19.5. NetMeetingNetMeeting is Microsoft's conferencing program. It allows multiple people to connect for file transfer, chat, whiteboard, and application sharing, or two people to connect for audio/video conferencing.
NetMeeting is based on T.120 and H.323 but uses some extra protocols; Figure 19-4 shows a full-featured NetMeeting conference.
In addition to the normal security implications of T.120 and H.323, NetMeeting has had implementation problems, including buffer overflow bugs. However, most of the security concerns with NetMeeting involve the capabilities provided by T.120 and H.323. As NetMeeting has evolved, it has added more and more features to allow clients to place limits on what can be done. For instance, it is now possible for a client to allow audio/video conferencing without permitting file transfer or application sharing, and it is possible to require authentication. On the other hand, it is still extremely difficult for an administrator to force those controls on clients. There is no good way for an administrator to make sure that clients inside the firewall are safe from attack via NetMeeting.
19.5.1. Packet Filtering Characteristics of NetMeetingNetMeeting uses T.120 and H.323, but in addition to their normal ports, it uses an extra audio call control connection at TCP port 1731, an LDAP-based locator service called the Internet Locator Service (ILS) at TCP port 389, and a proprietary locator service called the User Location Service (ULS) at TCP port 522. The connections involved are shown in Figure 19-4; the table shows only the ports that are special to NetMeeting.
Figure 19-4. A NetMeeting conference
19.5.2. Proxying Characteristics of NetMeetingThe protocols that NetMeeting uses in addition to T.120 and H.323 are relatively straightforward, so NetMeeting can be handled by any system that can proxy H.323 (as we discussed earlier, there are few such systems).
19.5.3. Network Address Translation Characteristics of NetMeetingBecause NetMeeting is based on H.323, it requires an H.323-aware proxy to handle the embedded IP addresses used for server-to-client connections. See the information earlier about H.323.
Copyright © 2002 O'Reilly & Associates. All rights reserved.