Re: Security on CU-SeeMe

Brian Godette (bgodette@idcomm.com)
Thu, 19 Mar 1998 18:57:32 -0700


At 09:11 PM 3/18/98 -0400, you wrote:
>At 04:45 PM 3/18/98 -0600, Jason Williams wrote:
>>On Mon, 16 Mar 1998, ROBERTO DE PAIVA wrote:
>>> I'd like to get some information about CU-SeeMe security features. Any
>>> site or forum would be helpfull. Information can be with respect to
>>> a different video conferencing systems or MBone tools.
>>
>>There's different types of security...From the transport layer, there's
>>no other protection since it's UDP. From the application layer, you can
>>connect to different Conference IDs for a reflector and also a password
>>per conference if you're connecting to a White Pine reflector/MPCS.
>
> Are you SURE about that? I know there are companies out there that do
>encryption at the transport layer... There's no reason why you couldn't add
>a layer to your TCP/IP stack that encrypts UDP packets as they are put on
>the wire. So long as the reciever had the same software, the data should be
>secure with no knowledge required at the application level. If you had a
>package like that, there's no reason it shouldn't work with the
server/client.
> No promises, mind you... :)
> But basic UDP is unprotected/unencryted, as you mention.
>

I know of using SSH to set up secure TCP links between two hosts (with
compression even <g>), and was something talked about for reasons
unreleated to the encryption side (they were interested in the compressed
streams) in another list I read. However I don't know of anything that
works with UDP besides VPN software, which is basically what you're looking
at when you want encrypted links over the net. Drawback is that it
restricts who can/can't connect (maybe that's the whole idea anyhow).