Hello, I have tested the OpenMeetings with the OWASP ZAP tool and it is generating quite much warnings, but not the critical ones.
I have to analyze the results and if I find something, which should be fixed, I will inform you. I recommend the OWASP ZAP tool. It is really easy to use. Just download the product and then set proxy. Then browse the OpenMeetings and same time the OWASP ZAP tool checks the communication. https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project BR, Kalevi 2014-08-19 9:09 GMT+03:00 Maxim Solodovnik <[email protected]>: > Unfortunately no, we are trying to use all latest libraries (with all > issues fixed), but have no resources to perform "heavy" security testing. > We will be happy to get any help on this > > > On 19 August 2014 12:58, kalevi tappinen <[email protected]> > wrote: > >> Hello, >> >> Is it possible that someone can use some security hole in the >> OpenMeetings and then have access to our server? >> >> Have you tested the security with the penetration tools etc? >> >> BR, >> >> Mika >> >> 2014-08-19 8:43 GMT+03:00 Maxim Solodovnik <[email protected]>: >> >>> Hello, >>> >>> you can set up OM (starting with 3.0.3) to use both HTTPS and RTMPS >>> which are secure, all communications will be made via secured channels >>> >>> >>> On 19 August 2014 12:36, kalevi tappinen <[email protected]> >>> wrote: >>> >>>> Hello, >>>> >>>> I send again my previous question. What you think about the >>>> OpenMeetings security? >>>> >>>> BR, >>>> >>>> Kalevi >>>> >>>> 2014-08-13 8:54 GMT+03:00 kalevi tappinen <[email protected]>: >>>> >>>>> Hello, >>>>> >>>>> I'm interested in the OpenMeetings, but my client is not sure if the >>>>> OpenMeetings is enough secure. >>>>> >>>>> How can I prove to client that OpenMeetings is enough secure? >>>>> >>>>> Is the flash secure? How you have tested the security? >>>>> >>>>> I have read the security section in the OpenMeetings site, but I need >>>>> more information to be sure. >>>>> >>>>> BR, >>>>> >>>>> Kalevi >>>>> >>>> >>>> >>> >>> >>> -- >>> WBR >>> Maxim aka solomax >>> >> >> > > > -- > WBR > Maxim aka solomax >
