|
Security Basics
mailing list archives
RE: ICQ Corporate Security Risks
From: <adisegna () siscocorp com>
Date: Mon, 14 Mar 2005 13:25:13 -0500
I just wanted to introduce some questions:
Are you currently logging all the traffic and conversations? I'm not
familiar with the ICQ server. Can traffic be encrypted? Can you
configure chat only, no URLs or files?
Why not use webmail?
Thanks
AD
Information Technology Group
-----Original Message-----
From: Andrew Aris [mailto:andrew () dev bigfishinternet co uk]
Sent: Monday, March 14, 2005 5:34 AM
To: security-basics () securityfocus com
Subject: ICQ Corporate Security Risks
Hi guys,
Just looking for a quick sort of straw poll really, my company runs an
internal ICQ corporate server for internal IM and we occasionally have
people who are out on the road who need to communicate with people back
at
the office, the current method is to VPN in to the XP Pro box that hosts
the
ICQ and connect to it that way, however the drawbacks of this are that
a)
only one person can do it at any one time b) sending ICQ messages is
clunky
as you have to wait for the direct connection attempt to time out and
then
"send through server". The proposed solution is to open the ICQ port on
the
firewall and then port forward to the appropriate machine thus solving
both
the problems.
My question is how great a security risk do people think this would be?
cheers,
Andrew
 By Date 
By Thread
Current thread:
- Re: Any remote client - without fixed IP, (continued)
Re: ICQ Corporate Security Risks Joseph Forbes (Mar 14)
Re: ICQ Corporate Security Risks Michael Gale (Mar 15)
RE: ICQ Corporate Security Risks adisegna (Mar 14)
|
Intro
