[asterisk-users] VPN between Asterisk server and phone client
Kai-Uwe Jensen
kujensen at gmail.com
Wed May 2 17:12:42 MST 2007
On 5/2/07, Salvatore Giudice <Salvatore.Giudice at voipsecuritytraining.com> wrote:
> If you run it on the fly, doesn't that mean that the Asterisk user will have
> permissions to configure VPN's? Nobody sees a problem with that? I thinking
> that if you knock over the Asterisk service and get shell execution rights
> as Asterisk, you could be able to start tunnels for things other than voice.
> It's like giving a hacker a great way to hide their activities from your IDS
> without having to bother to get root first to install an encrypted data
> pipe.
That's true, the asterisk user needs to be able to invoke the
"start_vpn" script or program. That does not mean that the asterisk
user will have to have superuser rights to configure VPNs. You could
make the start_vpn program setuid to a user that has those rights (and
in that case, you probably don't want start_vpn to be a script). Also,
openvpn typically starts "predefined" VPNs. To define a new one,
someone would have to have access to the file system.
When you say "knock over the Asterisk servoce and get shell execution
rights", how would that happen, exactly? I can think of DoS attacks
and other stuff, but am wondering how "knocking over Asterisk" will
give someone shell execution rights? As I said above, you would want
to make the function to start a VPN connection as safe as possible.
That would include NOT using scripts, and employing other verification
methods.
More information about the asterisk-users
mailing list