The Ethical Hacker Network - [Article]-Help RichM Secure Enterprise IM

don

Editor-In-Chief
Administrator
Hero Member

Online

Posts: 4168

Editor-In-Chief

[Article]-Help RichM Secure Enterprise IM

« on: January 30, 2007, 11:58:33 PM »

[Article]-Help RichM Secure Enterprise IM

Quote

Chat is pervasive throughout our enterprise. Its use is an integral part of how most businesses get work done. It is understandable considering how much faster it is than talking on the phone or even sending an email. The ability to exchange information in real-time, cutting right to the chase, is what makes instant messaging (IM) so enticing to corporate society. The problem is that users are just as susceptible if not more so to malicious attacks, since they have not been educated as to the dangers that IM can bring. This is why I chose to eliminate my dependence on outside entities for my organizations internal chatting needs.

Each month, I do my best to find an interesting topic to focus on or a new project that I can share. I sought out a way that could eliminate third party chat clients, namely AOL Instant Messenger (AIM) and outside servers that are not in our control. I also sought to do this all while making the project cost effective and more secure. That was the intent, anyhow, but sadly I fell short. And this is where I need your help.

This month, member feedback is even more crucial as we try to help RichM on his quest for secure, cost effective corporate IM.

Don


	Logged

CISSP, MCSE, CSTA, Security+ SME

slimjim100

EH-Net Columnist
Sr. Member

Offline

Posts: 385

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #1 on: January 31, 2007, 07:15:51 AM »

RichM,

I am not sure if you even want to look at this... But my company uses Microsoft Office Communicator 2005. The cost is not the cheapest but I think it works out to be like $800 for the server and $30 per client. It is basically the MSN messenger client made a little custom to work on your own servers so you have full control over it. Another tool we use is called "Groove Virtual Office" www.groove.net the Groove program is really nice and lets you share work spaces in to little or big groups where you can post calendars, notes, files, and much more. It also has Chat, Messaging, & IM built in. I know you are probably looking for free or open source programs but I did want to let you know what my company uses just in case you found some magic funding some where.

Brian


	Logged

CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP

RichM

EH-Net Columnist
Newbie

Offline

Posts: 49

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #2 on: January 31, 2007, 08:05:54 AM »

Brian,

I appreciate your post and the technology sounds interesting, but unfortunately we have no budget for IT, let alone information security. I will keep this in mind in case I do find that magic funding well this, or a security course in HI


	Logged

don

Editor-In-Chief
Administrator
Hero Member

Online

Posts: 4168

Editor-In-Chief

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #3 on: January 31, 2007, 11:42:15 AM »

Submitted to digg:

http://www.digg.com/security/Help_RichM_Secure_Enterprise_IM

BTW - Here's a link to AIM Enterprise Partners. This may help you get your research going in more directions.

Don


« Last Edit: January 31, 2007, 12:26:13 PM by don »	Logged

CISSP, MCSE, CSTA, Security+ SME

slimjim100

EH-Net Columnist
Sr. Member

Offline

Posts: 385

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #4 on: January 31, 2007, 01:30:25 PM »

Dugg!


	Logged

CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP

LSOChris

Guest

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #5 on: January 31, 2007, 10:08:53 PM »

if all the chat is internal how about running a silc server?


	Logged

RichM

EH-Net Columnist
Newbie

Offline

Posts: 49

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #6 on: February 01, 2007, 10:43:22 AM »

ChrisG,

I think that silc is great and I did consider it, but I am hesitant to give my users the ability to stream video and take up that much bandwidth. I am definitely interested in it, but considering how much info. is spread out (in various forms), I thought jabber would be a fun project that could ramp up to more advanced tools like silc.

If nothing else I could see my internal IT department using a silc server, making the most of various tutorials that are available to our community, some of which are hosted on this site.


	Logged

LSOChris

Guest

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #7 on: February 01, 2007, 02:29:09 PM »

well i only mentioned it for secure IM not really for streaming media


	Logged

Justin

Newbie

Offline

Posts: 1

Re: [Article]-Help RichM Secure Enterprise IM

« Reply #8 on: February 04, 2007, 12:38:57 AM »

I think I have a solution to your problem,there is a plugin for Gaim called Gaim-Encryption,it features:

Automatically creates a public/private key pair for you upon loading the plugin.

Automatically transmits your public key to other users.

Supports 512 - 4096 bit keys.

Saves keys of known users, and warns you if their public key has changed.Embeds all encryption and keys inside HTML, so if the other user doesn't have the plugin, they will get a little message telling them about the plugin, and won't get a screen full of garbage.

Stores keys in human readable files in your .gaim directory, in case you ever need to copy/edit them by hand.

Modular and extensible. If you want to define a different type of encryption, you can use this plugin as a wrapper to take care of transporting the encrypted binary over the IM pipe.

It supports installation through:Linux on iPAQ,
Ubuntu,Debian,Gentoo,Mandriva,Fedora,CVS and Source.

Hope this works for you,
Justin.


	Logged

Pages: [1] Go Up

« previous next »