Educause Security Discussion mailing list archives
Re: IP Videoconferencing
From: Tina Bird <tbird65 () STANFORD EDU>
Date: Wed, 5 Nov 2003 11:01:56 -0800
On Wed, 5 Nov 2003, Walsh, Brian R. (Information Services) wrote:We have a request from our Instructional Technology group to allow access through our firewall for a new IP videoconferencing unit. Allowing this through the firewall seems to be relativelylow risk andI think our firewalls may even be "H.323 aware" which wouldmake thisa little easier to do and perhaps more secure. I amassuming that thevideoconferencing hardware and software take care of other security like authentication, encryption, etc. Is there anything specific I should be worried about withthis setup?I don't know much about the protocols or products involved so any advice would be appreciated. Thanks.I wouldn't assume that the devices are properly taking care of authentication, encryption, and other security requirements. Several popular videoconferencing devices ship with default passwords, only support cleartext protocols for management, and may not enable encryption by default.
There's a >>great<< discussion of the risks associated with multimedia protocols (H.323 and T.120 in particular) in Zwicky, Cooper & Chapman, "Building Internet Firewalls." Chapter 19 in the second edition is on conferencing services, and the discussion of protocols begins on page 528. hope that helps -- tbird -- Dr. Tina Bird Information Security Services, Stanford University 1 (650) 724-9316 Security Alerts http://securecomputing.stanford.edu/alert.html Log Analysis http://www.loganalysis.org Virtual Private Networks http://vpn.shmoo.com ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- IP Videoconferencing Walsh, Brian R. (Information Services) (Nov 05)
- <Possible follow-ups>
- Re: IP Videoconferencing Brian Reilly (Nov 05)
- Re: IP Videoconferencing Davis, Thomas R. (Nov 05)
- Re: IP Videoconferencing Ron Parker (Nov 05)
- Re: IP Videoconferencing Tina Bird (Nov 05)
- Re: IP Videoconferencing Charlie Prothero (Nov 05)
- Re: IP Videoconferencing Jere Retzer (Nov 06)