Solved

Security threat from IM use?

Posted on 2004-04-28
7
334 Views
Last Modified: 2010-04-11
I am trying to get a sense for the security threat my organization's network is exposed to by the use of IM clients such as AIM and Yahoo IM and what I can do about it.  This is a 2 part question:
1) What is the security threat to the network that arises from IM?
2) Are any IM clients available that contain or minimize the risks?

Thanks,

Greg
0
Comment
Question by:gregdaly
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 2

Assisted Solution

by:LeftofCool
LeftofCool earned 200 total points
ID: 10943956
You should check out these two analyses:

Symantec's Analysis (PDF)
http://securityresponse.symantec.com/avcenter/reference/threats.to.instant.messaging.pdf

Security Focus' Analysis (Brief)
http://www.securityfocus.com/infocus/1657



0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 10945146
As the articles state, it's really up to you to decide, every piece of software is a calculated security risk. We are a big Dot Com and we log every conversation, and users are well aware of this. No one has the time to go through them an see what's being said, but we have scripts that alert us to certain key words. We are able to detect and block the encrypted IM's- we do not allow IM file transfers (a very involved process) and we try to keep users on MSN and AIM. While both have been exploited in the past, and may again in the future, we feel the risk is minimal in our structure, as the users are segmented very well away from our critical network's. I'm not sure that any really minmize the risks...
Good links!
-rich
0
 
LVL 3

Author Comment

by:gregdaly
ID: 10945303
Thanks for the comments and for the links to the articles.  Do you have any thoughts on the use of Enterprise versions of AIM or Yahoo IM?  Would they address most or all concerns? Are they worth the cost?
0
Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

 
LVL 2

Expert Comment

by:Phill_upson
ID: 10954105
As mentioned before, everything carries a risk, especially software designed to work over tcp/ip and open up ports.

The most important thing to bear in mind is keeping your IM clients and operating systems patched up to date to minimise the risk.

Do you need your IM clients to access the outside world or just as a communication tool within your organisation?

IRC is a good IM system where users log onto a network (made up of one or multiple interlinked servers) and can join chat rooms with many users, have private conversations and exchange files.  IRC has been in development for years and years and due to the basic nature of the protocol doesn't really have a lot of options for hacking it.  The biggest risks are your users accept files containing virii and run them manually or voluntarily start sending files out containing corporate data, by default, no file transfers are automatic and automating them requires a fair amount of effort.

The most popular irc client for windows is mIRC - www.mirc.co.uk and for linux/windows/apple systems - www.bitchx.org
As for server platforms most run under linux and are free (including source code) - find many linux server apps at www.ibiblio.org

Hope some of this helps
0
 
LVL 7

Expert Comment

by:shahrial
ID: 10954727
You may want to consider IBM Lotus Sametime as a corporate IM solution...
http://www.lotus.com/products/lotussametime.nsf/wdocs/homepage

0
 
LVL 3

Author Comment

by:gregdaly
ID: 10959325
Again, thanks.

The need is primarily for IM with the outside world, and the specific targets all use AIM.  It's a newspaper situation - and some of the story writers increasingly need to keep in contact with their sources of news using IM.

I recognize that we can't turn back the tide - but I have to get some control - logging, monitoring, etc..  That's why I am interested in an enterprise version - but I haven't found anyone who can testify to its value.

Any ideas?
0
 
LVL 2

Accepted Solution

by:
Phill_upson earned 50 total points
ID: 10960213
Alas, I haven't used corporate AIM, however, if its a licensed product that you will be using on a scale of more than 5 users, i'd certainly contact the manufacturer, explain your interest and ask for a trial, if they stand to make some money, not many will say no, added to this their support during your trial will probably be second to none to ensure they get the business, best recommendations always come from testing yourself.

Good luck!!!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month11 days, 11 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question