Security Basics mailing list archives
Re: ICQ Corporate Security Risks
From: Michael Gale <michael.gale () bluesuperman com>
Date: Mon, 14 Mar 2005 18:55:24 -0700
Hello,Why not switch to a Jabber server, use a client that supports only client to server communication and then restrict connections to SSL / TLS only.
That would solve all your problems plus allowing you to log all conversations.
Plus it is free :) Michael. Andrew Aris wrote:
Hi guys, Just looking for a quick sort of straw poll really, my company runs an internal ICQ corporate server for internal IM and we occasionally have people who are out on the road who need to communicate with people back at the office, the current method is to VPN in to the XP Pro box that hosts the ICQ and connect to it that way, however the drawbacks of this are that a) only one person can do it at any one time b) sending ICQ messages is clunky as you have to wait for the direct connection attempt to time out and then "send through server". The proposed solution is to open the ICQ port on the firewall and then port forward to the appropriate machine thus solving both the problems. My question is how great a security risk do people think this would be? cheers, Andrew
Current thread:
- RE: Any remote client - without fixed IP, (continued)
- RE: Any remote client - without fixed IP Ryan Kubiak (Mar 16)
- Re: Any remote client - without fixed IP Kieran Combes (Mar 16)
- Re: Any remote client - without fixed IP Raoul Armfield (Mar 16)
- Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
- Re: Any remote client - without fixed IP Vinay Patel (Mar 16)
- RE: Any remote client - without fixed IP Burton Strauss (Mar 16)
- Re: Any remote client - without fixed IP André Gil (Mar 16)
- IUSR issue after patch hartmann (Mar 17)
- RE: IUSR issue after patch dave kleiman (Mar 17)