Vulnerability Development mailing list archives
Re: In regards to the insecurity of AOL Instant Messenger
From: H C <keydet89 () yahoo com>
Date: Tue, 6 Aug 2002 12:11:55 -0700 (PDT)
Any sniffer would pick them up. In fact, I'd recommend using Ethereal, and after an extended capture, simply click on any one of the packets included in the IM session communication and use the stream reassembly functionality...boom, you've got the whole conversation.
Now my question, is how secure are normal "ims" onAIM. How difficult =would it be to listen to anothers msgs and if atall possible, how could =this be fixed.=20"msgsnarf records selected messages from AOL Instant Mes- senger, ICQ 2000, IRC, MSN Messenger, or Yahoo Messenger chat sessions." (msgsnarf(8) manpage) AFAIK, none of the above protocols are usually encrypted. dsniff
(http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz)
can pick them up.
__________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
Current thread:
- In regards to the insecurity of AOL Instant Messenger Adam Carr (Aug 05)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Nick Lange (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger moksha faced (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Bojan Zdrnja (Aug 07)
- Re: In regards to the insecurity of AOL Instant Messenger Nick Lange (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger Alex Lambert (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger H C (Aug 06)
- <Possible follow-ups>
- RE: In regards to the insecurity of AOL Instant Messenger jbarbo1 (Aug 06)
- Re: In regards to the insecurity of AOL Instant Messenger John Scimone (Aug 06)
- In regards to the insecurity of AOL Instant Messenger mike (Aug 06)
- RE: In regards to the insecurity of AOL Instant Messenger Seth Knox (Aug 06)
- RE: In regards to the insecurity of AOL Instant Messenger Jason Barbour (Aug 06)