Firewall Wizards mailing list archives
Re: NetMeeting security solution?
From: C Matthew Curtin <cmcurtin () interhack net>
Date: Sat, 19 Sep 1998 08:57:49 -0400 (EDT)
"Chris" == Chris Shenton <cshenton () uucom com> writes:
Chris> If you tunnel then the connection between the two sites is Chris> secure, yes. When we're talking about tunneling in this context, does that imply some sort of SSL- or SSH-like encrypted session from one Netmeeting client (or peer?) to another, or are we simply talking about poking a hole through the firewall and letting two applications talk directly to each other? (Poking holes in the firewall isn't "secure" in any sense of the word. You've shifted the audit trail, accountability, administration, etc., away from your firewall and down to an individual box that's probably administered by someone else--likely someone without any dreaming idea of what security is all about. In general, this is Bad Stuff and should be avoided.) Chris> (Only if both sites are tight -- or rather have the same Chris> security policy -- does this not lower risk. Most places I've Chris> seen don't have this situation, the control isn't central.) This is the key point. By connecting multiple networks together, all of the networks involved have their risk brought to the same level as the most insecure site. There are tricks you can play to prevent this, i.e., firewalling connections between sites, but in most cases this isn't done...the whole point of having these sorts of connections is so that folks can talk to each other without having all of their data strip-searched at the firewall. Chris> I'll try and get my whitepaper back on line this week; I spent Chris> a while looking into this. I'd be interested to see it posted, or at least a pointer to it. -- Matt Curtin cmcurtin () interhack net http://www.interhack.net/people/cmcurtin/
Current thread:
- NetMeeting security solution? Don Cox (Sep 15)
- Re: NetMeeting security solution? Christopher Nicholls (Sep 17)
- Re: NetMeeting security solution? Chris Shenton (Sep 17)
- Re: NetMeeting security solution? C Matthew Curtin (Sep 19)
- Re: NetMeeting security solution? Chris Shenton (Sep 21)
- Re: NetMeeting security solution? C Matthew Curtin (Sep 19)