Certainly offering support for hashed passwords has benefits and as you mentioned can be done using something other than the flat file XML directory format and decoding on the fly. I think one reason it hasn't been looked at as a major issue yet is voicemail and conference passwords are generally only numbers so they can be dialed over a phone, even an 8 digit password is 10^8 combination which is not a whole lot of hashes to brute force, so compromising even one way passwords would not be a major feat. It may deter a compromised machine from giving up its secrets but it certainly is a very narrow frame of protection.
~Mitch On Mon, Oct 20, 2008 at 5:43 PM, Peter P GMX <[EMAIL PROTECTED]> wrote: > I think we can agree that the more passwords are available in clear text > the more problems we will have if a system is compromized. Therefore > it's common practise to not store passwords in clear text. In our case > we use xml-curl to store the directory data in a database for a > distributed freeswitch network. I simply try to avoid having a database > with clear text passwords. VM-Passwords may not be a bigger problem, but > gateway passwords and conference pins are. > > One way is of course to encrypt the passwords with e.g. OpenSSL/RSA, > store it the database and decrypt it on the fly when it is needed. This > moves the security implementation to the application side with some > backdraws, as passwords can be retrieved with the decryption key and > passwords are transferred through the network (of course via SSL) and > the passwords are in the logs. This is how we do it for the time being. > Another idea, as I propose, is not to store the passwords but hashes. > > To be honest: I do not understand this discussion. It would be wise to > store passwords in an encrypted way. I have seen compromized servers on > the client's side in the last years and security threats will even > increase in the future. The more we protect our sensible data the safer > the system will be for the future. There is a growing number of > companies in Germany (even the very big ones as Deutsche Telecom) who > recently had to tell their customers that a huge amount of sensible data > was lost. > > I am not asking for doing it right now, but I would love to have it > somehow on the roadmap for the future. > > Best regards > Peter > > Kristian Kielhofner schrieb: > > On 10/20/08, Peter P GMX <[EMAIL PROTECTED]> wrote: > > > >> Hello Brian, > >> > >> i have learned im my life that any server can be compromized if anyone > >> uses enough effort to hack it. Thus I simply try to prevent storing > >> passwords in clear text. > >> I am actually trying to setup a secure system with TLS/SRTP and > handling > >> clear text passwords didn't really fit into this concept. > >> > >> Best regards > >> Peter > >> > > > > If your server is compromised and they can read your config files they > > can read the file store, db, etc and have access to everything (VM?) > > that pin would have access to. > > > > > > _______________________________________________ > Freeswitch-users mailing list > [email protected] > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users > UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users > http://www.freeswitch.org >
_______________________________________________ Freeswitch-users mailing list [email protected] http://lists.freeswitch.org/mailman/listinfo/freeswitch-users UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users http://www.freeswitch.org
