7.2 Types of Instant Messaging In order for two instant messaging (IM) users to communicate, they must use IM software with similar messaging protocols. AOL created AIM in 1989 and although it has significantly more users than any other IM service, it has repeatedly fought attempts by other vendors to allow interoperability. There has been an ongoing effort to codify a single IM standard, but even that process has broken down into many fractured groups. It is expected that a single Internet protocol will be approved, thereby allowing disparate IM services to communicate with each other. For now, you have to choose which type of IM you want to use. You can select between the following major types: ICQ, IRC, HTML-based, and proprietary offerings. 7.2.1 ICQStarted by Israeli-based Mirabilis LTD in 1997, AOL acquired I Seek You Chat (ICQ) a year later. Its popularity made ICQ second only to AIM. ICQ's home page is located at http://www.icq.com. With ICQ you register yourself with an ICQ server and receive a unique identifier number. You can put in optional identifying information, if you wish. You can find friends and other people that you want to join your chat community. When ICQ runs in the background, you will be constantly alerted when a particular person in your community logs in. You can send messages, play games , transfer files, and even transmit messages to cell phone users. ICQ, like AIM, is geared toward buddy lists and most chats are invitation -only. Although ICQ attracts a fair share of hacking activity, IRC is still the hacker's Instant Message service of choice. 7.2.2 Internet Relay ChatInternet Rely Chat (IRC) is one of the most popular Instant Messaging services and is the original chat of the Internet. Although it started as a BBS text-based chat medium, it has evolved into more than just messaging. You can send and receive files, set up personal file servers, and private chat channels, play games, run external programs, and more. Unlike ICQ and AIM, IRC is inherently public. Most chat channels can be seen by anyone and it takes additional steps to set up a private chat between invited users. Its open nature also opens it as a popular hacker mechanism for malicious mobile code attacks. Sometimes the medium itself is the subject of the attack, other times, it is used as a speedy transport method for spreading Trojans and viruses. 7.2.3 Web ChatsThere are a growing number of web-based chat services that use a browser to work. Some work purely with HTML, others with Java. All you need is a browser and a web chat server to point to. Like Microsoft's VChat, many web chats have 3D-looking environments where you are represented by a graphical icon (like a dolphin ) and you walk into chat rooms to join. ChatWeb ( http://www.chatweb.net ) is one of the more popular web chat systems. HTML-based chat systems are susceptible to the same exploits as covered in Chapter 8 to Chapter 12, and are not covered in this chapter. 7.2.4 Proprietary IM StandardsMany IM protocols are proprietary unto the particular vendor. AOL's Instant Messaging is the best example of a proprietary standard. Only registered customers of AOL or AIM can use AIM. Microsoft and other vendors have made their IM networks able to communicate with AIM users, only to have AOL modify their services to block the unappreciated interactive invasion. It does appear that AOL is experimenting with allowing AIM to operate with the ICQ standard, which it already follows closely anyway. Because AOL is the most popular IM choice, it receives the most hacker attention, but is not as susceptible to malicious mobile code.
|
Team-Fly |
Top |