On 10 May 2001 19:51:12 -0400, Sadler, Connie J wrote:
>
> Some of us would really like to know what the risks are with Netmeeting. We
> get requests for it frequently - through the firewall, and would like a
> configuration that would allow that, but haven't found a secure way to do it
> yet...
You need to consider a few questions:
1) Is netmeeting (the product) secure enough that it won't allow remote
buffer overflows that execute local commands and install trojans on your
computers?
2) Is your firewall able to properly detect netmeeting packets and allow
them through (it can run on TCP, so this isn't difficult) as part of a
datastream?
3) Is what will be discussed using netmeeting confidential, or in any
way the type of thing you would not scream out the window into the
streets? If so, consider installing VPN boxes / software to connect
your computers with Netmeeting to the remote computers. This will
provide an encrypted channel for the conversation to take place over.
4) Do you want to allow incoming requests, or just outgoing? Consider
running your own netmeeting gateway in your DMZ if you want to allow
incoming requests and have your users register with it (which can in
turn register with others).
--
Michael T. Babcock
CTO, FibreSpeed
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
