Re: In regards to the insecurity of AOL Instant Messenger

["Alex Lambert" <alambert () webmaster com>]

> Now my question, is how secure are normal "ims" on AIM. How difficult =
> would it be to listen to anothers msgs and if at all possible, how could =
> this be fixed.=20

       "msgsnarf  records  selected messages from AOL Instant Mes-
       senger, ICQ 2000, IRC, MSN Messenger, or  Yahoo  Messenger
       chat sessions." (msgsnarf(8) manpage)

AFAIK, none of the above protocols are usually encrypted. dsniff
(http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz) can pick them up.



apl
----- Original Message -----
From: "Adam Carr" <itsacarr () adelphia net>
To: <vuln-dev () lists securityfocus com>
Sent: Monday, August 05, 2002 5:58 PM
Subject: In regards to the insecurity of AOL Instant Messenger


> After seeing the recent emails about the hide windows while away =
> function while I don't quite understand that as a security threat this =
> does remind me of other insecurities of AIM and some questions I had as =
> well.
>
> The first threat to AIM users that I am aware of and have tested myself =
> is under Direct Connects with another user. With a targets ip, it is not =
> difficult at all to intercept the dcc's messages and to input your own. =
> Quite frightening. A simple fix is to change the port which AIM direct =
> connects on. Seeing as how my explanations are not that great I invite =
> anyone else who is aware of this to explain that flaw in AIM.
>
> Now my question, is how secure are normal "ims" on AIM. How difficult =
> would it be to listen to anothers msgs and if at all possible, how could =
> this be fixed.=20
>
> I know AIM has\had it's share of other vulnerabilities so please speak =
> up if you know of any. Thanks ...
>
> Cheers ...
> Adam