Security Basics mailing list archives
Re: ICQ Corporate Security Risks
From: Joseph Forbes <jftitan () gmail com>
Date: Mon, 14 Mar 2005 15:29:02 -0600
First thing is to check the current exploit/bug history the version of ICQ server your running. Next step is to see if you can designate a specific port(which more than likely you can assign the server some off the wall port address) This will at least help obscure the presents of the ICQ server, but anyone port scanning, the ICQ server will just identify itself but on another port. What makes this better than just opening the port/door for the ICQ server is at least you have control over the port. Whatever your router is, just forward, or open said port (ie: 6120) change the port settings within the server to accept port 6120, and have all the clients use that port. Those that are on the outside of your network, will all have to be set at the 6120, this shouldn't hurt, because you'll as well be specifying the server as well. The problem would be in the transition stage, where the employee is at one point inside the network, but then leaving (home/remote office) and now some settings have to be changed in order to allow for the remote connection to the ICQ server. This is just a run down of the mill answer, but more than likely the problem is going to be the transition between inside/outside network. try it out. On Mon, 14 Mar 2005 10:33:45 -0000, Andrew Aris <andrew () dev bigfishinternet co uk> wrote:
Hi guys, Just looking for a quick sort of straw poll really, my company runs an internal ICQ corporate server for internal IM and we occasionally have people who are out on the road who need to communicate with people back at the office, the current method is to VPN in to the XP Pro box that hosts the ICQ and connect to it that way, however the drawbacks of this are that a) only one person can do it at any one time b) sending ICQ messages is clunky as you have to wait for the direct connection attempt to time out and then "send through server". The proposed solution is to open the ICQ port on the firewall and then port forward to the appropriate machine thus solving both the problems. My question is how great a security risk do people think this would be? cheers, Andrew
-- Joseph Forbes "Don't Forget to Salt the Fries!" Network Security Administrator SwapNEtwork eXtreme, Inc. jftitan () satx rr com (jftitan () swapnetx com) cell 210.834.3450 fax 775.415.9280
Current thread:
- Re: Any remote client - without fixed IP, (continued)
- Re: Any remote client - without fixed IP Steven DeFord (Mar 16)
- RE: Any remote client - without fixed IP Ryan Kubiak (Mar 16)
- Re: Any remote client - without fixed IP Kieran Combes (Mar 16)
- Re: Any remote client - without fixed IP Raoul Armfield (Mar 16)
- Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
- Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
- RE: Any remote client - without fixed IP Burton Strauss (Mar 16)
- Re: Any remote client - without fixed IP André Gil (Mar 16)
- IUSR issue after patch hartmann (Mar 17)
- RE: IUSR issue after patch dave kleiman (Mar 17)