Newbie here. Can someone teach me like im 6 years old?
How can I do my own hlr lookup without paying a companies?
I see some people send some company links who offer hlr lookup.Thats not what I'm looking for...
I made some research and couldn't find much about how can I build a hot lookup.
Any help would be great.
Hi sdaassadasdasd asdasdsad,
TL;DR you can't perform your own free HLR lookup against telephone numbers on the public telephone service (formally called the PSTN), which is why you can find online providers who provide it as a paid service. There is always a charge, even to the HLR lookup providers.
It also depends what do you want to achieve. A HLR Lookup will let you know if a mobile phone number is assigned to a subscriber of a mobile network operator (MNO), and which MNO it is assigned to.
HLR lookups don't provide location (aside from some rudimentary country-wide location based on the Mobile Switching Centre that the telephone handset is being controlled from). They also don't usually provide an IMSI if that's what you are looking for, because these days most MNOs will implement home-routing which gives a temporary IMSI matched on their router so that they can conceal the real IMSI (to avoid fraud).
So, if you do want to perform a HLR lookup to check if a mobile phone number is "real" and assigned to a subscriber on a public network then I'm presuming you want to send a HLR request to query an external MNO - i.e. a public telephone number, not a local one running on your own equipment.
To query an external MNO then you will need to send a request, usually over the SS7 network, to the mobile network operator who was originally assigned the telephone number you want to know about. Eventually, if you have done everything correctly and the MNO wants to respond, you receive a response back which gives you the details you need to then ascertain if the telephone number is assigned to a subscriber, and if the subscriber is active on the network or not.
To send the HLR request, without going through an online provider, you will need at least:
equipment that talks the SS7 protocol (specifically to include MAP requests because a HLR is a type of MAP request)
somewhere to host your equipment
an SS7 interconnection from an SS7 backbone provider
point codes allocated from the SS7 backbone provider
someone to setup program the equipment
your own telephone prefix range for the far-end MNO to be able to respond back to your original request. You may be able to lease someone else's telephone number range if you don't have your own.
Once everything is setup then there's an additional per MSU (message signalling unit) cost. You can think of an MSU a bit like an IP packet, you send "one" and you get a response. You are charged by the SS7 backbone provider for every MSU you send that transits their network, regardless of if you get a response back from the MNO you want the message forwarded to.
I'm happy to answer any other questions on it, but I can't think of a way you can perform your own HLR lookup without incurring charges somewhere along the line.
Related
One of our problems is that our outbound email server sucks sometimes. Users will trigger an email in our application, and the application can take on the order of 30 seconds to actually send it. Let's make it even worse and admit that we're not even doing this on a background thread, so the user is completely blocked during this time. SQL Server Database Mail has been proposed as a solution to this problem, since it basically implements a message queue and is physically closer and far more responsive than our third party email host. It's also admittedly really easy to implement for us, since it's just replacing one call to SmtpClient.Send with the execution of a stored procedure. Most of our application email contains PDFs, XLSs, and so forth, and I've seen the size of these attachments reach as high as 20MB.
Using Database Mail to handle all of our application email smells bad to me, but I'm having a hard time talking anyone out of it given the extremely low cost of implementation. Our production database server is way too powerful, so I'm not sure that it couldn't handle the load, either. Any ideas or safer alternatives?
All you have to do is run it through an SMTP server and if you're planning on sending large amounts of mail out then you'll have to not only load balance the servers (and DNS servers if you're planning on sending out 100K + mails at a time) but make sure your outbound Email servers have the proper A records registered in DNS to prevent bounce backs.
It's a cheap solution (minus the load balancer costs).
Yes, dual home the server for your internal lan and the internet and make sure it's an outbound only server. Start out with one SMTP server and if you get bottle necks right off the bat, look to see if it's memory, disk, network, or load related. If its load related then it may be time to look at load balancing. If it's memory related, throw more memory at it. If it's disk related throw a raid 0+1 array at it. If it's network related use a bigger pipe.
Many banks, airlines, etc. offer the possibility to receive text message notifications by entering your mobile number. Some other sites have you enter your mobile number and wireless carrier and send messages to your free per-provider email-to-mobile number. But some people definitely do it without asking for the provider. How is this accomplished? Are there commercial services that provide this functionality?
(if this doesn't belong on SO, feel free to migrate to another SE site)
Edit: I'm primarily concerned with mobile numbers in the US, but interested in answers for other countries as well.
Yep, providers of this service are called SMS gateways, good ones should be able to set you up with an API for bi-directional use
There are a few different ways this can happen. If you have access to cellular hardware, like Multitech's MTC-H5 cellular modem or their rCell 100 cellular gateway, you're sending SMS just like a cell phone does, so this bypasses the need to know the carrier of the phone number. If the program you're using can't directly access the hardware, you could try to use a program like ours, PageGate, to receiving alerting notifications from that program to interface with the hardware to deliver the SMS.
There are also message aggregators, companies who provide a web API that allows you to send SMS. You submit the phone number with message to their API, they handle the delivery. Examples of these companies would be Infobip and Clickatell or if you're looking for something for medical markets, you could try TigerText, or for emergency management, you could try Active911 or I Am Responding.
I am writing an application wherein its a requirements to restrict the number of logins a user can have from a single IP address (as a way to stop spam).
We can't use captcha for some reason!
The only 2 ways I could think of to make this work was to either store in the database, the number of requests coming in from each IP.
OR
To store a tracking cookie which has the information regarding the same.
Now, the downside of the first mode is that there would be too much of db traffic - the application is going to be used by a ton of people.
The downside of storing this info as a cookie is that users can clear them up ad start fresh again.
I need suggestions, if there could be a way wherein the high db traffic and the loose bond with cookie based tracking can be handled.
You're talking about "logins" and a web-application therefore you have some sort of a session persisted somwhere. When creating those sessions you need to keep track of the number of active sessions per IP and not allocate new sessions when that threshold is reached.
Without more specific information about your framework / environment, that's about the best answer anyone can provide.
Also be aware that this approach fails in numerous ways because of NAT (network address translation). For example, our office has exactly one public IP address for X hundred people. The internal network is on private IP space.
if you want to get the IP and store somewhere, you could use $_SERVER['REMOTE_ADDR'] to get the IP of the user, make a field like "ip" in your database and you make a query in your SQL to check if the IP was used.
There are also other ways of tracking, like Flash Cookie, people usually don't know the existance of it, so most people wouldn't know how to clear it.
Assuming I have one database keeping a simple history with multiple front ends talking to it (one front end per server), I wonder what are the common solutions to deal with time. As soon as I have multiple servers, I cannot assume a global consistent clock, and I was interested in the possible solutions to maintain some kind of ordering between requests.
For a concrete example, let's say I want to record histories of customers, where history is defined as time ordered set of records. The record table would be as simple as (customer_id, time, data), and history would be all the rows where customer_id == requested id. Each request sent by the user would contain one record sent to one customer. Ideally, the time should refer to the "actual" time the request was sent to the front end by the customer (as that's the time as seen from the user POV). To be exact, I only care about preserving the ordering between records for each customer, not about the absolute time.
I am aware of solutions such as vector clocks, etc... but that seems rather complex, and I would expect this to be a rather common issue ?
Solutions which are not acceptable in my case:
Changing the requests arriving at the front end: I unfortunately have to work under the constraint that the requests are passed as is. I have complete control of whatever communication protocol is needed between front ends and database, though.
Server time clocks are synchronized
All request which require being ordered to each other are handled by the same front end server
[EDIT]: the question may sound a bit like red-herring, so here is my rationale for asking it: while this is not my issue right now, I am interested in the possibility to go to a platform like Google App Engine, which explicitly says that their servers are not guaranteed to be time synchronized. The solution to that issue for request ordering does not sound obvious to me - but maybe something like vector clock is actually the only "good" solution ?
When you perform any action that records history data to the database you could record two sets of datetime info:
the datetime as set by the DB when the record was inserted
the datetime passed through with the data as a legitimate piece of metadata.
The former would give you a central view of the world if you ever needed it, and the latter would let you reconstruct datetime from customers perspective.
If you were ultra-keen you could also pass through the datetime from the users browser by filling some sort of parameter/field using JavaScript.
As soon as I have multiple servers, I
cannot assume a global consistent
clock
Well, you can configure servers to sync their clocks to a time server. You could also configure your database server to sync to a time server, and configure the other servers to sync to your database server as often as you need to. (I'm not saying that's a great idea, just saying it's possible. If you have access to all the servers.)
Anyway . . . so the front ends are the only pieces of software you have that actually know when a request arrives. Is that right?
If that's right, then it's the front ends job to record the time of the customer's request, possibly in UTC, and then forward that timestamp to the database.
If you can't synchronize the server's clocks, then I think your only hope is to have every front ends ask just one specific server--maybe your database server, but maybe not--what time it is when a customer request arrives. A front end can do that by asking for daytime on port 13 (DAYTIME protocol, RFC-867), asking for time on port 37 (TIME protocol, RFC-868), or asking a time server on port 123 (either NTP or SNTP protocol, RFC-1305 and RFC-2030).
But after reading your edit, I think what you want is impossible. You seem to be saying that
what the front ends send doesn't
contain enough information to
reconstruct the "true" ordering
what the front ends send cannot be
changed
If the front ends can't send you any other information, vector clocks and interval tree clocks won't help.
In my web project, I am storing mail addresses. These addresses may be used by the system to throw mails to the recipients. It is also important to say that these mail addresses have expiration time.
But the critical point is trustness: for this very service, people must be sure that the mail addresses wil not be given to somebody else (especially to authorities, for example).
To resume:
the system has to "know" the mail address.
the webmaster (or somebody else) has to be unable to find the true mail addresses.
By doing this, the webmaster will not be able to give information (even by force :)).
Intermediate solution: I already know how to do this as soon as the information has expired. E.g. The mail address is encrypted with gnupg (GPG / PGP algorithms). The system (or anybody) can decrypt if he/it has the password. But as soon as the mail address has expired, let's revoke the secret key :arrow: one cannot decrypt the mail address anymore.
But this raises a performance problem (to create the private key)...
Any help would be most appreciated !
What you're asking for is impossible. Even supposing you could devise a system whereby the system can send emails without being able to reveal them to an administrator (and you can't), an attacker could simply start a mail run and capture the outgoing emails and extract the addresses before they're sent.
If you want to 'expire' email addresses, you should simply delete the records, then (if you're paranoid), compact the database and erase the free space on the disk.