Firewalls: RE: Security Risks with Real Audio?

Firewalls
(November 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Security Risks with Real Audio?
From:	C Matthew Curtin <cmcurtin @ research . megasoft . com>
Date:	Sun, 10 Nov 1996 07:53:49 -0500
To:	"Hicks, Rick" <RHicks @ hussmann . com>
Cc:	"'Firewalls List'" <firewalls @ GreatCircle . COM>
In-reply-to:	<199611081516 . JAA24641 @ gate . hussmann . com>
References:	<199611081516 . JAA24641 @ gate . hussmann . com>
Reply-to:	cmcurtin @ research . megasoft . com

>>>>> "Rick" == Hicks, Rick <RHicks @
 hussmann .
 com> writes:

Rick> It appears to me, and someone correct me if I'm wrong, that when
Rick> in TCP only mode the player buffers packets and plays them from
Rick> the buffer (or does it do this in any mode?). 

Yes, this is correct. (It does it that way for both UDP and TCP
modes.)

Rick> This would allow
Rick> a number of dropped or damaged packets before any audio
Rick> degradation is heard.  This of course introduces a little
Rick> latency, but in my opinion its acceptable compared to opening up
Rick> UDP ports.

Even in UDP mode there is latency (since it's grabbing some stuff to
buffer before actually playing). TCP-only isn't a *bad* option, just
be aware that it isn't as good an option as UDP (from the perspective
of the right tool for the job... guaranteed packet delivery, for
example, is an unnecessary feature for a streaming audio (or video)
application.) UDP is more difficult to filter, and can't be filtered
with the same granularity that TCP can. So, if you're in a paranoid
environment, passing UDP through your firewall might be necessarily
not allowed, in order to allow proper enforcement of your security
policy.

(The difference in sound between the TCP and UDP modes is most evident
when you're grabbing something from a faraway place, or are happing
through MAE-East on a bad hair day, and dealing with like 5-8% packet
loss. Not a big deal with UDP, but you'll get the pauses I mentioned
earlier with fairly regular intervals...)

Rick> As far as I know, the (free) Real Audio proxy from Progressive
Rick> Networks only proxies TCP.  The UDP argument is moot when using
Rick> this.

The proxy from PN will pass UDP, as well.

Rick> This sounds great, but my definition of 'safe' is obviously
Rick> different from yours. 

Hence, the reason (are all of you IS types reading this?) for
site-specific security policies, and firewalls that implement that
security policy.

-- 
Matt Curtin  cmcurtin @
 research .
 megasoft .
 com  Megasoft, Inc   Chief Scientist
http://www.research.megasoft.com/people/cmcurtin/   I speak only for myself.
Hacker Security Firewall Crypto PGP Privacy Unix Perl Java Internet Intranet

References:

RE: Security Risks with Real Audio?
From: "Hicks, Rick" <RHicks @ hussmann . com>

Indexed By Date	Previous:	Protocols with address within data From: Andrew Smith <awsmith @ rip . ops . neosoft . com>
Indexed By Date	Next:	Re: FW-1 and IP Spoofing From: C Matthew Curtin <cmcurtin @ research . megasoft . com>
Indexed By Thread	Previous:	RE: Security Risks with Real Audio? From: "Hicks, Rick" <RHicks @ hussmann . com>
Indexed By Thread	Next:	RE: Security Risks with Real Audio? From: "Security Officer" <Security . Officer @ gateway2000 . com>