7.2 Types of Instant Messaging

Team-Fly    

 
Malicious Mobile Code: Virus Protection for Windows
By Roger A. Grimes
Slots : 1
Table of Contents
Chapter 7.  Instant Messaging Attacks

7.2 Types of Instant Messaging

In order for two instant messaging (IM) users to communicate, they must use IM software with similar messaging protocols. AOL created AIM in 1989 and although it has significantly more users than any other IM service, it has repeatedly fought attempts by other vendors to allow interoperability. There has been an ongoing effort to codify a single IM standard, but even that process has broken down into many fractured groups. It is expected that a single Internet protocol will be approved, thereby allowing disparate IM services to communicate with each other. For now, you have to choose which type of IM you want to use. You can select between the following major types: ICQ, IRC, HTML-based, and proprietary offerings.

7.2.1 ICQ

Started by Israeli-based Mirabilis LTD in 1997, AOL acquired I Seek You Chat (ICQ) a year later. Its popularity made ICQ second only to AIM. ICQ's home page is located at http://www.icq.com. With ICQ you register yourself with an ICQ server and receive a unique identifier number. You can put in optional identifying information, if you wish. You can find friends and other people that you want to join your chat community. When ICQ runs in the background, you will be constantly alerted when a particular person in your community logs in. You can send messages, play games , transfer files, and even transmit messages to cell phone users. ICQ, like AIM, is geared toward buddy lists and most chats are invitation -only. Although ICQ attracts a fair share of hacking activity, IRC is still the hacker's Instant Message service of choice.

7.2.2 Internet Relay Chat

Internet Rely Chat (IRC) is one of the most popular Instant Messaging services and is the original chat of the Internet. Although it started as a BBS text-based chat medium, it has evolved into more than just messaging. You can send and receive files, set up personal file servers, and private chat channels, play games, run external programs, and more. Unlike ICQ and AIM, IRC is inherently public. Most chat channels can be seen by anyone and it takes additional steps to set up a private chat between invited users. Its open nature also opens it as a popular hacker mechanism for malicious mobile code attacks. Sometimes the medium itself is the subject of the attack, other times, it is used as a speedy transport method for spreading Trojans and viruses.

7.2.3 Web Chats

There are a growing number of web-based chat services that use a browser to work. Some work purely with HTML, others with Java. All you need is a browser and a web chat server to point to. Like Microsoft's VChat, many web chats have 3D-looking environments where you are represented by a graphical icon (like a dolphin ) and you walk into chat rooms to join. ChatWeb figs/u2122.gif ( http://www.chatweb.net ) is one of the more popular web chat systems. HTML-based chat systems are susceptible to the same exploits as covered in Chapter 8 to Chapter 12, and are not covered in this chapter.

7.2.4 Proprietary IM Standards

Many IM protocols are proprietary unto the particular vendor. AOL's Instant Messaging is the best example of a proprietary standard. Only registered customers of AOL or AIM can use AIM. Microsoft and other vendors have made their IM networks able to communicate with AIM users, only to have AOL modify their services to block the unappreciated interactive invasion. It does appear that AOL is experimenting with allowing AIM to operate with the ICQ standard, which it already follows closely anyway. Because AOL is the most popular IM choice, it receives the most hacker attention, but is not as susceptible to malicious mobile code.

Jabber Project

A large open-source project, called Jabber , is developing messaging servers that can communicate with all of the other types of IM networks. Using Jabber clients , it is possible to chat seamlessly with your friends and coworkers who are using AIM, IRC, ICQ, or some other IM standard. A Jabber server communicates with non-Jabber servers through the use of transport plug-ins , each geared toward a particular IM network. When you see chat clients using part of the Jabber name , such as JabberIM figs/u2122.gif , WinJab figs/u2122.gif , Jabbernaut figs/u2122.gif , and Gabber figs/u2122.gif , you can be assured that they are part of the Jabber movement. I'm proud to report that the publishers of this book are spearheading the effort behind Jabber.


Team-Fly    
Top


Malicious Mobile Code. Virus Protection for Windows
Malicious Mobile Code: Virus Protection for Windows (OReilly Computer Security)
ISBN: 156592682X
EAN: 2147483647
Year: 2001
Pages: 176

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net