-
March 1st, 2002, 05:59 PM
#1
Senior Member
IM security holes?
Does anyone know of any IM security holes that could potentially be a thread to a network?
I don't need any flames, yes I have checked google, and I am searching everywhere......I'm just wondering if anyone here remembers any off the top of their head.
Any help would be appreciated
thanks
SlackWare my first, Debian my second....building my box into the ultimate weapon
-
March 1st, 2002, 06:41 PM
#2
Maybe it's just me, but what kind of 'network' are we talking about? (LAN, WAN, NT, Novell)
-
March 1st, 2002, 06:48 PM
#3
Senior Member
WAN,
I am convinced that they are a security issue waiting to happen...I just need something concrete to show my manager before disabling the ports
SlackWare my first, Debian my second....building my box into the ultimate weapon
-
March 1st, 2002, 06:50 PM
#4
Are you talking about a WAN going into a LAN? Like blocking ports of your LAN from being accessed by the WAN?
[gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]
-
March 1st, 2002, 06:54 PM
#5
Need more input
You might want to give a little more info about your setup. Telling us that you have a WAN full of hole is nice, but without specifics you aren't going to get very far.
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson
-
March 1st, 2002, 06:57 PM
#6
Get your hands on something like NMAP. Scan your entry point (hopefully a firewall) for the open ports. Armed with that knowledge, go to Mr Google and do a search for exploits related to those ports. Print that Info. and give it to your manager suggesting, if the open ports are not required to do business, then they should be shutdown because of the risks.
DjM
-
March 1st, 2002, 07:03 PM
#7
k41d3r07h> Make sure you specify IM security holes in your message also. I normally don't look back at the subject to remember what I am reading about. Looking at your message made it look like you were just asking for any security holes, not IM related holes.
What IM are you using. There are holes in just about all of them, but they do get patched quite often. Also, an improperly configured client, or a user that is easy to social engineer, can cause even bigger holes within your network.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
March 1st, 2002, 07:10 PM
#8
Senior Member
I see your point souleman...I just noticed my first message and didn't mention security holes in IMs specifically...........I will edit that
I'm actually looking at all of them.
I know people are using ICQ, AIM and M$Messenger.
I know of many holes that come out....but I need good REASON to disallow their use.
As in, "Hello Manager, These programs are a threat to xxxxx corp. because of yyyyy. Hence I think we should discontinue the staff's ability to use such programs"
SlackWare my first, Debian my second....building my box into the ultimate weapon
-
March 1st, 2002, 07:17 PM
#9
Find out if your HR department gets "Best Practices in HR" Issue 705 (Jan. 3,2001) issue has am article about why you shouldn't use IM in a business. IT doesn't go into a lot of details, but it does talk about Privacy risks, Information risks, and Virus risks. It includes things like the fact that getting a file via IM doesn't go through a virus checker, so unless it is exlicitly checked, the user may install a virus before (s)he knows what hit them.
\"Ignorance is bliss....
but only for your enemy\"
-- souleman
-
March 1st, 2002, 07:28 PM
#10
Sorry man, I too didn't know you were talking about Instant Messaging systems. These days, these systems are very popular for spreading a bunch of nasty Viruses and Trojan's. If your Manager/Company is not concerned about these risks, they should be.
DjM
In addition, here are a couple of links you may want your manager to checkout:
Number 1
Number 2
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|