>From what I've seen, the T.12x protocols (because of application sharing)
could be the most dangerous ones to allow in though. Not to mention at
least two buffer overflows in netmeeting (see the URL) don't leave a warm
fuzzy feeling.
-Jason
On Tue, 16 Mar 1999, Bard, Heather wrote:
> Date: Tue, 16 Mar 1999 15:54:27 -0500
> From: "Bard, Heather" <[EMAIL PROTECTED]>
> To: "'Pavlichek, Doris (GEIS, GE Capital Consulting)'"
<[EMAIL PROTECTED]>,
> 'Tammy Torbert' <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> Subject: RE: T.120 Conferencing through a firewall
>
> Well, this is not completely correct anymore. Cisco's CBAC Firewall
> Feature Set (and possibly other "stateful" or "dynamic" filters) does do
> dynamic state tables and access-lists that allow h.323 sessions that are
> established from internal users to come back through the firewall. This
> makes it so that there is a block on the external users (via acl)from using
> the ports or establishing a session, and when the session is started only
> the IPs that were initiated from inside are allowed back through.
>
> There are currently no stateful/dynamic inspections of t.120 however (by any
> vendor that I am aware of), thus my question.
>
> heather
>
> -----Original Message-----
> From: Pavlichek, Doris (GEIS, GE Capital Consulting)
> [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, March 16, 1999 3:40 PM
> To: Bard, Heather; 'Tammy Torbert'; [EMAIL PROTECTED]
> Subject: RE: T.120 Conferencing through a firewall
>
>
> http://www.shenton.org/~chris/nasa-hq/netmeeting/
>
> Here's the paper....DP
>
> > -----Original Message-----
> > From: Bard, Heather [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, March 16, 1999 1:01 PM
> > To: 'Tammy Torbert'; [EMAIL PROTECTED]
> > Subject: RE: T.120 Conferencing through a firewall
> >
> >
> > >I will be implementing a firewall solution in a few weeks. I was
> > wondering
> > what
> > >type of security issues allowing T.120 conferencing presents. My
> > conferencing
> > >system needs port 1503 dynamically opened. Does anyone have any
> > information
> > >about the risks I may be opening up by having this port opened?
> >
> > I am interested in this as well. We are doing H.323 and T.120
> > implementation testing in our lab (for a very transient system - routers
> > shutting down and whole subnets moving), and as of yet have not found any
> > firewalls that support T.120 dynamically, thus we are having to statically
> > open, through acls with a wide range of IPs, port 1503. So please cc: me
> > on
> > any information.
> >
> > Thanks
> > Heather Bard
> >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
>
AT&T Wireless Services
IT Security
UNIX Security Operations Specialist
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
