RE: Firewall Friendly Video Conferencing

From: Cavell.McDermott@apw.com
Date: 11/13/01

Previous message: TD - Sales International Holland B.V.: "Re: Packet Sniffing in a Switched LAN"
Maybe in reply to: James Paterson: "Firewall Friendly Video Conferencing"
Next in thread: Meritt James: "Re: Firewall Friendly Video Conferencing"
Reply: Meritt James: "Re: Firewall Friendly Video Conferencing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Subject: RE: Firewall Friendly Video Conferencing
To: "Sadler, Connie J" <csadler@bnl.gov>
Message-ID: <OF3850C1C0.ADAC9960-ON86256B03.005FAECE@apw-enclosures.com>
From: Cavell.McDermott@apw.com
Date: Tue, 13 Nov 2001 11:29:13 -0600

Here's from the MS website, showing that most of the ports NetMeeting
uses are on TCP. But the vast majority of applications use Both the TCP
and UDP ports of the same number. Even ftp..

http://www.good-stuff.co.uk/useful/portfull.html

And the url for getting NetMeeting up and running through your firewall:

http://support.microsoft.com/support/kb/articles/Q158/6/23.asp




NetMeeting uses the following Internet Protocol (IP) ports:
    Port Purpose
    -------------------------------------
    389 Internet Locator Server [Transmission Control Protocol (TCP)]
    522 User Location Server (TCP)
    1503 T.120 (TCP)
    1720 H.323 call setup (TCP)
    1731 Audio call control (TCP)
    Dynamic H.323 call control (TCP)
    Dynamic H.323 streaming [Realtime Transport Protocol (RTP) over User
Datagram Protocol (UDP)]

Cavell McDermott
Domino Admin
APW Ltd. - Texas Campus
214-343-1400 - Main
214-355-2039 - Helpdesk
214-341-9950 - Fax
http://www.apw.com

                    "Sadler,
                    Connie J" To: Cavell.McDermott@apw.com
                    <csadler@bnl. cc: James Paterson <jpaterson@datamirror.com>,
                    gov> security-basics@securityfocus.com
                                         Subject: RE: Firewall Friendly Video Conferencing
                    11/12/2001
                    11:35 AM

But some forms of traffic are much worse than others - I'd rather have
inbound ftp, for example, which can be controlled, than UDP, which offers
up
a much bigger risk... that's the problem with Netmeeting, from what I
understand - it's the UDO protocol that is difficult to manage.

-----Original Message-----
From: Cavell.McDermott@apw.com [mailto:Cavell.McDermott@apw.com]
Sent: Monday, November 12, 2001 10:59 AM
To: Sadler, Connie J
Cc: James Paterson; security-basics@securityfocus.com
Subject: RE: Firewall Friendly Video Conferencing

Any application you use will potentially make you vulnerable to exploits
being sent to that application/port which is opened up in the firewall. So
that is why you need to be careful on exactly what applications get used on
your LAN. If you open up a certain port, you run the risk of unintended
traffic coming into your network through that port. Firewalls themselves
cannot distinguish between bad traffic and good traffic going through a
port you opened up. That's where getting some form of IDS on your network
will help you ensure only good traffic is coming/going through your LAN.

Cavell McDermott
Domino Admin
APW Ltd. - Texas Campus
214-343-1400 - Main
214-355-2039 - Helpdesk
214-341-9950 - Fax
http://www.apw.com

"Sadler,

Connie J" To: Cavell.McDermott@apw.com,
James Paterson
<csadler@bnl. <jpaterson@datamirror.com>

                    gov> cc:
security-basics@securityfocus.com
                                         Subject: RE: Firewall Friendly
Video Conferencing
                    11/10/2001

06:43 PM

Doesn't Netmeeting behind firewalls still make the clients vulnerable to
exploits?

-----Original Message-----
From: Cavell.McDermott@apw.com [mailto:Cavell.McDermott@apw.com]
Sent: Friday, November 09, 2001 12:43 PM
To: James Paterson
Cc: security-basics@securityfocus.com
Subject: Re: Firewall Friendly Video Conferencing

Lotus Sametime.. But you incur the expense of a Domino license. I've
also had good success with Netmeeting with both parties being behind
firewalls.

Cavell McDermott
Domino Admin
APW Ltd. - Texas Campus
214-343-1400 - Main
214-355-2039 - Helpdesk
214-341-9950 - Fax
http://www.apw.com

James Paterson

<jpaterson@datam To:
security-basics@securityfocus.com
irror.com> cc:

Subject: Firewall Friendly
Video Conferencing
11/08/2001 03:55

Does anyone know of a good firewall friendly desktop video conferencing
product?

Thanks
J.

Previous message: TD - Sales International Holland B.V.: "Re: Packet Sniffing in a Switched LAN"
Maybe in reply to: James Paterson: "Firewall Friendly Video Conferencing"
Next in thread: Meritt James: "Re: Firewall Friendly Video Conferencing"
Reply: Meritt James: "Re: Firewall Friendly Video Conferencing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Easy RRAS VPN question
... When NAT-T is used port 1701 UDP ... to go through a firewall directly then port 1701 UDP needs to be open. ... >> accessed from the internet. ...
(microsoft.public.windows.server.networking)
Re: Open port PIX 501
... :i can't open the port in my PIX. ... :I need open the port 1000 to point to the IP 10.254.254.222. ... in practice only DNS servers doing zone transfers need tcp. ... of UDP, it would be a highly unusual client which did not stick ...
(comp.dcom.sys.cisco)
RE: DNS Records
... tcp>1023 53 Client queries with long replies ... On other client types, ... if you lock down all but port ... a client queries an initial server from an unreserved port number to UDP ...
(Security-Basics)
Windows Update Scrammed My Server
... The Simple TCP/IP Services could not find the TCP Echo port. ... The Simple TCP/IP Services could not find the UDP Echo port. ...
(microsoft.public.windowsupdate)
Re: Settings for Mercenaries and MS MN500 Wireless Router
... When you type "27960-27960 tcp and udp" exactly where are those entries ... Enable Description Outbound Port Trigger Type Inbound Port Public Type ... > inside the game. ...
(microsoft.public.games)