-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I think you are missing his point, and several posters seem to be
making this a little too personal, too.
He is not addressing the inherent flaws in any other system. We know
those exist, too. The point is that NetMeeting is very difficult to
proxy effectively with content examination, it uses a potentially
large number of ports (compared to SMTP mail traffic), and has no
secure method of authenticating and identifying those connecting. I
don't care how many other systems are also insecure if I'm
specifically discussing NetMeeting. They are off-topic, and I'll
address them separately. Tell be about the ones that *are* secure.
I'm one of NT's biggest fans. Heck, I'm an MCSE, and *real* proud of
it. I like a lot of the software Microsoft develops. But let's face
it, MS PPTP, RRAS, and NetMeeting are just too partially designed
and/or implemented to be allowed to pass traffic through the outer
membrane of any organization that has internal data or systems that
are not for public consumption or operation. Period. I would love to
see MS improve upon their product, but until they start worrying about
quality more and some artificial deadline (that they will undoubtedly
miss more than once) less, they will face the same critics in an
increasingly harsher light.
Products with no real predictable way to ensure their traffic's
content and origins (Cu-See-Me, and others, included) should be
re-examined by their designers if they are to be used for business
purposes inter-organization. Maybe a secure implementation or a
content-based proxy (with source code available, at least to third
parties like NCSA, etc., for certification) could be written by the
designers of the protocol or application for use in corporate
settings. I don't know. I do know that I'll not use these things even
for personal use as long as I have systems at home that house any sort
of personal data that I consider sensitive or need-to-know. I hope I
am being clear without preaching too much.
This newslist and its postings are not supposed to be a personal
affront; they are supposed to be tools to help us constructively
develop ways to securely communicate with the outside world from our
organizations in a manner that lets us be cautious without becoming
hermits.
I think I ran over into the third cent . . .
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
R. Michael Williams, MCSE
Nashville, TN
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Larry Cannell
> Sent: Friday, March 19, 1999 6:52 PM
> To: Firewall List
> Subject: RE: Netmeeting
>
>
>
> > just my 2 cents but it really does not matter how much perceived
> > value is obtained buy netmeeting if one can't rely on the
integrity
> > of the data that is being transmitted period. that is the point
and
> > since netmeeting is inherently insecure any data streamed via it
is
> > unreliable period.
>
> Based on this statement I assume that your organization only allows
signed
> and encrypted email? Or did your organization realize the incredible
value
> email provides, assess the risk, and applied reasonable controls
> to minimize
> that risk?
>
> > b.t.w. there are better products out there IMHO
> > and definately less proprietary which means these days leaving
your
> > options open .
>
> NetMeeting's T.120 is a little proprietary but it does work with all
T.120
> MCUs I'm familiar with. I expect their whiteboard will become
> compliant soon
> as well. Can VNC or CU-SeeMe make these same statements?
>
> Also, NetMeeting can participate in H.323 sessions with many
> other vendors'
> products.
>
> Larry
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
iQA/AwUBNvh0HqfPtcH7+PP+EQLagwCgxa/5dAJ09PI9Z2SbiiJiCW1aFMMAoLB3
xAlTwJTV5C35kyDyNk2r9cUy
=nyoN
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
