Great Circle Associates Firewalls
(February 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: RealAudio and firewalls
From: smb @ research . att . com
Date: Tue, 27 Feb 96 16:49:06 EST
To: Firewalls @ GreatCircle . COM
Cc: Kare Presttun <Kare . Presttun @ ansf . alcatel . fr> 
An appropriate firewall can pass RealAudio safely.  More precisely,
it can carry it leaving you exposed only to the risks of the protocol
itself, without the risk of opening up lots of UDP ports.

The trick is to intercept the outgoing call to the server, on TCP 7170.
Proxy that call, transparently, and either relay the UDP to the inside
or temporarily open up just the one port and host.

This does, of course, require knowledge of how the RealAudio protocol
works.  That information is not yet public, so far as I know, but they've
promised to make it available soon.  And I'm pretty sure they'll work
with firewall vendors under non-disclosure agreements.

		--Steve Bellovin
Indexed By Date Previous: Proxy-server for AOL client???
From: Doug Ayen <ayen @ access . digex . net>
Next: What port does NT use for logins?
From: Chris Carlson <carlson @ bah . com>
Indexed By Thread Previous: Re: RealAudio and firewalls
From: pollock @ houston . omnes . net (Don Pollock - Omnes - Engineering)
Next: Los Alamos Scenario
From: Gavin Ferreiro <gavin @ tml . co . za>
Google
 
Search Internet Search www.greatcircle.com