Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
18
Instant Messaging Instant Messaging Security Flaws Security Flaws By: Shadow404 Southern Poly University
-
Upload
cameron-ray -
Category
Documents
-
view
212 -
download
0
Transcript of Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
Instant Messaging Security Instant Messaging Security FlawsFlaws
By: Shadow404
Southern Poly University
Major Problems With IM Major Problems With IM Messaging SoftwareMessaging Software
1. Messages are sent in clear text.
2. File Transfers
3. Conversation Logs
4. Sender Credentials
5. Profile Listings and User Privacy
6. Passwords
Messages In Clear TextMessages In Clear Text
1. Allows the inexperienced hacker to use a packet sniffer to read conversations.
2. All buddy list updates are sent in clear text.
3. Confidential information could be discussed in clear text.
File TransfersFile Transfers
1. They allow a medium which by is easier to fake a reputable file than over e-mail.
2. Most instant messaging software does not warn the user of the danger of accepting file transfers.
3. Most users will accept and open these files without second thought.
Conversation LogsConversation Logs
1. If a computer is compromised, logs can be obtained which could hold incriminating, sensitive, or harmful information.
2. With some clients, by default, logs are kept without asking if its ok.
3. Logs can be altered and then used as incorrect evidence, convicting someone of something that was not really discussed.
Sender CredentialsSender Credentials
1. How do you know for sure that the person sending the message is really the person you think it is?
2. Man in Middle Attacks.
3. PGP key.
4. Unique User Identification.
Profile Listings and User Profile Listings and User PrivacyPrivacy
1. Many users list everything you’ve ever wanted to know about a person.
2. For example, on AIM, the profile asks for your whole name, address, zip, state and country.
3. So how easy is it to then reverse this information and find out all you wanted to know about someone online?
PasswordsPasswords
1. Stored passwords pose a huge security risks, because the passwords have to be stored somewhere on the machine.
2. Like the clear text example, passwords are sometimes sent in clear text.
3. There is always going to be an inherent risk when passwords are used to gain access to restricted zones.
5 Major Instant Messaging 5 Major Instant Messaging Clients and Some Flaws of Clients and Some Flaws of
Each.Each. Clients that will be discussed:
1. AIM (AOL Instant Messenger)
2. Yahoo Messenger
3. Skype
4. MSN Messenger (Microsoft Network)
5. IRC (Internet Relay Chat)
AIMAIM
1. Messages are sent in clear text.2. Buddy list updates are received in clear
text.3. By default, anyone can see you logon as
well as pull up buddy info on you.4. All conversations have to go through an
AIM central server, which makes the clear text conversations even more vulnerable if
AIM (cont.)AIM (cont.)
4.(cont.) a hackers were able to pull off a successful server side hack, which could leave any user of AIM open to eavesdropping.
5. Buffer overflow issues, redirect to URL to where more malicious code can be downloaded. (http://www.aim.com/help_faq/security/faq.adp?aolp= )
6. Man in the Middle password hack vulnerability.
Yahoo MessengerYahoo Messenger
1. Messages are sent in clear text.
2. Buddy list updates are also sent in clear text.
3. In some versions of the client software, a buffer overrun vulnerability has been reported using an active-x control to download malicious code from a web-site.
(http://www.pcworld.com/news/article/0,aid,113723,00.asp)
SkypeSkype
1. Messages are sent directly to the other party rather than through a server.
2. This is a problem because you IP# number is not hidden from the receiving party.
3. Certain versions of Skype are also vulnerable to buffer overflow problems. (http://www.skype.com/security/ssa-2004-02.htm )
4. Logs are kept by default without asking.
MSN MessengerMSN Messenger
1. Messages sent in clear text.
2. Remote Code Exploitation: http://www.microsoft.com/technet/security/bulletin/MS05-009.mspx
IRCIRC
1. Messages are sent in clear text.2. Many vulnerabilities have been identified.3. Third-party scripts and bots sometimes
have malicious code that runs on a users machine. http://www.irchelp.org/irchelp/security/
4. DCC file transfer security flaws.5. IP address publicly displayed.
What can you do to secure What can you do to secure your system?your system?
1. Keep your software up-to-date.2. Do not talk about anything sensitive (I.e.
Credit card #’s, telephone #’s, financial information, etc) using instant messaging software.
3. Institute a security lockdown or filtering of instant messaging conversations in a business environment.
What can you do to secure What can you do to secure your system? (cont)your system? (cont)
4. Change your passwords regularly.
5. Ensure the person you are talking to is really the person you think it is. (Ask personal questions that only they would know if you suspect an imposter, or call the person in question to verify.)
6. Use a proxy/bnc to mask your IP.
7. Ensure the firewall is up-to-date and working properly.
Credits and ShoutoutsCredits and Shoutouts
Credits: DAD (Joe Klein)
Shout Outs:Hacksonville CrewYak Crew404-2600
Copy of speech can be found at: www.shadow404.com/111
