Security Basics mailing list archives

ICQ Corporate Security Risks

From: "Andrew Aris" <andrew () dev bigfishinternet co uk>
Date: Mon, 14 Mar 2005 10:33:45 -0000

Hi guys,

Just looking for a quick sort of straw poll really, my company runs an
internal ICQ corporate server for internal IM and we occasionally have
people who are out on the road who need to communicate with people back at
the office, the current method is to VPN in to the XP Pro box that hosts the
ICQ and connect to it that way, however the drawbacks of this are that a)
only one person can do it at any one time b) sending ICQ messages is clunky
as you have to wait for the direct connection attempt to time out and then
"send through server". The proposed solution is to open the ICQ port on the
firewall and then port forward to the appropriate machine thus solving both
the problems.

My question is how great a security risk do people think this would be?

cheers,

Andrew

Current thread:

ICQ Corporate Security Risks Andrew Aris (Mar 14)
- Re: ICQ Corporate Security Risks Steve (Mar 14)
  - Any remote client - without fixed IP hartmann (Mar 15)
    - RE: Any remote client - without fixed IP Glenn Pearl (Mar 16)
    - Re: Any remote client - without fixed IP Steven DeFord (Mar 16)
    - RE: Any remote client - without fixed IP Ryan Kubiak (Mar 16)
    - Re: Any remote client - without fixed IP Kieran Combes (Mar 16)
    - Re: Any remote client - without fixed IP Raoul Armfield (Mar 16)
    - Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
    - Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
    - RE: Any remote client - without fixed IP Burton Strauss (Mar 16)

(Thread continues...)