Re: NetMeeting security solution?

[Chris Shenton <cshenton () uucom com>]

C Matthew Curtin <cmcurtin () interhack net> writes:

> When we're talking about tunneling in this context, does that imply
> some sort of SSL- or SSH-like encrypted session from one Netmeeting
> client (or peer?) to another, or are we simply talking about poking a
> hole through the firewall and letting two applications talk directly
> to each other?

I was talking about encrypted tunnels: that even with some
cryptographic security (like a VPN) that NetMeeting was still a threat
since it's the application itself that's vulnerable.


> By connecting multiple networks together, all
> of the networks involved have their risk brought to the same level as
> the most insecure site.

Exactly, and something repeatedly overlooked by the proponents of
NetBeating who said stuff like "Well, if you think it's insecure, just
run it over a secure VPN -- like MS PPTP". [cough, sputter]