Skip to content
Snippets Groups Projects
SECURITY 2.53 KiB
Newer Older
  • Learn to ignore specific revisions
  • Mark Spencer's avatar
    Mark Spencer committed
    ==== Security Notes with Asterisk ====
    
    PLEASE READ THE FOLLOWING IMPORTANT SECURITY RELATED INFORMATION.  
    IMPROPER CONFIGURATION OF ASTERISK COULD ALLOW UNAUTHORIZED USE OF YOUR
    FACILITIES, POTENTIALLY INCURRING SUBSTANTIAL CHARGES.
    
    
    Asterisk security involves both network security (encryption, authentication)
    as well as dialplan security (authorization - who can access services in 
    your pbx). If you are setting up Asterisk in production use, please make
    sure you understand the issues involved.
    
    * NETWORK SECURITY
    
    If you install Asterisk and use the "make samples" command to install
    a demonstration configuration, Asterisk will open a few ports for accepting
    VoIP calls. Check the channel configuration files for the ports and IP addresses.
    
    If you enable the manager interface in manager.conf, please make sure that
    you access manager in a safe environment or protect it with SSH or other
    VPN solutions.
    
    For all TCP/IP connections in Asterisk, you can set ACL lists that
    will permit or deny network access to Asterisk services. Please check
    the "permit" and "deny" configuration options in manager.conf and
    the VoIP channel configurations - i.e. sip.conf and iax.conf.
    
    The IAX2 protocol supports strong RSA key authentication as well as
    AES encryption of voice and signalling. The SIP channel does not
    support encryption in this version of Asterisk.
    
    * DIALPLAN SECURITY
    
    
    Mark Spencer's avatar
    Mark Spencer committed
    First and foremost remember this:
    
    USE THE EXTENSION CONTEXTS TO ISOLATE OUTGOING OR TOLL SERVICES FROM ANY
    INCOMING CONNECTIONS.
    
    You should consider that if any channel, incoming line, etc can enter an
    extension context that it has the capability of accessing any extension
    within that context. 
    
    Therefore, you should NOT allow access to outgoing or toll services in
    contexts that are accessible (especially without a password) from incoming
    channels, be they IAX channels, FX or other trunks, or even untrusted
    stations within you network.  In particular, never ever put outgoing toll
    services in the "default" context.  To make things easier, you can include
    the "default" context within other private contexts by using:
    
    	include => default
    
    in the appropriate section.  A well designed PBX might look like this:
    
    [longdistance]
    
    exten => _91NXXNXXXXXX,1,Dial(Zap/g2/${EXTEN:1})
    
    Mark Spencer's avatar
    Mark Spencer committed
    include => local
    
    [local]
    
    exten => _9NXXNXXX,1,Dial(Zap/g2/${EXTEN:1})
    
    Mark Spencer's avatar
    Mark Spencer committed
    include => default
    
    [default]
    
    Mark Spencer's avatar
    Mark Spencer committed
    DON'T FORGET TO TAKE THE DEMO CONTEXT OUT OF YOUR DEFAULT CONTEXT.  There
    isn't really a security reason, it just will keep people from wanting to 
    
    play with your Asterisk setup remotely.