Fix various documentation issues (bugs #5464-5467)

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6826 65c4cc65-6c06-0410-ace0-fbb531ad65f3

SECURITY

@@ -4,6 +4,32 @@ PLEASE READ THE FOLLOWING IMPORTANT SECURITY RELATED INFORMATION.
 IMPROPER CONFIGURATION OF ASTERISK COULD ALLOW UNAUTHORIZED USE OF YOUR
 FACILITIES, POTENTIALLY INCURRING SUBSTANTIAL CHARGES.
 
+Asterisk security involves both network security (encryption, authentication)
+as well as dialplan security (authorization - who can access services in 
+your pbx). If you are setting up Asterisk in production use, please make
+sure you understand the issues involved.
+
+* NETWORK SECURITY
+
+If you install Asterisk and use the "make samples" command to install
+a demonstration configuration, Asterisk will open a few ports for accepting
+VoIP calls. Check the channel configuration files for the ports and IP addresses.
+
+If you enable the manager interface in manager.conf, please make sure that
+you access manager in a safe environment or protect it with SSH or other
+VPN solutions.
+
+For all TCP/IP connections in Asterisk, you can set ACL lists that
+will permit or deny network access to Asterisk services. Please check
+the "permit" and "deny" configuration options in manager.conf and
+the VoIP channel configurations - i.e. sip.conf and iax.conf.
+
+The IAX2 protocol supports strong RSA key authentication as well as
+AES encryption of voice and signalling. The SIP channel does not
+support encryption in this version of Asterisk.
+
+* DIALPLAN SECURITY
+
 First and foremost remember this:
 
 USE THE EXTENSION CONTEXTS TO ISOLATE OUTGOING OR TOLL SERVICES FROM ANY
@@ -38,4 +64,4 @@ exten => 6123,Dial(Zap/1)
 
 DON'T FORGET TO TAKE THE DEMO CONTEXT OUT OF YOUR DEFAULT CONTEXT.  There
 isn't really a security reason, it just will keep people from wanting to 
-play with your asterisk setup remotely.
+play with your Asterisk setup remotely.