This topic came up earlier this month on the firewall-wizards mailing
list. A link given was to a paper describing the (in)security of
NetMeeting:
http://www.shenton.org/~chris/nasa-hq/netmeeting/
This may be the one you were referring to :-)
This is really the same issue of allowing PC Anywhere -type applications
to connect through your firewall. There's a lot of room for exploitation
and a lot of unknown risk you'd be assuming.
-Jason
On Tue, 16 Mar 1999, Pavlichek, Doris (GEIS, GE Capital Consulting) wrote:
> Date: Tue, 16 Mar 1999 14:33:26 -0500
> From: "Pavlichek, Doris (GEIS, GE Capital Consulting)"
<[EMAIL PROTECTED]>
> To: "'Bard, Heather'" <[EMAIL PROTECTED]>,
> 'Tammy Torbert' <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> Subject: RE: T.120 Conferencing through a firewall
>
> My two cents worth...
>
> The biggest problem with T.120 and H.323 is that you open up a given system
> completely. A friend of mine wrote a paper on this, and I wish it were
> still online so I could refer you to it. Basically he summed it up by
> saying that there was no inherent way to secure the applications themselves.
> You could "trust" people not to put their machines at risk (by not using
> Collaborate or other similar functions) or you could trust people not to go
> against company policies. HA!
>
> To my knowledge, there is still no firewall which proxies for these
> applications both because of complexity and because of lack of
> standardization.
>
> I guess you have to ask yourself, "Is it bad that a remote user (or someone
> who is pretending to be that user) can save, edit, delete files on my user's
> machine?" or "Is it bad that a remote user can take over applications on
> one of my internal systems?"
>
> I think you'll have your answers....DP
>
> > -----Original Message-----
> > From: Bard, Heather [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, March 16, 1999 1:01 PM
> > To: 'Tammy Torbert'; [EMAIL PROTECTED]
> > Subject: RE: T.120 Conferencing through a firewall
> >
> >
> > >I will be implementing a firewall solution in a few weeks. I was
> > wondering
> > what
> > >type of security issues allowing T.120 conferencing presents. My
> > conferencing
> > >system needs port 1503 dynamically opened. Does anyone have any
> > information
> > >about the risks I may be opening up by having this port opened?
> >
> > I am interested in this as well. We are doing H.323 and T.120
> > implementation testing in our lab (for a very transient system - routers
> > shutting down and whole subnets moving), and as of yet have not found any
> > firewalls that support T.120 dynamically, thus we are having to statically
> > open, through acls with a wide range of IPs, port 1503. So please cc: me
> > on
> > any information.
> >
> > Thanks
> > Heather Bard
> >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
AT&T Wireless Services
IT Security
UNIX Security Operations Specialist
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
