Security Basics mailing list archives
RE: Survey: Chat and IM
From: Chris Santerre <csanterre () MerchantsOverseas com>
Date: Wed, 27 Nov 2002 10:22:55 -0500
I had kicked around the idea. I wanted to control the IM or chat servers internally and use encryption. I found a few products that do this, however they are quite pricey. The ROI just wasn't there. So I dropped the idea for now and saved headaches for the moment. I didn't find any good GPL product, but I didn't look that hard. I would start by really trying to find out what exactly they want to do, maybe there are alternatives. -----Original Message----- From: LEHMANN, TODD [mailto:TODLEH () SAFECO com] Sent: Tuesday, November 26, 2002 1:07 PM To: 'ONEILL David J'; security-basics () securityfocus com; tony572001 () hotmail com Subject: RE: Survey: Chat and IM Every administrator I have ever met restricts that type of traffic because it is a security risk and for bandwidth reasons. For instance, Yahoo messenger maintains stale connections when the other person goes offline, AIM has several buffer overflow exploits, and ICQ can be spoofed and tunneled through. Todd Lehmann Systems Analyst I VPN Subject Matter Expert -----Original Message----- From: ONEILL David J [mailto:David.J.Oneill () state or us] Sent: Monday, November 25, 2002 1:56 PM To: security-basics () securityfocus com; tony572001 () hotmail com Subject: Re: Survey: Chat and IM Good Luck ... We got shot down in Flames, no matter how we packaged it. David J. O'Neill NEDSS - IS7 Parkway Bldg., 2nd Floor Phone: (503) 378-2101 ext. 364 FAX: (503) 378-2102
tony572001 () hotmail com 11/25/02 01:48PM >>>
Hi, We currently are allowing web based chat and instant messaging. I know that there are lots of security issues involved with its usage. The IT folks are telling me that it is a common practice in the industry. I have a hard time believing this and this is one battle I would like to take on. QUESTION: DOES YOUR COMPANY ALLOW WEB BASED CHAT AND INSTANT MESSAGING? If this was a battle you fought, could you please give me some ideas on how you won the battle. Any good articles/white papers that could support my position? Toni CISSP, CPA Security Services NW Mutural Banking LTD _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- Re: Survey: Chat and IM, (continued)
- Re: Survey: Chat and IM Devdas Bhagat (Nov 26)
- Survey: Chat and IM tony toni (Nov 26)
- Re: Survey: Chat and IM Johannes Ullrich (Nov 26)
- Re: Survey: Chat and IM Jason Yates (Nov 26)
- Re: Survey: Chat and IM Zinger (Nov 27)
- Re: Survey: Chat and IM Sumit Dhar (Nov 28)
- Re: Survey: Chat and IM Chris Berry (Nov 26)
- RE: Survey: Chat and IM Robinson, Sonja (Nov 26)
- RE: Survey: Chat and IM LEHMANN, TODD (Nov 26)
- RE: Survey: Chat and IM ChristopherShorter (Nov 28)
- RE: Survey: Chat and IM Chris Santerre (Nov 28)
- RE: Survey: Chat and IM Kuriscak, Ronald (Nov 28)
- RE: Survey: Chat and IM John Canty (Nov 28)
- RE: Survey: Chat and IM ALBEE,RUSSELL. S FC2 (CV63 CS5) (Nov 29)