Home page logo
/

basics logo Security Basics mailing list archives

RE: Survey: Chat and IM
From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Tue, 26 Nov 2002 11:00:32 -0500

Absolutely not.  Any Internet based IM goes out of your network nd across
the Internet.  BAD, BAD, BAD.  Now, there are some NEW products that allow
for INTERNAL IM, AOL, Honey-something I think and MS to name a few. This we
are investigating.  Also, it allows for a direct connection betrween the two
PC's so there are some other tunneling issues, FTP allowed, etc that are
problems since it cicumvents the firewall.

Just because something is common place does NOT mean it is the wise thing to
do.

-----Original Message-----
From: tony toni [mailto:tony572001 () hotmail com] 
Sent: Thursday, November 21, 2002 4:03 PM
To: security-basics () securityfocus com
Subject: Survey: Chat and IM



Hi,

We currently are allowing web based chat and instant 
messaging.  I know that 
there are lots of security issues involved with its usage.  
The IT folks are 
telling me that it is a common practice in the industry.  I 
have a hard time 
believing this and this is one battle I would like to take on.

QUESTION:  DOES YOUR COMPANY ALLOW WEB BASED CHAT AND INSTANT 
MESSAGING?  If 
this was a battle you fought, could you please give me some 
ideas on how you 
won the battle.  Any good articles/white papers that could support my 
position?


Toni CISSP, CPA
Security Services
NW Mutural Banking LTD




_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail



**********************************************************************
This message is a PRIVILEGED AND CONFIDENTIAL communication, and is intended only for the individual(s) named herein or 
others specifically authorized to receive the communication. If you are not the intended recipient, you are hereby 
notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have 
received this communication in error, please notify the sender of the error immediately, do not read or use the 
communication in any manner, destroy all copies, and delete it from your system if the communication was sent via 
email. 




**********************************************************************


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]