Penetration Testing mailing list archives
RE: Instant messenger's
From: "Desai, Dipen" <ddesai1 () ipolicynetworks com>
Date: Wed, 27 Jul 2005 18:44:33 -0700
That's an interesting point. There has been a significant increase in the number of malware using well-known IM clients like AIM and MSN Instant messenger to spread across the internet. However, it really depends on the individual malware program as to what kind of code it carries with it, whether it looks to exploit the actual client application or the inherent protocol being used by the messenger service. For e.g. there have been some worms that spread by using MSN Instant messenger's File transfer service, in which they send a copy of itself to the online contacts found on the victim's MSN list. In the older versions of MSN Messenger a simple MSN FTP protocol was being used however now a more secured P2P protocol with Base64 encoding is being used for File transfer. Still the worms are exploiting the File transfer service to spread across the internet. And yes as pointed out by many others that even GAIM will have flaws, but I am sure number of malwares written to exploit the flaws of well-known clients will be much higher. Thanks, Deepen Desai www.ipolicynetworks.com -----Original Message----- From: Chris Griffin [mailto:cgriffin () dcmindiana com] Sent: Wednesday, July 13, 2005 8:05 AM To: pen-test () securityfocus com Subject: Instant messenger's Hey List. I figure this list could be best for this question, since I'd think the pen testers would be more up to date on spreading vulns. With all the IM flaws out there, does it more than not, stem from the protocol? or the actual client? My main point being, is using GAIM (or any other all in one for that matter) for msn, yahoo, aim chats more secure than the "name brand" clients? Thanks! ------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply and destroy all copies of the original message. ------------------------------------------------------------------------ ---
Current thread:
- Instant messenger's Chris Griffin (Jul 13)
- Re: Instant messenger's Steven (Jul 13)
- <Possible follow-ups>
- RE: Instant messenger's Todd Towles (Jul 14)
- RE: Instant messenger's Desai, Dipen (Jul 28)