VoIP Mailing List Archives
Mailing list archives for the VoIP community |
|
View previous topic :: View next topic |
Author |
Message |
Prometheus001 at gmx.net Guest
|
|
Back to top |
|
|
hads at nice.net.nz Guest
|
|
Back to top |
|
|
leon at scarlet-intern... Guest
|
|
Back to top |
|
|
Prometheus001 at gmx.net Guest
|
|
Back to top |
|
|
brian at freeswitch.org Guest
|
Posted: Mon Oct 20, 2008 10:44 am Post subject: [Freeswitch-users] Passwords in clear text |
|
|
Honestly is that much of an issue? Your machine should be secure
enough to not allow anyone but the user FreeSWITCH is running as read
the configs in the first place. I'm not even that paranoid
/b
On Oct 20, 2008, at 9:09 AM, Peter P GMX wrote:
Quote: | Thanks,
I got it for the directory password (a1-hash).
But what about the voicemail-password and the passwords stored for
external gateways?
Best regards
Peter
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
Prometheus001 at gmx.net Guest
|
Posted: Mon Oct 20, 2008 1:43 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
Hello Brian,
i have learned im my life that any server can be compromized if anyone
uses enough effort to hack it. Thus I simply try to prevent storing
passwords in clear text.
I am actually trying to setup a secure system with TLS/SRTP and handling
clear text passwords didn't really fit into this concept.
Best regards
Peter
Brian West schrieb:
Quote: | Honestly is that much of an issue? Your machine should be secure
enough to not allow anyone but the user FreeSWITCH is running as read
the configs in the first place. I'm not even that paranoid
/b
On Oct 20, 2008, at 9:09 AM, Peter P GMX wrote:
Quote: | Thanks,
I got it for the directory password (a1-hash).
But what about the voicemail-password and the passwords stored for
external gateways?
Best regards
Peter
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
Prometheus001 at gmx.net Guest
|
Posted: Mon Oct 20, 2008 4:55 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
I think we can agree that the more passwords are available in clear text
the more problems we will have if a system is compromized. Therefore
it's common practise to not store passwords in clear text. In our case
we use xml-curl to store the directory data in a database for a
distributed freeswitch network. I simply try to avoid having a database
with clear text passwords. VM-Passwords may not be a bigger problem, but
gateway passwords and conference pins are.
One way is of course to encrypt the passwords with e.g. OpenSSL/RSA,
store it the database and decrypt it on the fly when it is needed. This
moves the security implementation to the application side with some
backdraws, as passwords can be retrieved with the decryption key and
passwords are transferred through the network (of course via SSL) and
the passwords are in the logs. This is how we do it for the time being.
Another idea, as I propose, is not to store the passwords but hashes.
To be honest: I do not understand this discussion. It would be wise to
store passwords in an encrypted way. I have seen compromized servers on
the client's side in the last years and security threats will even
increase in the future. The more we protect our sensible data the safer
the system will be for the future. There is a growing number of
companies in Germany (even the very big ones as Deutsche Telecom) who
recently had to tell their customers that a huge amount of sensible data
was lost.
I am not asking for doing it right now, but I would love to have it
somehow on the roadmap for the future.
Best regards
Peter
Kristian Kielhofner schrieb:
Quote: | On 10/20/08, Peter P GMX <Prometheus001@gmx.net> wrote:
Quote: | Hello Brian,
i have learned im my life that any server can be compromized if anyone
uses enough effort to hack it. Thus I simply try to prevent storing
passwords in clear text.
I am actually trying to setup a secure system with TLS/SRTP and handling
clear text passwords didn't really fit into this concept.
Best regards
Peter
|
If your server is compromised and they can read your config files they
can read the file store, db, etc and have access to everything (VM?)
that pin would have access to.
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
kkielhofner at star2st... Guest
|
|
Back to top |
|
|
anthony.minessale at g... Guest
|
Posted: Mon Oct 20, 2008 6:28 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
if you want to test latest trunk i added code that *should* let you auth the vm using the same
a1-hash also we added an "md5" api command to mod_commands so you can use it in your own apps.
${md5(some data)}
On Mon, Oct 20, 2008 at 4:43 PM, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | I think we can agree that the more passwords are available in clear text
the more problems we will have if a system is compromized. Therefore
it's common practise to not store passwords in clear text. In our case
we use xml-curl to store the directory data in a database for a
distributed freeswitch network. I simply try to avoid having a database
with clear text passwords. VM-Passwords may not be a bigger problem, but
gateway passwords and conference pins are.
One way is of course to encrypt the passwords with e.g. OpenSSL/RSA,
store it the database and decrypt it on the fly when it is needed. This
moves the security implementation to the application side with some
backdraws, as passwords can be retrieved with the decryption key and
passwords are transferred through the network (of course via SSL) and
the passwords are in the logs. This is how we do it for the time being.
Another idea, as I propose, is not to store the passwords but hashes.
To be honest: I do not understand this discussion. It would be wise to
store passwords in an encrypted way. I have seen compromized servers on
the client's side in the last years and security threats will even
increase in the future. The more we protect our sensible data the safer
the system will be for the future. There is a growing number of
companies in Germany (even the very big ones as Deutsche Telecom) who
recently had to tell their customers that a huge amount of sensible data
was lost.
I am not asking for doing it right now, but I would love to have it
somehow on the roadmap for the future.
Best regards
Peter
Kristian Kielhofner schrieb:
Quote: | On 10/20/08, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | Hello Brian,
i have learned im my life that any server can be compromized if anyone
uses enough effort to hack it. Thus I simply try to prevent storing
passwords in clear text.
I am actually trying to setup a secure system with TLS/SRTP and handling
clear text passwords didn't really fit into this concept.
Best regards
Peter
|
If your server is compromised and they can read your config files they
can read the file store, db, etc and have access to everything (VM?)
that pin would have access to.
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400 |
|
Back to top |
|
|
mike at jerris.com Guest
|
Posted: Mon Oct 20, 2008 6:51 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
just added vm-a1-hash as well that you can use to override the
standard a1 hash for voicemail use only.
Mike
On Oct 20, 2008, at 7:27 PM, Anthony Minessale wrote:
Quote: | if you want to test latest trunk i added code that *should* let you
auth the vm using the same
a1-hash also we added an "md5" api command to mod_commands so you
can use it in your own apps.
${md5(some data)}
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
mitch.capper at gmail.com Guest
|
Posted: Mon Oct 20, 2008 6:57 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
Certainly offering support for hashed passwords has benefits and as you mentioned can be done using something other than the flat file XML directory format and decoding on the fly. I think one reason it hasn't been looked at as a major issue yet is voicemail and conference passwords are generally only numbers so they can be dialed over a phone, even an 8 digit password is 10^8 combination which is not a whole lot of hashes to brute force, so compromising even one way passwords would not be a major feat. It may deter a compromised machine from giving up its secrets but it certainly is a very narrow frame of protection.
~Mitch
On Mon, Oct 20, 2008 at 5:43 PM, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | I think we can agree that the more passwords are available in clear text
the more problems we will have if a system is compromized. Therefore
it's common practise to not store passwords in clear text. In our case
we use xml-curl to store the directory data in a database for a
distributed freeswitch network. I simply try to avoid having a database
with clear text passwords. VM-Passwords may not be a bigger problem, but
gateway passwords and conference pins are.
One way is of course to encrypt the passwords with e.g. OpenSSL/RSA,
store it the database and decrypt it on the fly when it is needed. This
moves the security implementation to the application side with some
backdraws, as passwords can be retrieved with the decryption key and
passwords are transferred through the network (of course via SSL) and
the passwords are in the logs. This is how we do it for the time being.
Another idea, as I propose, is not to store the passwords but hashes.
To be honest: I do not understand this discussion. It would be wise to
store passwords in an encrypted way. I have seen compromized servers on
the client's side in the last years and security threats will even
increase in the future. The more we protect our sensible data the safer
the system will be for the future. There is a growing number of
companies in Germany (even the very big ones as Deutsche Telecom) who
recently had to tell their customers that a huge amount of sensible data
was lost.
I am not asking for doing it right now, but I would love to have it
somehow on the roadmap for the future.
Best regards
Peter
Kristian Kielhofner schrieb:
Quote: | On 10/20/08, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | Hello Brian,
i have learned im my life that any server can be compromized if anyone
uses enough effort to hack it. Thus I simply try to prevent storing
passwords in clear text.
I am actually trying to setup a secure system with TLS/SRTP and handling
clear text passwords didn't really fit into this concept.
Best regards
Peter
|
If your server is compromised and they can read your config files they
can read the file store, db, etc and have access to everything (VM?)
that pin would have access to.
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
|
|
Back to top |
|
|
anthony.minessale at g... Guest
|
Posted: Mon Oct 20, 2008 7:23 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
especially if you are not using srtp and you can just sniff the dtmf =D
On Mon, Oct 20, 2008 at 6:29 PM, Mitch Capper <mitch.capper@gmail.com (mitch.capper@gmail.com)> wrote:
Quote: | Certainly offering support for hashed passwords has benefits and as you mentioned can be done using something other than the flat file XML directory format and decoding on the fly. I think one reason it hasn't been looked at as a major issue yet is voicemail and conference passwords are generally only numbers so they can be dialed over a phone, even an 8 digit password is 10^8 combination which is not a whole lot of hashes to brute force, so compromising even one way passwords would not be a major feat. It may deter a compromised machine from giving up its secrets but it certainly is a very narrow frame of protection.
~Mitch
On Mon, Oct 20, 2008 at 5:43 PM, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | I think we can agree that the more passwords are available in clear text
the more problems we will have if a system is compromized. Therefore
it's common practise to not store passwords in clear text. In our case
we use xml-curl to store the directory data in a database for a
distributed freeswitch network. I simply try to avoid having a database
with clear text passwords. VM-Passwords may not be a bigger problem, but
gateway passwords and conference pins are.
One way is of course to encrypt the passwords with e.g. OpenSSL/RSA,
store it the database and decrypt it on the fly when it is needed. This
moves the security implementation to the application side with some
backdraws, as passwords can be retrieved with the decryption key and
passwords are transferred through the network (of course via SSL) and
the passwords are in the logs. This is how we do it for the time being.
Another idea, as I propose, is not to store the passwords but hashes.
To be honest: I do not understand this discussion. It would be wise to
store passwords in an encrypted way. I have seen compromized servers on
the client's side in the last years and security threats will even
increase in the future. The more we protect our sensible data the safer
the system will be for the future. There is a growing number of
companies in Germany (even the very big ones as Deutsche Telecom) who
recently had to tell their customers that a huge amount of sensible data
was lost.
I am not asking for doing it right now, but I would love to have it
somehow on the roadmap for the future.
Best regards
Peter
Kristian Kielhofner schrieb:
Quote: | On 10/20/08, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
Quote: | Hello Brian,
i have learned im my life that any server can be compromized if anyone
uses enough effort to hack it. Thus I simply try to prevent storing
passwords in clear text.
I am actually trying to setup a secure system with TLS/SRTP and handling
clear text passwords didn't really fit into this concept.
Best regards
Peter
|
If your server is compromised and they can read your config files they
can read the file store, db, etc and have access to everything (VM?)
that pin would have access to.
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org (Freeswitch-users@lists.freeswitch.org)
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400 |
|
Back to top |
|
|
Prometheus001 at gmx.net Guest
|
Posted: Tue Oct 21, 2008 4:14 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
Thanks for your support for the vm-passwords.
The most important part for us however is having hashed passwords for
external gateway definitions (we have a lot) and securing pins for
conferences.
Do we have a chance to add this also?
In our environment DTMF is of course transported via SRTP so this is
more secure (although the key exchange by SDES is known to have security
issues, as rtp streams may be replayed by a 3rd party, there is no
replay prevention mechanism in SDES and therefore also not in
freeswitch, hein?).
Best regards
Peter
Michael Jerris schrieb:
Quote: | just added vm-a1-hash as well that you can use to override the
standard a1 hash for voicemail use only.
Mike
On Oct 20, 2008, at 7:27 PM, Anthony Minessale wrote:
Quote: | if you want to test latest trunk i added code that *should* let you
auth the vm using the same
a1-hash also we added an "md5" api command to mod_commands so you
can use it in your own apps.
${md5(some data)}
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
brian at freeswitch.org Guest
|
Posted: Tue Oct 21, 2008 4:44 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
Its called TLS...
/b
On Oct 21, 2008, at 4:30 PM, Peter P GMX wrote:
Quote: | In our environment DTMF is of course transported via SRTP so this is
more secure (although the key exchange by SDES is known to have
security
issues, as rtp streams may be replayed by a 3rd party, there is no
replay prevention mechanism in SDES and therefore also not in
freeswitch, hein?).
|
_______________________________________________
Freeswitch-users mailing list
Freeswitch-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org |
|
Back to top |
|
|
anthony.minessale at g... Guest
|
Posted: Tue Oct 21, 2008 4:59 pm Post subject: [Freeswitch-users] Passwords in clear text |
|
|
the sofia library we depend on requires you to feed it plain passwords for outbound auth.
We would have to pressure them to expose a way for us to pre-hash them.
As an alternative, you can always use xml-curl + https url to fetch the configs from your db on the fly over a secure
connection but that won't stop the hacker from running gcore on fs and finding them in the ram somewhere just like if someone wants to break into your house he can just take a chainsaw and cut a hole in the side and walk in.
I'll ask the guy next time i talk to him.
On Tue, Oct 21, 2008 at 3:30 PM, Peter P GMX <Prometheus001@gmx.net (Prometheus001@gmx.net)> wrote:
--
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale@hotmail.com ([email]MSN%3Aanthony_minessale@hotmail.com[/email])
GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com ([email]PAYPAL%3Aanthony.minessale@gmail.com[/email])
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888@conference.freeswitch.org ([email]sip%3A888@conference.freeswitch.org[/email])
iax:guest@conference.freeswitch.org/888
googletalk:conf+888@conference.freeswitch.org ([email]googletalk%3Aconf%2B888@conference.freeswitch.org[/email])
pstn:213-799-1400 |
|
Back to top |
|
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|