term solution to spam?

Caller ID doesn't always contain the best data, especially with mobile phones. To remedy that, it's nice to use Asterisk to re-write the Caller ID. Instead of maintaining a separate list, I chose to export my contact list from Gmail and import that.

TLS for SIP and RTP has long been on my hit list. I've been traveling a lot more for work recently, so secure mobile VoIP has gone up in priority.

Step 1, create an SSL certificate.

openssl req -out certreq.pem -new -nodes -keyout key.pem

(Optional) Step 1a, sign the SSL cert with your own CA. Otherwise, get it signed by a trusted CA.

Asterisk only supports certain formats for playing back audio, which can be a pain. Seems like every time I try to load a new mp3 for my music on hold, I run into the same errors and generally have a devil of a time finding the answer.

Just the other day, Spamhaus was subject to a DDoS attack from an ISP who got upset at being blacklisted. That's par for the course, but what's interesting is that the ISP used a DNS amplification to boost their DDoS capabilities. Lately at work we've been working on shutting down our open DNS proxies. Once upon a time, on the naive Internet, they were fine. But as evidenced by this latest attack, such is not the case any longer.

Shutting down the DNS servers we knew about was easy, of course. But what about the ones we didn't know of? Well that's where a handy port scanner comes into play. There are a number of DNS scanners out there but I found them all lacking in some regard. So I whipped up my own.