Hi Michal and community Thanks for your answer. I think i understand now, that H.235 defines different authentication methods. If I get it right, SimplePasswordAuth/SQLPasswordAuth/LDAPPasswordAuth/ExternalPasswordAuth are not really secure, since they just encrypt the password to a MD5 hash which is sent over an unsecured channel over the network, means, that everyone that can sniff/grap the MD5 password hash may just use it to authenticate himself on the gatekeeper. Right? All other authentication methods seem not to work for me, since i can't use CAT (devices do not support it) and i have no RADIUS server. Also i can not use PrefixAuth since i have a large potential userbase with dynamic ips, so i can not really limit access (and still the security wouldn't be enough). So, are there any other choices for me? Or did i get something wrong? Thanks a lot for your help! Kind Regards Frank ------------------------------------------------------- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com _______________________________________________________ List: Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
