NetMeeting operates erratically with security enabled. At times, it does not recognize that security has been activated, while other times it instantly asks for a certificate password. Although at NetMeeting startup users are asked to identify themselves to the Application, there is no authentication to verify that they are who they say they are. This permits users to take on someone's identity and act maliciously. Each call participant must have security turned on to be able to participate in a secure call, but there is no way to tell if the participants are fully authenticated or not. Passwords on RDS(remote desktop sharing) are case sensitive, but there are no other password restrictions or requirements. Calls for brute force attacks!!! You have already talked about the FW issues, which is true. Best way to overcome NetMeeting or H.323 problems is through VPN solutions. --Sanjiv -----Original Message----- From: Jeremy Junginger [mailto:jjat_private] Sent: Tuesday, February 18, 2003 2:14 PM To: pen-test Subject: NetMeeting and H.323 Hey guys, I know I'm asking for it by putting this before the group, but that's kind of my intent. Could anyone in here let me know why H.323, and more specifically, netmeeting is a bad idea*? *(Aside from the obvious fact that you have to blow a udp hole from 1024 to 65535 in your firewall in order to accommodate it...heheh...) I would really like to get input from the security professionals on this list. Thank you, and have a great day! -Jeremy ------------------------------------------------------------------------ ---- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. www.securityfocus.com/core ---------------------------------------------------------------------------- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. http://www.securityfocus.com/core
This archive was generated by hypermail 2b30 : Wed Feb 19 2003 - 15:30:32 PST