RE: [fw-wiz] Apple's iSight and Firewalls
black_at_galaxy.silvren.com
Date: 08/20/03
- Previous message: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- In reply to: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- Next in thread: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Dave Killion <Dkillion@netscreen.com> Date: Wed, 20 Aug 2003 13:58:20 -0400 (EDT)
For h.323 an netmeeting, all I needed to do was open udp 1719 to the
gatekeeper's address... am I missing something here or where does the
"swiss cheese" come into play?
On Wed, 20 Aug 2003, Dave Killion wrote:
> Jim,
>
> If it's a site-to-site video confererencing system, where both sides are
> firmly under your control (Corp HQ to Corp Office, etc), I'd strongly
> recommend a VPN tunnel, which solves most of the Swiss-cheese problems.
> This is something you should already have, anyway.
>
> Just a thought...
>
> Dave Killion
> Senior Security Engineer
> Security Group, NetScreen Technologies, Inc.
>
>
>
> -----Original Message-----
> From: jseymour@LinxNet.com [mailto:jseymour@LinxNet.com]
> Sent: Tuesday, August 19, 2003 5:43 PM
> To: firewall-wizards@honor.icsalabs.com
> Subject: [fw-wiz] Apple's iSight and Firewalls
>
>
> Hi All,
>
> My company would like to set up inexpensive video-conferencing.
> They've been bugging me for a solution for some time. The partner
> company, being All Windows, All The Time, of course immediately
> suggested NetMeeting. ISTR a discussion about NetMeeting here, perhaps
> prompted by me, and, IIRC, it pretty much requires one make swiss
> cheese of their firewall for it to work. I vetoed it, and management
> backed me up. Doing a search on "NetMeeting" on SecurityFocus was not
> encouraging, either.
>
> Recently they bought me an iBook to do some WebObjects development
> with. It just hit me today that maybe Apple's iSight product would do
> the trick for video conferencing.
>
> Problem is: I've no idea what iSight would need through the firewall.
>
> There's this:
>
> http://www.macosxhints.com/article.php?story=20030623203213301
>
> If 5060 and 16384 through 16403 UDP are all that are required, and I
> can specify the only allowed IP address inside they would forward to,
> well, that might be acceptable.
>
> Comments? Opinions? Suggestions? Flames? ;)
>
> Thanks,
> Jim
> --
> Jim Seymour | PGP Public Key available at:
> jseymour@LinxNet.com |
> http://www.uk.pgp.net/pgpnet/pks-commands.html
> http://jimsun.LinxNet.com |
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- In reply to: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- Next in thread: Dave Killion: "RE: [fw-wiz] Apple's iSight and Firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
