Summary

Previous page
Table of content
Next page


Instant messaging can be as dangerous as any other protocol on your network. It absolutely exposes you to an internal risk for a number of things including worms and viruses, litigation due to remarks or content shared over IM networks, leakage of sensitive information, and direct exploitation in the IM software itself.

Recalling Our Methodology

  • Define the Problem: Are you trying to allow IM in or keep it from going out?

  • Gather Facts: Fire up your sniffer or add logging rules to your firewall and see how many people and what IM protocols are being used. If this is to stop IM traffic, there could be quite a number of them, which means you will need to plan for blocking multiple protocols.

  • Define the End State: What is the plan? Assuming we're blocking instant messaging, you will need to get a grip around what other requirements might be needed. Will there be exceptions? Do you need to log when it's attempted? Define this before you roll anything out.

  • Develop Possible Solutions and Create an Action Plan: Some protocols will be easy; others like Yahoo will require upkeep to verify that it is still being effectively blocked. Don't forget to include this in your plan.

  • Analyze and Compare Possible Solutions: Will your plan meet your goals? If this is for regulatory issues, then a failure in your plan could expose you or the business to legal liability. Don't forget to organize all the risks against the level of effort required to implement the plan.

  • Select and Implement the Solution: Make your plan and implement your solution. Keep in mind that you might need to extend this plan at a later date due to the ever-changing nature of IM networks. IM systems are constantly being tweaked and manipulated to circumvent exactly what you are trying to do.

  • Critically Analyze the Solution for Effectiveness: After implemented, measure the effectiveness. Test what you have changed, both against IM and your regular services. Blanket filtering against Yahoo servers, for example, might cause other legitimate outages.

The type of business you are in and the types of threats you have to protect yourself from will dictate if the risk of another service is acceptable to you or not. Measuring that risk is a difficult process and requires a great deal of insider information about a business to come up with a measured response.


    Previous page
    Table of content
    Next page
    Troubleshooting Linux Firewalls
    Troubleshooting Linux Firewalls
    ISBN: 321227239
    EAN: N/A
    Year: 2004
    Pages: 169
    BUY ON AMAZON
    ERP and Data Warehousing in Organizations: Issues and Challenges
    Oracle Developer Forms Techniques
    Adobe After Effects 7.0 Studio Techniques
    SQL Hacks
    File System Forensic Analysis
    Sap Bw: a Step By Step Guide for Bw 2.0
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy