Taken from
www.securiteam.com/securityreviews/The_risks_of_using_an_AOL.html
AOL client connects to the AOL server at port 5190.
This is usually easy enough for the administrator to
configure the firewall to allow this port
(5190), and the client will work properly. However,
the AOL client establishes an IP tunnel to
the AOL server and creates a VPN between the AOL
network, and the Client's network (with
the assistance of the AOL client of course), this
basically allows complete communication
between the client and the remote server (the AOL
client receives an IP address on the virtual
network, and therefore there is no way the firewall
can limit this communication), and this also
means that the client is now exposed to all kinds of
IP based attacks, such as nukes, access to
personal web servers and ftp servers, and much more,
from anyone on the Internet (All they
have to figure out is the Virtual IP address given
by the AOL server).
The firewall is basically helpless against this,
because this is all going through port 5190 which
was allowed for communication by the administrator.
Joel Gridley
Site Patrol/Firewall Specialist "Be the packet"
GTE Internetworking
Burlington, MA
On Fri, 16 Jul 1999, Riley, Larry wrote:
>
> My security problem for today is if I should allow AOL Instant Messenger to
> be used in my company and allow it thru my firewall. Does anyone know where
> I can find some information about securing this service? Or if this should
> be allow at all?
>
> Thanks
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
