mirror of https://github.com/asterisk/asterisk
81 lines
2.9 KiB
81 lines
2.9 KiB
\subsection{Introduction}
|
|
|
|
PLEASE READ THE FOLLOWING IMPORTANT SECURITY RELATED INFORMATION.
|
|
IMPROPER CONFIGURATION OF ASTERISK COULD ALLOW UNAUTHORIZED USE OF YOUR
|
|
FACILITIES, POTENTIALLY INCURRING SUBSTANTIAL CHARGES.
|
|
|
|
Asterisk security involves both network security (encryption, authentication)
|
|
as well as dialplan security (authorization - who can access services in
|
|
your pbx). If you are setting up Asterisk in production use, please make
|
|
sure you understand the issues involved.
|
|
|
|
\subsection{Network Security}
|
|
|
|
If you install Asterisk and use the "make samples" command to install
|
|
a demonstration configuration, Asterisk will open a few ports for accepting
|
|
VoIP calls. Check the channel configuration files for the ports and IP addresses.
|
|
|
|
If you enable the manager interface in manager.conf, please make sure that
|
|
you access manager in a safe environment or protect it with SSH or other
|
|
VPN solutions.
|
|
|
|
For all TCP/IP connections in Asterisk, you can set ACL lists that
|
|
will permit or deny network access to Asterisk services. Please check
|
|
the "permit" and "deny" configuration options in manager.conf and
|
|
the VoIP channel configurations - i.e. sip.conf and iax.conf.
|
|
|
|
The IAX2 protocol supports strong RSA key authentication as well as
|
|
AES encryption of voice and signalling. The SIP channel does not
|
|
support encryption in this version of Asterisk.
|
|
|
|
\subsection{Dialplan Security}
|
|
|
|
First and foremost remember this:
|
|
|
|
USE THE EXTENSION CONTEXTS TO ISOLATE OUTGOING OR TOLL SERVICES FROM ANY
|
|
INCOMING CONNECTIONS.
|
|
|
|
You should consider that if any channel, incoming line, etc can enter an
|
|
extension context that it has the capability of accessing any extension
|
|
within that context.
|
|
|
|
Therefore, you should NOT allow access to outgoing or toll services in
|
|
contexts that are accessible (especially without a password) from incoming
|
|
channels, be they IAX channels, FX or other trunks, or even untrusted
|
|
stations within you network. In particular, never ever put outgoing toll
|
|
services in the "default" context. To make things easier, you can include
|
|
the "default" context within other private contexts by using:
|
|
|
|
\begin{astlisting}
|
|
\begin{verbatim}
|
|
include => default
|
|
\end{verbatim}
|
|
\end{astlisting}
|
|
|
|
in the appropriate section. A well designed PBX might look like this:
|
|
|
|
\begin{astlisting}
|
|
\begin{verbatim}
|
|
[longdistance]
|
|
exten => _91NXXNXXXXXX,1,Dial(Zap/g2/${EXTEN:1})
|
|
include => local
|
|
|
|
[local]
|
|
exten => _9NXXNXXX,1,Dial(Zap/g2/${EXTEN:1})
|
|
include => default
|
|
|
|
[default]
|
|
exten => 6123,Dial(Zap/1)
|
|
\end{verbatim}
|
|
\end{astlisting}
|
|
|
|
DON'T FORGET TO TAKE THE DEMO CONTEXT OUT OF YOUR DEFAULT CONTEXT. There
|
|
isn't really a security reason, it just will keep people from wanting to
|
|
play with your Asterisk setup remotely.
|
|
|
|
\subsection{Log Security}
|
|
|
|
Please note that the Asterisk log files, as well as information printed to the
|
|
Asterisk CLI, may contain sensitive information such as passwords and call
|
|
history. Keep this in mind when providing access to these resources.
|