Results 1 to 4 of 4

Thread: ZA IMSecure

  1. #1
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    ZA IMSecure

    I'm not sure this is the right board, but I figured I'd start here:

    Zone labs has a new product (IMSecure) based on the premise that AV software and firewalls (ZA included) cannot protect against hacker attacks that come through IM...

    Is this so? Because I know SEVERAL people that use IM constantly, and therefore are "always open to attack?

    Regards,
    Chuck Billow
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

  2. #2
    Plutonium Lounger
    Join Date
    Dec 2000
    Location
    Sacramento, California, USA
    Posts
    16,775
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: ZA IMSecure

    Messenger has been acknowledged to have security hole in it and I don't now of any current products that really protect it.
    Charlotte

  3. #3
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: ZA IMSecure

    In general, if you tell your firewall to open a port for IM, it will not be checking anything that comes in and out through that port. If you close the port, it typically will check to see if incoming traffic directed to that port is a response to something you sent out, or is new; responses OK, new stuff ignored. There are, of course, many different firewalls, but this is the more common design.

    Almost all antivirus software protects the computer's file system. If someone sends an IM with an attachment, accessing that attachment may require that it be written to a temp folder (as is the case with e-mail attachments). At that point, the antivirus scanner can inspect the attachment to see if it fails any of its filters. But if the attachment doesn't get written to a temp folder, or if there is an attack on the IM client software itself in memory, then the antivirus software will not even be looking. (In addition to file scanning, antivirus programs often provide a mail scanning feature that checks message bodies. I'm not aware that there is an IM scanning feature.)

    So the short answer is, yes, if someone sends some "chat" to you that triggers a vulnerability in your IM client software, they could potentially take over your system. The easiest way to avoid this is not to use this kind of software, but if one must use it, then using the privacy features (don't advertise your existence to the entire planet; only let your friends attack you) and applying vendor patches is critical.

    I probably should have read the ZoneLabs site before posting this, in case I'm utterly confused... can you post a link to the new product information?

  4. #4
    Uranium Lounger CWBillow's Avatar
    Join Date
    Jul 2002
    Location
    Las Vegas, NV USA
    Posts
    6,371
    Thanks
    78
    Thanked 12 Times in 11 Posts

    Re: ZA IMSecure

    Jeff:

    ZoneLabs Home is where you'll see the add -- IMSecure ...

    Regards,
    Chuck
    -------------------------------------------------
    "Good judgment comes from experience, and experience - well, that comes from poor judgment."

    ~ A(lan) A(lexander) Milne (1882-1956)- "House at Pooh Corner"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •