Possibility of IM worms

[muert0]

I found this article today and I could see a worm that travels through instant messengers a problem for a lot of you guys who run big networks. I was just wondering what some of your thoughts are about how big of an impact this could be. Someone also told me they saw a firewall in the store made just for IM programs. Do any of you see that as a coming necessity?
http://www.internetweek.com/breaking...cleID=22101033

[moxnix]

It all comes back to the same thing. Educateing/training users to actually use common sense when using email/IM's.

If they don't open unknown, unexpected, attachments, and don't click on just any old link provided, then you don't have a problem.

If they do, then you will be spending massive time cleaning up after them.

[nihil]

Muerto,

I guess we have to look at the possibilities of stuff coming from cellphones and palmtop devices. These are outside the perimeter?

Hey, laptops are bad enough, aren't they?.............they get taken outside the razor wire.......

P2P is probably the biggest problem, and yes, that can include IM facilities. Yes there is AV software for P2P/IM (PC and hand held based) and it is free for private use from some suppliers. I have some commercial stuff from McAfee I got a couple of years back.

The main problem has to be attachments, as that is where you would hide a malicious executable? so it is just like e-mail. AFAIK, the actual body of cellphone IMs is still quite restricted?

As hand held devices become "intelligent" enough, I think that we will just see them as another vector in the distribution of malware...............

I have one cautionary note..................as I live in sticksville, I meet a lot of people who are not that technological...............they don't have a computer........(no I am not joking, I only just celebrated the first anniversary of getting broadband ) so they have no idea?

That brings in a whole new category of (l)users, as many of them do have cellphones?

just a thought, and several fears?

[FlamingRain]

Too late, the things already exist. Inside of AOL (through the use of the infamous URIs), people would unknowingly send messages like: "Hey, would you like some free porn? Click here." When someone clicked on the link, it would (through something in AOL, i don't know the specifics) cause that person to begin sending the same types of messages. I don't know how far the thing made it. I'll do some research later and check up on it, so I have more than just speculation here but I'm pretty sure this thing has already been accomplished, it just isn't mainstream.

[Cope57]

Originally posted here by FlamingRain
Too late, the things already exist. Inside of AOL (through the use of the infamous URIs), people would unknowingly send messages like: "Hey, would you like some free porn? Click here.

Hey! Your link does not work! LOL j/k... hehe

[Soda_Popinsky]

They exist, and I've had to fix them :/

http://enterprisesecurity.symantec.c...eid=3739&EID=0

This virus sends a message to everyone on your buddy list, with the message, "Check this out" or something of that nature. Really embarrasing if you have someone on your buddy list that you don't necessarily like.

[nihil]

Soda,

Please do something about your avatar and bring the smile back.............England beat Croatia 4-2 at soccer..............mind you, fair play to the Croatians, they scored 2 against both England and France......if they could only have stuffed the Swiss?............they would have qualified for the next round.

Cope57.............you obviously do not have IE 9.7 pr0n enhanced version............please update immediately, or you will miss out on all the pop-up ads

Sorry folks, a hard one to take seriously

Cheers

[Soda_Popinsky]

weird... I change my avatar and I get pm's from freaked out people!

too scary? I dunno...

anywhooo

Time to turn that from upside down!!

[Palemoon]

Perhaps it is just my network and those related to the industry for the most part do not allow the public IM programs inside the firewall nor allow them to talk to the outside. Yes we all use IM only they are private servers with specific clients designed for the purpose at hand. Internally people have access to IM that is served up by the company IT (Me they can whiteboard , voice or text chat most just get up form their desks and like the human contact. When the services are offered to an outside client they must download a speical client configured just form them and the outside ports and server services are active only during an active scheduled meeting. Yahoo, AOL have pulled out the plug and will no longer support Enterprise IM within corps. M$ had their Netmeeting thing and it's high licensing fees but there are much better open source things out there I use and most others. In the public domain I'd stick with an IM called Jabber while I do still own a 5 digit ICQ number I cannot remember it and gave it u when AOL bought them. So in the real world as I know it no one uses these public servers or MSN, Yahoo, AOL clients nor allow them to be run.

[michael737n]

In all honesty this could eventually become a real threat but i dont see how the special firewall will help because a firewall will ony let pas what you tell it to. if someone gives u an im link or download to a worm and you dont know you let it thru and you firewall is now useless. but i still dont think it will be a threat for a little while