Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Instant messenger's

From: "Desai, Dipen" <ddesai1 () ipolicynetworks com>
Date: Wed, 27 Jul 2005 18:44:33 -0700
That's an interesting point. There has been a significant increase in
the number of malware using well-known IM clients like AIM and MSN
Instant messenger to spread across the internet. However, it really
depends on the individual malware program as to what kind of code it
carries with it, whether it looks to exploit the actual client
application or the inherent protocol being used by the messenger
service. For e.g. there have been some worms that spread by using MSN
Instant messenger's File transfer service, in which they send a copy of
itself to the online contacts found on the victim's MSN list. In the
older versions of MSN Messenger a simple MSN FTP protocol was being used
however now a more secured P2P protocol with Base64 encoding is being
used for File transfer. Still the worms are exploiting the File transfer
service to spread across the internet.

And yes as pointed out by many others that even GAIM will have flaws,
but I am sure number of malwares written to exploit the flaws of
well-known clients will be much higher.

Thanks,
Deepen Desai
www.ipolicynetworks.com

-----Original Message-----
From: Chris Griffin [mailto:cgriffin () dcmindiana com] 
Sent: Wednesday, July 13, 2005 8:05 AM
To: pen-test () securityfocus com
Subject: Instant messenger's

Hey List.

I figure this list could be best for this question, since I'd think the
pen testers
would be more up to date on spreading vulns.

With all the IM flaws out there, does it more than not, stem from the
protocol?
or the actual client?

My main point being, is using GAIM (or any other all in one for that
matter) for msn, yahoo, aim chats more secure than the "name brand"
clients?


Thanks!






------------------------------------------------------------------------
CONFIDENTIALITY NOTICE:

This e-mail message, including any attachments, is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the
sender by reply and destroy all copies of the original message.
------------------------------------------------------------------------
---
Previous By Date Next
Previous By Thread Next

Current thread: