[asterisk-users] How to secure Configuration files
ABBAS SHAKEEL
shakeel.abbas.qau at gmail.com
Wed Jul 7 01:12:44 CDT 2010
Thanks to Gordon and Paul for kind help.
Actually we have a limitation to place the Asterisk server in client
premises if the server is in there premises then this means they have full
control over it.
harddisk encryption seems a good option but no automated boot is big issue
:(
Is there some thing possible like that ?
On Tue, Jul 6, 2010 at 5:21 PM, Gordon Henderson
<gordon+asterisk at drogon.net<gordon%2Basterisk at drogon.net>
> wrote:
> On Tue, 6 Jul 2010, ABBAS SHAKEEL wrote:
>
> > Hello Community,
> >
> > I have a question , I have been working with asterisk and developed some
> > successful applications. I am facing an issue of security i.e. We deploy
> > servers to client end. Now i dont want the client to see my configuration
> > files (Of course copy and distribute or replicate the logic with out
> > permission).
> >
> > Now the configuration files are stored in /etc/asterisk/* (Of course we
> can
> > specify a different location but at end we specify this in a
> configuration
> > file).
> >
> > Is there a way that the configuration files get encrypted or some thing
> else
> > so that some one who have system access can not copy the configuration
> files
> > data or look into that files.
>
> The simple answer is that you can't prevent anyone copying it if they have
> physical access.
>
> All you can do is make it hard.
>
> If you wanted to encrypt them, you'd need to alter asterisk.
>
> You could use something like trucrypt, or another whole disk encryption
> technology, but that'll require someone typing in a password at boot time
> making unattended reboots impossible.
>
> Another way which I have seen is to do away with the dialplan entirely and
> do it all in a single big compiled AGI C program. (Ok, you have minimal
> dialplan to pump everything into it, but...) and don't distribute the
> source to the C program...
>
> You need to work out just what it's worth to you if someone does copy it.
> Realistically, what's your target audience? Are your clients the sort of
> people likely to copy and and sell it on? For most businesses, I'd guess
> not.
>
> Gordon
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
> http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
--
Best Regards
Shakeel Abbas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20100707/2d1e1625/attachment.htm
More information about the asterisk-users
mailing list