Date: 07 Mar 2000 09:35:40 -0500 From: Chris Shenton <cshenton@uucom.com> To: Randy Primeaux <randy@Cloudfactory.ORG> Cc: Bhishan Hemrajani <bhishan@cytosine.dhs.org>, freebsd-questions@FreeBSD.ORG Subject: Re: NetMeeting or H.323 with ipfw & natd Message-ID: <lfr9dm97b7.fsf@Samizdat.uucom.com> In-Reply-To: Randy Primeaux's message of "Mon, 06 Mar 2000 16:04:11 -0800" References: <200003070013.QAA20371@relay.ultimanet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 06 Mar 2000 16:04:11 -0800, Randy Primeaux <randy@Cloudfactory.ORG> said:
Randy> Bhishan, Thank you for the prompt response. Is your comment
Randy> noting "you cannot find out what port NetMeeting is running on"
Randy> based on: Dynamic H.323 call control TCP Dynamic H.323
Randy> streaming Real-Time Transfer Protocol (RTP) over UDP
I wrote a paper a couple years ago on NetMeeting and how
firewall-hostile it was:
http://www.shenton.org/~chris/nasa-hq/netmeeting/
Since then, I gather a couple commercial firewalls now can proxy it
intelligently, and that some NAT engines and/or free daemons (open
h.323) can. But the protocol sux rox -- way too complicated.
IMHO it's too dangerous to be let into my LAN without application
layer proxying and decent authentication. It gives unauthenticated
remote users full keyboard/mouse access to my machine and therefore
anything my machine has access to. For me, firewalls and NAT are
there to protect me from lame applications and hostile netizens, not
just something to "get around".
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?lfr9dm97b7.fsf>