From owner-freebsd-questions  Tue Mar  7  6:36:20 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from Samizdat.uucom.com (samizdat.uucom.com [198.202.217.54])
	by hub.freebsd.org (Postfix) with ESMTP id A482837B92E
	for <freebsd-questions@FreeBSD.ORG>; Tue,  7 Mar 2000 06:36:16 -0800 (PST)
	(envelope-from cshenton@uucom.com)
Received: (from cshenton@localhost)
	by Samizdat.uucom.com (8.9.3/8.9.3) id JAA22230;
	Tue, 7 Mar 2000 09:35:40 -0500 (EST)
To: Randy Primeaux <randy@Cloudfactory.ORG>
Cc: Bhishan Hemrajani <bhishan@cytosine.dhs.org>,
	freebsd-questions@FreeBSD.ORG
Subject: Re: NetMeeting or H.323 with ipfw & natd
References: <200003070013.QAA20371@relay.ultimanet.com>
From: Chris Shenton <cshenton@uucom.com>
Date: 07 Mar 2000 09:35:40 -0500
In-Reply-To: Randy Primeaux's message of "Mon, 06 Mar 2000 16:04:11 -0800"
Message-ID: <lfr9dm97b7.fsf@Samizdat.uucom.com>
Lines: 22
User-Agent: Gnus/5.0803 (Gnus v5.8.3) Emacs/20.4
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, 06 Mar 2000 16:04:11 -0800, Randy Primeaux <randy@Cloudfactory.ORG> said:

Randy> Bhishan, Thank you for the prompt response.  Is your comment
Randy> noting "you cannot find out what port NetMeeting is running on"
Randy> based on: Dynamic H.323 call control TCP Dynamic H.323
Randy> streaming Real-Time Transfer Protocol (RTP) over UDP

I wrote a paper a couple years ago on NetMeeting and how
firewall-hostile it was:

        http://www.shenton.org/~chris/nasa-hq/netmeeting/

Since then, I gather a couple commercial firewalls now can proxy it
intelligently, and that some NAT engines and/or free daemons (open
h.323) can. But the protocol sux rox -- way too complicated.

IMHO it's too dangerous to be let into my LAN without application
layer proxying and decent authentication. It gives unauthenticated
remote users full keyboard/mouse access to my machine and therefore
anything my machine has access to.  For me, firewalls and NAT are
there to protect me from lame applications and hostile netizens, not
just something to "get around".


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message