A r c h i v e d I n f o r m a t i o n
Instant Messaging Programs Can Be Dangerous
Written by Matthew Baum, Office of the Chief Information Officer, Dept. of Ed and Greg Schedidel, Enterprise Network Engineer, BTG Inc., Dept. of Ed.
Instant messaging programs, which allow people to "chat" with each other over the Internet, can be hazardous to a computer's health.
Instant messaging programs, such as ICQ, actually make a computer quite vulnerable to infection from computer viruses and other attacks. One problem is that once it's activated, the instant messaging software opens a channel, or port, through your network firewall to the instant messenger server out on the Internet. The firewall is the security put in place to protect the network from the Internet. Additional tools are used in conjunction with the firewall to scan for viruses or unwanted traffic. These tools, however, cannot scan instant messaging traffic transmitted across the ports and offer no real protection against viruses or attacks that use instant messaging traffic. As long as the instant messaging tool is running on the user's workstation, the firewall port is open to two-way communication - and the possibility of penetration or infection from viruses is high.
Instant messaging products also can cause problems because they actively scan the user's firewall for alternate pathways to the messaging servers on the Internet. This means the instant messaging program can find and use any open port. It's possible for the instant-messaging program to use standard ports to get packets through the firewall. This sharply limits our ability to control and monitor the use of these products and ensure they are used securely.
New instant messaging features compound these security vulnerabilities by allowing file sharing and file transfer capabilities with other instant messaging product users. This allows remote users to look at and share documents and files that reside on the local user's PC. This means that remote users can access your hard drive and files - and this may include more than just the ones you specifically want to share. In a network situation, where many computers are hooked together, this is a very high-risk situation.
Instant messaging products also have a history of being vulnerable to hacking techniques that allow access to a PC without the user's knowledge. Attackers can view information on the hard drive or network drives, plant Trojan programs, plant time or logic bombs, or create back doors into host networks and further compromise them from the user's workstation without detection.
Attackers are very aware of these instant-messaging products, what they do, their vulnerabilities and how to exploit them to their fullest potential.
What's more, legal issues are raised when sensitive government information, software used to access more sensitive data systems, financial systems or privacy act information is processed and stored on a networked government PC.
Due to these and other high security risks posed by instant messenger programs, the Department of Education no longer allows such programs on department computers.
