Toymods Car Club Inc: The Outhouse => Any RTP/Firewall Experts?

Toymods Car Club
www.toymods.org.au

F.A.Q.

Home

Members

Toymods » The Outhouse » Any RTP/Firewall Experts? Show: Today's Posts :: Show Polls Email to friend

Author

Topic

ZZT231
Forums Junkie

I Supported Toymods

Location:
melbourne.vic.au
Registered:
May 2002

Any RTP/Firewall Experts?	Sun, 16 October 2005 12:11

Hello All, I'm trying to write up a research paper in regards to Video conferencing and I was blown out of the water by the IT Security person at my location saying it's impossible to setup a Video Conferencing System on the internal network as there are problems with the RTP protocol where it could exploit the network. Is this the case? If so does anyone know where I can find such data to support the issue as I can't find it, even on AusCERT.org.au? Cheers. [Report message to a moderator]

Squid
Forums Junkie

Location:
Canberra
Registered:
August 2003

Re: Any RTP/Firewall Experts?	Sun, 16 October 2005 22:57

That sounds like a stretch to me, a properly set up firewall should be able to handle that. I know little about video conferencing, but firewalls should be customisable to the point where the software running behind them isn't an issue. If there is a known published exploit search http://www.astalavista.box.sk and you will find details. Edit: PS work IT admins will probably issue a please explain if you hit that site from work! [Updated on: Sun, 16 October 2005 22:58] [Report message to a moderator]

Cool1
Forums Junkie

I supported Toymods
Banned User

Location:
Brisbane
Registered:
May 2002

Re: Any RTP/Firewall Experts?	Sun, 16 October 2005 23:29

If video conferencing is to be used behind a secure firewall you shouldnt have to touch the firewall settings at all. All decent video conferencing software should allow you to setup ssh tunneling. [Report message to a moderator]

thechuckster
Forums Junkie

Location:
Brisbane
Registered:
February 2003

Re: Any RTP/Firewall Experts?

Mon, 17 October 2005 03:31

ZZT231 wrote on Sun, 16 October 2005 22:11

I'm trying to write up a research paper in regards to Video conferencing and I was blown out of the water by the IT Security person at my location saying it's impossible to setup a Video Conferencing System on the internal network as there are problems with the RTP protocol where it could exploit the network.

your IT guys have probably said that in fear of the network being swamped by video traffic.

Our early attempts at video-networking from 3 locations was killed off by our ITS because of lame bandwidth arguments.

you could make a hole by setting up an SSH tunnel from internal to an external IP - but the traffic over the internet inside that tunnel would be encrypted, hence any network risks will be at the terminating points only. However, a properly designed LAN should not allow internally-birthed exploits to propagate anyway.

I think your IT security person is grasping at bullshit-coated straws.

Ask them "what particular RTP exploit are they reffering to?" and "is that exploit linked to an application or an non-platform-specific implemention of a particular protocol?".

Apple's iSight video cam and assocaited software (iChat and others) support secure connections over the internet - try comparing the protocols it uses and then search CERT for known holes/exploits of the same.

[Report message to a moderator]

ZZT231
Forums Junkie

I Supported Toymods

Location:
melbourne.vic.au
Registered:
May 2002

Re: Any RTP/Firewall Experts?

Mon, 17 October 2005 06:39

Um... It's interesting you state the bandwith problems. We upgraded our network infrustructure to 100baseT Switches, the details are unknown to me as I no longer have prevy to the information, I know that we run a microwave link between each location with a fair bit of of bandwith so that is not the issue.

I think they are certainly paranoid about the security.

Currently no video conferencing is done from outside the work place in nor in to the outside world. It's frustrating when there is not enough information in regards to it. What they are afraid is the ability to do something with SIP and RTP protocols. I'm trying to find out more information but I'm cluting at so many little straws that there isn't enough to make a big one.

From the IT but has been paraphrased for liablity

...I got a feeling enabling it for the entire workplace would open the organisation to potential attacks from some crafted SIP or H.323 packets

Looking at some desktop solutions for the internal network to achieve full frame rate etc... Polycom PVX looks decent though haven't had time to go further and see what it can really do as we currently go the Polycom VSX 7000 sitting in a location collecting dust.

Thanks for the help.
Cheers.

[Updated on: Mon, 17 October 2005 06:41]

[Report message to a moderator]

thechuckster
Forums Junkie

Location:
Brisbane
Registered:
February 2003

Re: Any RTP/Firewall Experts?

Mon, 17 October 2005 07:35

From the IT but has been paraphrased for liablity

...I got a feeling enabling it for the entire workplace would open the organisation to potential attacks from some crafted SIP or H.323 packets

this is just a neater way of saying "I vaguely recall reading a slashdot story about using video conferencing to attack a ...".

If they know where the traffic's coming from, who it's going to, then you should be able to impliment some kind of authenticated (not just 'trusted') access.

Sure it's a sane approach to network security (deny everything, allow what you know) but that doesn't preclude learning.

This simple search found a number of references to the exploit - but it seems to be a DoS attack, not door opener.

[Report message to a moderator]

Previous Topic:	Computer Question
Next Topic:	school pranks

-=] Back to Top [=-

Current Time: Fri Jan 3 09:07:49 UTC 2025

Total time taken to generate the page: 0.0082769393920898 seconds

.:: Contact :: Home ::.