Library items tagged: Videoconferencing

Anonymous
This checklist is intended as a guide for site administrators. It may not be an exhaustive list of issues (this will vary depending on the site security policy, for example), but should be of assistance as a starting point. Task Note Plan deployment topology for H.323 equipment.
Anonymous
[CONVERY] Hacking Layer 2: Fun with Ethernet Switches, S. Convery, 2002,http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switche...[DPA98] The Data Protection Act 1998, ISBN 0 10 542998 8,http://www.hmso.gov.uk/acts/acts1998/19980029.htm[ECSFW] The Use of Firewalls in an Academic Environment (under revision),
Anonymous
This document has presented a discussion of the security issues involved with deploying a site H.323 videoconferencing service. While many sites may see their H.323 videoconferencing facilities function perfectly well without giving much, if any, consideration to security, security is invariably only as good as the weakest link.
Anonymous
In this section we list security-related issues to consider when deploying an H.323 service, in particular when joining the JANET H.323 service, using a studio system on the local campus. Using Janet Videoconferencing In the context of Janet Videoconferencing, that service will be responsible for:
Anonymous
H.320 (ISDN) videoconferencing users have been accustomed to assuming that videoconference sessions are private, thanks to the point-to-point circuit-switched nature of their ISDN calls. The ISDN network is not so readily accessible to the public, and thus not as liable to be snooped.
Anonymous
It is theoretically possible that in an H.323 conference an ‘outsider’ could snoop the session, recording or relaying an apparently private conference (by inspecting data in transit) or that a snooper is able to silently join a conference (by connecting to an MCU). For an attacker, gathering data ‘on the wire’ is safer as it reduces the chance of detection and being later traced.
Anonymous
The security of H.323 devices falls into four broad categories:
Anonymous
The acquisition, set up and deployment of an H.323 videoconferencing studio is outside of the scope of this guide; such information is available from VTAS. However, there are security considerations to be made in the deployment. In the simplest case, the site will be deploying a single, fixed-location studio-based H.323 system, to be used by university or college members who wish to participate in videoconferences with people at other JANET-connected sites. Topology considerations The main site considerations include:
Anonymous
There are many aspects to the security of H.323 videoconferencing systems. Some of these are shared with H.320 ISDN-based systems, e.g. the physical security of the equipment itself. The greater focus with IP-based systems lies in the ability for attackers to ‘snoop’ the conferencing data in transit, or to attack the H.323 components themselves over the Internet, leading to a loss of service or other undesirable consequences.
Anonymous
When considering the security of an H.323 conferencing system, it is important to place concerns over that security into perspective.