[arm-allstar] IMPORTANT UPDATE - Supermon/Allmon2 security and feature update

Doug Crompton wa3dsp at gmail.com
Fri Feb 16 14:19:55 EST 2018


Bryan,

 There is nothing in the update that touches Asterisk. It is possible you
had an SD card failure on that node. If you want me to login and look at it
I would be glad to. Just need it online and your node number and login
password and of course that it is port forwarded.


*73 Doug*

*WA3DSP*

*http://www.crompton.com/hamradio <http://www.crompton.com/hamradio>*



On Fri, Feb 16, 2018 at 12:28 PM, "Bryan St Clair via arm-allstar" <
arm-allstar at hamvoip.org> wrote:

> Doug,
>
> I processed this update on 3 nodes and 2 worked without issue.
>
> One, however, has lost Asterisk.   After noticing it wasn't connecting I
> did a reboot and confirmed it wasn't running.  A manual start, restart
> (from admin and command line) all result in error: "asterisk: no process
> found"
>
> Any ideas?
>
> Bryan
>
>
> On Thu, Feb 15, 2018 at 3:19 PM, "Doug Crompton via arm-allstar" <
> arm-allstar at hamvoip.org> wrote:
>
> > There has been a major security update to BOTH Allmon2 and Supermon and
> in
> > addition BOTH programs have been updated to the latest versions. The
> > current and all past versions have serious security issues when running
> > either of these programs exposed to the Internet. Whether or not you run
> > theses programs outside of your local LAN ALL allmon2 or Supermon users
> > should update and use the new code as soon as possible.
> >
> > The standard hamvoip update - ADMIN menu item 1 - will update both of
> these
> > programs.
> >
> > All user password and ini files are preserved in these updates however
> > there are a couple of caveats.
> >
> > In Supermon the global.php file no longer exists. Users need to re-enter
> > their call, name, and location into the new global.inc file.
> >
> > The Allmon2,  allmon.ini.php and Supermon,  allmon.ini files BOTH REQUIRE
> > a  'menu=yes' in each stanza to display that stanza. Leaving that out or
> > making it 'menu=no' will turn off the display of that stanza. This is
> > different than Allmon2 outside of the hamvoip release and prior versions
> of
> > Supermon. We wanted to maintain compatibility between the two programs in
> > the hamvoip release.
> >
> > Allmon2 has been updated to the latest version with the exception that it
> > retains the old menu=yes|no and required yes to display as noted above.
> >
> > The Supermon code has been very much updated!!!  It is now Supermon 6.0+
> > There are MANY enhancements and changes.  The howto on the hamvoip.org
> web
> > page has been updated to reflect these enhancements and changes. It is
> > *very
> > important* for users to read the howto for all updated information. Here
> is
> > a direct link to the howto -
> >
> > https://hamvoip.org/supermon_howto.pdf
> >
> > When you load it be sure to refresh your bowser as it may be retaining an
> > old version.
> >
> > PLEASE NOTE that both Allmon2 and Supermon will not work properly with
> > Microsoft browsers. Firefox, Chrome, etc. work fine.
> >
> > Thanks to all who found and helped fix the security bug. Users should
> still
> > employ common sense when it comes to security. Use strong passwords and
> > only make pages available to the outside world when necessary.  A future
> > release will include user access control which will allow a sysop to
> > control access to specific functions on a user by user basis.
> >
> > I think you will like the new features that both of these programs offer!
> > Thanks to Paul, KN2R, Dave, KB4FXC, Tim, WD6AWP, for program updating and
> > Neil, M0NFI who pointed out the security issue.
> >
> >
> > *73 Doug*
> >
> > *WA3DSP*
> >
> > *http://www.crompton.com/hamradio <http://www.crompton.com/hamradio>*
> > _______________________________________________
> >
> > arm-allstar mailing list
> > arm-allstar at hamvoip.org
> > http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
> >
> > Visit the BBB and RPi2/3 web page - http://hamvoip.org
> >
>
>
>
> --
> Bryan
> K6CBR
> Allstar Base: 43918, 43991
> Allstar Mobile: 43913
> www.k6cbr.us
> QRZ <http://www.qrz.com/db/K6CBR>
> _______________________________________________
>
> arm-allstar mailing list
> arm-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3 web page - http://hamvoip.org
>


More information about the arm-allstar mailing list