Re: NetMeeting and H.323

[Ali-Reza Anghaie <ali () packetknife com>]

On Tuesday 18 February 2003 17:14, Jeremy Junginger wrote:
> I know I'm asking for it by putting this before the group, but that's
> kind of my intent.  Could anyone in here let me know why H.323, and more
> specifically, netmeeting is a bad idea*?
>
> *(Aside from the obvious fact that you have to blow a udp hole from 1024
> to 65535 in your firewall in order to accommodate it...heheh...)

There is also dynamic port requirements above 1024 that are TCP as well 
(H.323 call control)...

Creating packet filtering rules are obviously painful based on the open TCP 
and UDP requirements above 1024 plus the regular 1720, 1731, 1503, and then 
LDAP perhaps.. and I'm pretty sure I'm missing something there too.

So you're left w/ an app. proxy which would be pretty difficult to write for 
a vendor. Some vendors claim it but I haven't used one yet...

I'm pretty sure you'll find plenty of dicussion on groups.google.com 
(USENET) if you search for "netmeeting firewall"..

Cheers, -Ali

-- 
OpenPGP Key: 030E44E6
--
Was I helpful?:  http://svcs.affero.net/rm.php?r=packetknife
--
Science may someday discover what faith has always known. -- Unknown



----------------------------------------------------------------------------

Do you know the base address of the Global Offset Table (GOT) on a Solaris 8
box?
CORE IMPACT does.
http://www.securityfocus.com/core