Re: ICQ Spoofing Question (or second dumb question of the day)

["Bluefish (P.Magnusson)" <11a () GMX NET>]

> Mandatory opening statement; I am not sure if this is meant for this list
> but I have feeling it is.  Please flame me in private ;)

A totally none-mandatory statement. If it is completely off topic, the
moderator will bounce it. Anyone flaming posters because they have a
trouble with security related posts in this list has a trouble with the
list, or the moderation, and not really with the poster.

> Is it possible (with any OS, or ICQ Clone) to spoof being a random chatter?

Yes. ICQ is one of the weakest IM protocolls (according to a friend who
has researched ICQ, AIM and Microsfots messenger), and it offers no
security what so ever. Almost everything can be spoofed, easily. The only
'security' feature is couple of obscurities and it is well known among
clone developers how to fake tons of stuff.

The new disclaimers which comes with ICQ more or less spells out that they
never plan to secure the protocoll.

> Again I would be curious if the answer is yes as to what  platform and
> what client (I guess what client is probably only *ix specific.)

Why on earth would this be unix specific? You're entirely wrong,
as an example, icq-spoofing of UINs can be done on any platform.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team