Securing Asterisk Network APIs

FastAGI and the AMI are two network-based APIs commonly used in Asterisk deployments. For more details on AGI, see Chapter 21, Asterisk Gateway Interface (AGI). For more information on the AMI, see Chapter 20, Asterisk Manager Interface (AMI).

In the case of FastAGI, there is no encryption or authentication available. It is up to you as the administrator to ensure that the only communication allowed to the FastAGI server is from Asterisk.

The AMI protocol includes authentication, but it is very weak. Further, the data exchanged via the AMI is often sensitive, from a privacy standpoint. It is critical to secure AMI connectivity. It is best to only expose the AMI on trusted networks. If it must be exposed to an untrusted networks, we recommend only allowing connections using SSL.

It is critical to understand what power the AMI provides. If an AMI user is granted all permissions that are available, that user will be able to run arbitrary commands on your system. If the account has the ability to update configuration files, it will be able to add an extension to the dialplan that runs the System() application, enabling it to run any command it wants. If it also has access to originate calls, it can originate a call to that extension, resulting in the execution of that command. Be careful when opening up AMI access on your system and restrict what permissions are granted to each account in /etc/asterisk/manager.conf.

Tip #9: Secure Asterisk network APIs. Use firewall rules to restrict access to your FastAGI server. Use encryption on the AMI. Restrict access provided to AMI accounts as much as possible.