Home page logo
/

basics logo Security Basics mailing list archives

RE: Survey: Chat and IM
From: ChristopherShorter () westfieldgrp com
Date: Wed, 27 Nov 2002 08:29:41 -0500


We've implemented Lotus Notes "Sametime".  Lotus Notes itself encrypts
messages and Sametime (Lotus' version of  IM and Net meeting combined)
conducts an encrypted session. We're actually conducting desktop video /
meetings with this product also.


                                                                                                                   
                    "Robinson,                                                                                     
                    Sonja"               To:     'tony toni' <tony572001 () hotmail com>,                             
                    <SRobinson () HIP        "'security-basics () securityfocus com'"                                   
 
                    USA.com>              <security-basics () securityfocus com>                                      
                                         cc:                                                                       
                    11/26/2002           Subject:     RE: Survey: Chat and IM                                      
                    11:00 AM                                                                                       
                                                                                                                   
                                                                                                                   




Absolutely not.  Any Internet based IM goes out of your network nd across
the Internet.  BAD, BAD, BAD.  Now, there are some NEW products that allow
for INTERNAL IM, AOL, Honey-something I think and MS to name a few. This we
are investigating.  Also, it allows for a direct connection betrween the
two
PC's so there are some other tunneling issues, FTP allowed, etc that are
problems since it cicumvents the firewall.

Just because something is common place does NOT mean it is the wise thing
to
do.

-----Original Message-----
From: tony toni [mailto:tony572001 () hotmail com]
Sent: Thursday, November 21, 2002 4:03 PM
To: security-basics () securityfocus com
Subject: Survey: Chat and IM



Hi,

We currently are allowing web based chat and instant
messaging.  I know that
there are lots of security issues involved with its usage.
The IT folks are
telling me that it is a common practice in the industry.  I
have a hard time
believing this and this is one battle I would like to take on.

QUESTION:  DOES YOUR COMPANY ALLOW WEB BASED CHAT AND INSTANT
MESSAGING?  If
this was a battle you fought, could you please give me some
ideas on how you
won the battle.  Any good articles/white papers that could support my
position?


Toni CISSP, CPA
Security Services
NW Mutural Banking LTD




_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail



**********************************************************************
This message is a PRIVILEGED AND CONFIDENTIAL communication, and is
intended only for the individual(s) named herein or others specifically
authorized to receive the communication. If you are not the intended
recipient, you are hereby notified that any dissemination, distribution or
copying of this communication is strictly prohibited. If you have received
this communication in error, please notify the sender of the error
immediately, do not read or use the communication in any manner, destroy
all copies, and delete it from your system if the communication was sent
via email.




**********************************************************************






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]