As I mentioned previously, I was down at the AstriCon conference a few weeks back where I spoke about VoIP security in general and how it applies to Asterisk in particular. At the end of my presentation, I did put forward some suggestions for where the Asterisk community could potentially focus to improve the product’s security. While I intend to put the slides and hopefully the recording online at some point soon, I thought I’d share with you all what I laid out as my suggestions:
- TLS-encrypted SIP – Of course, this needs SIP over TCP first…
- Secure RTP (SRTP) – There’s a patch that’s been around for quite some time, but it needs to be integrated into the main release. However, it’s not much good without the next item…
- SRTP Key Exchange – First an implementation of ‘sdescriptions” (although again that needs TLS-encrypted SIP) and then later DTLS or potentially ZRTP.
- Figure out the phone configuration mess – So that the web servers on the phones can be disabled. Auto-configuration is a start, but how secure are the config files?
- Identity – If we are to not be drowning in SPIT, one mechanism that seems pretty sure to factor in would be a way to assert the real identity of the sender. Leading candidate today appears to be RFC 4474 (SIP Identity).
- Watch out for the APIs and the apps – Always fun when a rolodex app can crash your phone system!
- Toll fraud – What specific tools are in Asterisk to prevent toll fraud? Can they be enhanced?
- Testing with tools – There are a ton of VoIP security tools out there. Can Asterisk be tested with those tools?
That was my list that I spoke about at AstriCon. Do you agree? Disagree? What would your list include?