Firewall Wizards mailing list archives

Re: H.323 and Firewalls

From: Ted Doty <ted () iss net>
Date: Thu, 04 Dec 1997 11:30:34 -0500

At 09:15 AM 12/4/97 -0500, Robert.Andres () stn siemens com wrote:

Aside from the technical aspects of the problem, H.323 presents the problem
that is seems to be a protocol that few people in the internet space are
very
familiar with.


Look at the H.323 description at
http://gw.databeam.com/h323/h323primer.html, and at
http://www.cis.ohio-state.edu/~cliu/ for a description of some of the IP
protocols that are required to carry the traffic.

Please let me know if you have any ideas, experience, etc with this subject
or if perhaps there is some company out there with products or services
for the H.323 problem?


I haven't heard of any vulnerabilities associated with implementations of
these (or with the protocols themselves), but my instinct is to suggest you
use a VPN to carry the data.

- Ted

--------------------------------------------------------------
Ted Doty, Internet Security Systems | Phone: +1 770 395 0150
41 Perimeter Center East            | Fax:   +1 770 395 1972
Atlanta, GA 30346  USA              | Web: http://www.iss.net
--------------------------------------------------------------
PGP key fingerprint: 362A EAC7 9E08 1689  FD0F E625 D525 E1BE

Current thread:

H.323 and Firewalls Robert . Andres (Dec 04)
- Re: H.323 and Firewalls Ted Doty (Dec 05)
- <Possible follow-ups>
- RE: H.323 and Firewalls Joseph Judge (Dec 08)