Dealing with MS Netmeeting & H.323

Bob Acosta acostar@allied-chas.com
Thu, 4 Jun 1998 14:55:12 -0400


I find it difficult to even conceptualize that a Microsoft product can be
configured through any firewall securely, especially one such as netmeeting
which slobers all over the port ranges, however, Raptor Eagle firewall, now
owned by Axent technologies, claims to be able to proxy netmeeting (I am not
sure they indicate securely).  VPN trusted on TIS and VPN with filters on
Raptor are the other options, however, most sites using netmeeting, often
desire an open forum with many remote sites, therefore departing from the
VPN solution.  TIS firewall uses access-list filtering on port ranges for
the nasty part of netmeeting and another portion can be plugged, however,
this sets up basic logging only for the plugs NOT the udp (unless you choose
to God - Forbid turn on tracing).  Raptor has their generic service passer
in the older to present versions, and again claims a pseudo proxy in the new
version.

At present, this cannot be securely proxied or plugged!!!!!

Tell (convince) your site to choose another product if you can.

-----Original Message-----
From: Kjell Wooding <kwooding@codetalker.com>
To: 'firewall-wizards@nfr.com' <firewall-wizards@nfr.net>
Date: Thursday, June 04, 1998 1:52 PM
Subject: Re: Dealing with MS Netmeeting & H.323


>>    I'm wondering if anyone has had much luck securing Microsoft's
>Netmeeting product?    This
>> topic has been discussed here and on other lists. People usually just
>throw up their
>> hands when dealing with it. What's the best  advice
>
>Of course, if all you want to do is secure Netmeeting between known sites
>(say two branch offices), a VPN solution will suffice.
>
>[Of course, PPTP has its own problems, so avoid that one.]
>
>-kj
>--
>Kjell Wooding <kwooding@codetalker.com>
>Codetalker Communications, Inc.
>
>For Infosec News, see http://www.codetalker.com/