Re: In regards to the insecurity of AOL Instant Messenger

[H C <keydet89 () yahoo com>]

Any sniffer would pick them up.  In fact, I'd
recommend using Ethereal, and after an extended
capture, simply click on any one of the packets
included in the IM session communication and use the
stream reassembly functionality...boom, you've got the
whole conversation.

> > Now my question, is how secure are normal "ims" on
> AIM. How difficult =
> > would it be to listen to anothers msgs and if at
> all possible, how could =
> > this be fixed.=20
>
>        "msgsnarf  records  selected messages from
> AOL Instant Mes-
>        senger, ICQ 2000, IRC, MSN Messenger, or 
> Yahoo  Messenger
>        chat sessions." (msgsnarf(8) manpage)
>
> AFAIK, none of the above protocols are usually
> encrypted. dsniff
(http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz)
> can pick them up.



__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com