Well, since ICQ's main servers could change addresses, or a different,
competing service may arise (I.E. AIM or MSNC or whatever), why not
just block UDP traffic through your firewall?
Its really a much more secure alternative than just trying to block an
ip range.
jeff
(as for whitepapers, a similar question came across Bugtraq and
pointers were given... but you have to understand that the ICQ
protocol at least is very proprietary, and pretty much the only people
who know EVERYTHING it does are Mirabilis' engineers. The bit that has
been fleshed out by the icq-devel list does not inspire confidence,
however)
On Sun, Jan 09, 2000 at 10:53:30PM -0800, Roger Marquis wrote:
> Are there any white papers or policy documents on ICQ (& IRC)? I
> have a client who is concerned that their employees are sending
> proprietary information (in clear text) through AOL's www.icq.com.
>
> By way of policy their website lists only disclaimers and CYAs
> (http://www.icq.com/legal/privacy.html):
>
> Please note that the ICQ Software and its privacy and security
> features, as most Internet applications, are vulnerable to various
> security issues and hence should be considered unsecured. By
> using the ICQ Software and its privacy and security features,
> you may be subject to various risks, including among others:
>
> * Exposure to objectionable material and/or parties, including
> without limitation, contaminated files.
>
> * Unauthorized invasion of your privacy during, or as a result
> of, your or another's use of the system.
>
> * Spoofing, eavesdropping, sniffing, spamming, breaking passwords,
> harassment, fraud, forgery, "imposturing", electronic trespassing,
> tampering, hacking, nuking, system contamination including
> without limitation use of viruses, worms and Trojan horses
> causing unauthorized, damaging or harmful access and/or retrieval
> of information and data on your computer and other forms of
> activity that may even be considered unlawful.
>
> * Unauthorized exposure of information and material you listed
> or sent, on or through the ICQ system, to other users, the
> general public or any other specific entities for which the
> information and material was not intended by you.
>
> Nowhere is there any indication of what data mining or archiving
> AOL might be doing with these chats. In theory this means that
> they can (legally) search for stock tips, corporate strategies,
> developers sharing code, or other "generally assumed to be private"
> content. The only positive statement WRT privacy is buried deep
> in the fine print:
>
> Unless explicitly stated otherwise, the information entered or
> posted, through the Software or through the Web, including without
> limitation, on the ICQ info templates-whitepages and other
> directories, during registration or thereafter, the ICQ message
> boards, as well as status indication and other user's parameters
> that can be found using the Software or the Web ("Public
> Information"), may be available to the public. Public Information
> shall not include information meant to be sent through the ICQ
> network to a specific ICQ User's Software, unless subsequently
> provided to ICQ Inc.
>
> Of course chats can take place between the client computers directly
> however most firewall configurations only allow the data to be sent
> through an ICQ server.
>
> In light of these policies/CYAs is there a business case for
> filtering ICQ IP addresses?
>
> --
> Roger Marquis
> Roble Systems Consulting
> http://www.roble.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
