HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 28 guests and 1 member online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Columnsarrow RichMarrow [Article]-Help RichM Secure Enterprise IM
Ethical Hacker Community Forums
November 20, 2008, 12:33:08 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Help RichM Secure Enterprise IM  (Read 10959 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 2347


Editor-In-Chief


View Profile WWW
« on: January 30, 2007, 11:58:33 PM »
[Article]-Help RichM Secure Enterprise IM

Quote
Chat is pervasive throughout our enterprise. Its use is an integral part of how most businesses get work done.  It is understandable considering how much faster it is than talking on the phone or even sending an email.  The ability to exchange information in real-time, cutting right to the chase, is what makes instant messaging (IM) so enticing to corporate society.  The problem is that users are just as susceptible if not more so to malicious attacks, since they have not been educated as to the dangers that IM can bring.  This is why I chose to eliminate my dependence on outside entities for my organizations internal chatting needs.

Each month, I do my best to find an interesting topic to focus on or a new project that I can share.  I sought out a way that could eliminate third party chat clients, namely AOL Instant Messenger (AIM) and outside servers that are not in our control. I also sought to do this all while making the project cost effective and more secure.  That was the intent, anyhow, but sadly I fell short.  And this is where I need your help.

This month, member feedback is even more crucial as we try to help RichM on his quest for secure, cost effective corporate IM.

Don
Logged
CISSP, MCSE, CEH, Security+ SME
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 363



View Profile WWW
« Reply #1 on: January 31, 2007, 07:15:51 AM »
RichM,

   I am not sure if you even want to look at this... But my company uses Microsoft Office Communicator 2005. The cost is not the cheapest but I think it works out to be like $800 for the server and $30 per client. It is basically the MSN messenger client made a little custom to work on your own servers so you have full control over it. Another tool we use is called "Groove Virtual Office" www.groove.net the Groove program is really nice and lets you share work spaces in to little or big groups where you can post calendars, notes, files, and much more. It also has Chat, Messaging, & IM built in. I know you are probably looking for free or open source programs but I did want to let you know what my company uses just in case you found some magic funding some where.

Brian
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
RichM
EH-Net Columnist
Newbie
*****
Offline Offline

Posts: 49


View Profile
« Reply #2 on: January 31, 2007, 08:05:54 AM »
Brian,

I appreciate your post and the technology sounds interesting, but unfortunately we have no budget for IT, let alone information security. I will keep this in mind in case I do find that magic funding well this, or a security course in HI Smiley
Logged
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 2347


Editor-In-Chief


View Profile WWW
« Reply #3 on: January 31, 2007, 11:42:15 AM »
Submitted to digg:

http://www.digg.com/security/Help_RichM_Secure_Enterprise_IM

BTW - Here's a link to AIM Enterprise Partners. This may help you get your research going in more directions.

Don
« Last Edit: January 31, 2007, 12:26:13 PM by don » Logged
CISSP, MCSE, CEH, Security+ SME
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 363



View Profile WWW
« Reply #4 on: January 31, 2007, 01:30:25 PM »
Dugg! 
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
ChrisG
EH-Net Columnist
Hero Member
*****
Offline Offline

Posts: 1036


View Profile WWW
« Reply #5 on: January 31, 2007, 10:08:53 PM »
if all the chat is internal how about running a silc server?
Logged
...tests i took go here...

http://carnal0wnage.blogspot.com/
RichM
EH-Net Columnist
Newbie
*****
Offline Offline

Posts: 49


View Profile
« Reply #6 on: February 01, 2007, 10:43:22 AM »
ChrisG,

I think that silc is great and I did consider it, but I am hesitant to give my users the ability to stream video and take up that much bandwidth.  I am definitely interested in it, but considering how much info. is spread out (in various forms), I thought jabber would be a fun project that could ramp up to more advanced tools like silc. 

If nothing else I could see my internal IT department using a silc server, making the most of various tutorials that are available to our community, some of which are hosted on this site.
Logged
ChrisG
EH-Net Columnist
Hero Member
*****
Offline Offline

Posts: 1036


View Profile WWW
« Reply #7 on: February 01, 2007, 02:29:09 PM »
well i only mentioned it for secure IM not really for streaming media
Logged
...tests i took go here...

http://carnal0wnage.blogspot.com/
Justin
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #8 on: February 04, 2007, 12:38:57 AM »
I think I have a solution to your problem,there is a plugin for Gaim called Gaim-Encryption,it features:

Automatically creates a public/private key pair for you upon loading the plugin.

Automatically transmits your public key to other users.

Supports 512 - 4096 bit keys.

Saves keys of known users, and warns you if their public key has changed.Embeds all encryption and keys inside HTML, so if the other user doesn't have the plugin, they will get a little message telling them about the plugin, and won't get a screen full of garbage.

Stores keys in human readable files in your .gaim directory, in case you ever need to copy/edit them by hand.

Modular and extensible. If you want to define a different type of encryption, you can use this plugin as a wrapper to take care of transporting the encrypted binary over the IM pipe.

It supports installation through:Linux on iPAQ,
Ubuntu,Debian,Gentoo,Mandriva,Fedora,CVS and Source.

Hope this works for you,
Justin.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.059 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
During the most recent election, I:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.