[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lojban] Re: Voice conversations over the net

To: <lojban-list@lojban.org>
Subject: [lojban] Re: Voice conversations over the net
From: Jim Carter <jimc@MATH.UCLA.EDU>
Date: Wed, 2 Oct 2002 10:43:30 -0700 (PDT)
In-reply-to: <20021001194650.J26784@miranda.org>
Reply-to: jimc@math.ucla.edu
Sender: lojban-list-bounce@lojban.org

On Tue, 1 Oct 2002, Jay F Kominek wrote:
> On Tue, Oct 01, 2002 at 09:35:00PM -0400, Invent Yourself wrote:
> > Is there a way to get whatever internet voice protocol was selected past
> > NAT?
>
> If you can run an H.323 gatekeeper on the NAT host, yes...

Being interested, I did a little research, coming up with:

http://www.gnugk.org/h323links.html
OpenH323 Gatekeeper - The GNU Gatekeeper (links page)

http://www.coritel.it/projects/nat/what_is.htm
IP_MASQ_H323 is a Linux masquerading module (NAT) for the support of H.323
based applications. H.323 is an umbrella standard that references many
other ITU-T protocols like H.225 and H.245. The H.323 describes the system,
the call model and call signaling procedures. It is currently implemented
by various Internet real time applications as Microsoft Internet Meeting
(for windows95/98/2000/NT) and Voxilla (for Linux).

Also see: Elizabeth D. Zwicky et al, "Building Internet Firewalls" 2nd ed,
O'Reilly (http://www.oreilly.com/), ISBN 1-56592-871-7, about US$ 45. Juicy
summaries (edited by jimc) from chapter 19, Real-Time Conferencing
Services: Multimedia Protocols.

T.120 and H.323: T.120 will work transparently with NAT.  H.323 requires
a proxy on the firewall.  Because there is no builtin authentication,
if you are concerned about the security of your clients, you would be
better off using a proxy that provides authentication features.  H.323
has almost every characteristic that makes a protocol hard to proxy...

Microsoft NetMeeting is based on T.120 and H.323 but uses some extra
(Microsoft) protocols...  Do not allow NetMeeting across your firewall.

Quoth <ark@eltex.ru> dated 2001-10-04
(http://lists.insecure.org/firewall-wizards/2001/Oct/0012.html):
Isn't it better to move to SIP? h.323 is brain-dead and ugly as hell.
[just quoting, not endorsing, says jimc]

http://www.sipcenter.com/
The best thing since sliced bread :-)  Not much info discovered about what
it actually is.

http://www.packetizer.com/iptel/h323_vs_sip/
An extensive comparison between H.323 and SIP.  SIP is much less well
defined.

A pox on both their houses, says jimc. Given the warnings about security
provided by Zwicky, I am reluctant to put much effort into H.323. SIP
appears to lack a lot of the good features of H.323 (I have no idea about
security tradeoffs, though). I'll be interested to hear from the community
about their experiences with either protocol suite. In particular, any
security problems should be reported.

James F. Carter          Voice 310 825 2897    FAX 310 206 6673
UCLA-Mathnet;  6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA  90095-1555
Email: jimc@math.ucla.edu    http://www.math.ucla.edu/~jimc (q.v. for PGP key)

References:
- [lojban] Re: Voice conversations over the net
  - From: Jay F Kominek <lojban-out@lojban.org>

Prev by Date: [lojban] Re: tu'a zo tordu .e zo cmalu
Next by Date: [lojban] Re: The kind of publicity we have now
Previous by thread: [lojban] Re: Voice conversations over the net
Next by thread: [lojban] tu'a zo tordu .e zo cmalu
Index(es):
- Date
- Thread