RE: [fw-wiz] Apple's iSight and Firewalls

black_at_galaxy.silvren.com
Date: 08/20/03

  • Next message: Bartek Krajnik: "Re: [fw-wiz] Apple's iSight and Firewalls"
    To: Dave Killion <Dkillion@netscreen.com>
    Date: Wed, 20 Aug 2003 13:58:20 -0400 (EDT)
    
    

    For h.323 an netmeeting, all I needed to do was open udp 1719 to the
    gatekeeper's address... am I missing something here or where does the
    "swiss cheese" come into play?

    On Wed, 20 Aug 2003, Dave Killion wrote:

    > Jim,
    >
    > If it's a site-to-site video confererencing system, where both sides are
    > firmly under your control (Corp HQ to Corp Office, etc), I'd strongly
    > recommend a VPN tunnel, which solves most of the Swiss-cheese problems.
    > This is something you should already have, anyway.
    >
    > Just a thought...
    >
    > Dave Killion
    > Senior Security Engineer
    > Security Group, NetScreen Technologies, Inc.
    >
    >
    >
    > -----Original Message-----
    > From: jseymour@LinxNet.com [mailto:jseymour@LinxNet.com]
    > Sent: Tuesday, August 19, 2003 5:43 PM
    > To: firewall-wizards@honor.icsalabs.com
    > Subject: [fw-wiz] Apple's iSight and Firewalls
    >
    >
    > Hi All,
    >
    > My company would like to set up inexpensive video-conferencing.
    > They've been bugging me for a solution for some time. The partner
    > company, being All Windows, All The Time, of course immediately
    > suggested NetMeeting. ISTR a discussion about NetMeeting here, perhaps
    > prompted by me, and, IIRC, it pretty much requires one make swiss
    > cheese of their firewall for it to work. I vetoed it, and management
    > backed me up. Doing a search on "NetMeeting" on SecurityFocus was not
    > encouraging, either.
    >
    > Recently they bought me an iBook to do some WebObjects development
    > with. It just hit me today that maybe Apple's iSight product would do
    > the trick for video conferencing.
    >
    > Problem is: I've no idea what iSight would need through the firewall.
    >
    > There's this:
    >
    > http://www.macosxhints.com/article.php?story=20030623203213301
    >
    > If 5060 and 16384 through 16403 UDP are all that are required, and I
    > can specify the only allowed IP address inside they would forward to,
    > well, that might be acceptable.
    >
    > Comments? Opinions? Suggestions? Flames? ;)
    >
    > Thanks,
    > Jim
    > --
    > Jim Seymour | PGP Public Key available at:
    > jseymour@LinxNet.com |
    > http://www.uk.pgp.net/pgpnet/pks-commands.html
    > http://jimsun.LinxNet.com |
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    >
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Bartek Krajnik: "Re: [fw-wiz] Apple's iSight and Firewalls"

    Relevant Pages

    • RE: [fw-wiz] Apples iSight and Firewalls
      ... If it's a site-to-site video confererencing system, ... Senior Security Engineer ... ISTR a discussion about NetMeeting here, ... It just hit me today that maybe Apple's iSight product would do ...
      (Firewall-Wizards)
    • [fw-wiz] Apples iSight and Firewalls
      ... company, being All Windows, All The Time, of course immediately ... ISTR a discussion about NetMeeting here, ... It just hit me today that maybe Apple's iSight product would do ... I've no idea what iSight would need through the firewall. ...
      (Firewall-Wizards)
    • Re: [fw-wiz] Apples iSight and Firewalls
      ... The partner ... ISTR a discussion about NetMeeting here, ... It just hit me today that maybe Apple's iSight product would do ... I've no idea what iSight would need through the firewall. ...
      (Firewall-Wizards)