Are 'Windows Messenger' Messages Easily Intercepted?

[Confused]

Is there any security built into Windows Messenger (I'm using 4.7.3001 on XP
SP2 with .NET Service) to prevent someone on the same LAN from intercepting
and reading others' messages?

If not, is this easy for a savvy hacker to do and should I assume everybody
can see the Windows Messenger messages I type?

Thanks.

 

[Shenan Stanley]

Is there any security built into Windows Messenger (I'm using
4.7.3001 on XP SP2 with .NET Service) to prevent someone on the same
LAN from intercepting and reading others' messages?

If not, is this easy for a savvy hacker to do and should I assume
everybody can see the Windows Messenger messages I type?

As far as I know - there is no encryption in Windows Messenger instant
messages.
So being "savvy" turns into "having the right access/sniffer application."

 

[Patrick Keenan]

Is there any security built into Windows Messenger (I'm using 4.7.3001 on
XP SP2 with .NET Service) to prevent someone on the same LAN from
intercepting and reading others' messages?

If not, is this easy for a savvy hacker to do and should I assume
everybody can see the Windows Messenger messages I type?

Thanks.

The short answer is that it's not secure, no.

One of the longer answers is that if you're using this at a business
location the adage "never type anything you don't want to appear on your
resignation" applies.

HTH
-pk

 

[Confused]

Thanks, Shenan. From your reply it sounds as if anyone -- not just network
administrators -- on a LAN with the "right access/sniffer application" could
intercept these messages. In addition to the text of the message what else
could a hacker see in the message? The computer name? The .NET account
user name (or alias) of either the sender or the recipient? We use IM
primarily on a school network....DHCP w/no domain authentication -- we just
plug in, get an IP address, and away we go.

From a network administration point of view, is it general practice in
business or academic environments to log/store all IM traffic/activity/text?
Or is the typical monitoring limited to watching file transfers on IM to
prevent the spread of viruses?

Thanks again.

 

[Shenan Stanley]

From a network administration point of view, is it general practice in
business or academic environments to log/store all IM
traffic/activity/text? Or is the typical monitoring limited to
watching file transfers on IM to prevent the spread of viruses?

From a business/academic system administration standpoint - monitoring such
traffic for the company/institution is a waste of valuable time and
resources. There are privacy concerns and it would likely only be done with
"probable cause" and then limited to a certain individual or individuals.

Normally - a good system administrator sets up the work/school/other
institutional environment PC in such a way that nothing that isn't installed
by the company technical support gets installed - also there may be a
firewall surrounding the company/institutional system as well as possibly
firewalls implementing on each individual machine. Not to mention Antivirus
and the likes not only on the individual machines (controlled by the
administrator, not the users) but on any file/email servers they provide for
the customers. They may have a network traffic sniffer in place looking for
suspicious activity - but the monitoring of that sniffer is usually
automated and only keyed in to the known "bad traffic". SNORT would be a
good example. If an Instant Message application is allowed/in use - usually
the precautions are common sense and antivirus software as well as Windows
XP's own execution prevention mechanisims - even just making the users just
"users" in security levels helps..

Not saying that a system administrator couldn't get more information than
they should be privy to very easily - just saying they usually do not have
the time nor inclination to do so.

 

[bumtracks]

Didn't pay it much attention as I was looking for something else, but it
did catch my eye as I know of many people whom ports would suddenly close if
their companies used it - program who's apparent sole purpose in life was
capturing and storing all windows & MSN messenger traffic on the network.

 

[Sparda]

Didn't pay it much attention as I was looking for something
else, but it
did catch my eye as I know of many people whom ports would
suddenly close if
their companies used it - program who's apparent sole purpose
in life was
capturing and storing all windows & MSN messenger traffic on
the network.

From a network enterprise stand point, if the only way on the internet
is via a proxy, all some one needs to do is intercept packets on a
specific port range to captur any instante messeges, very few IM
programs nativle support encytion. How ever, there is a program for
windows that alows encyption in MSN called IM Secure, but if you where
to use a diffrent MSN client such as GAIM, you could download gaim
encyption which is more or less the same as IM secure, except it’s
open source and there for free. The problem with both of these is that
both clients much have the same one installed for it to work.

IM Secure:
http://www.zonelabs.com/store/content/catalog/products/sku_list_ims.jsp

GAIM: http://gaim.sourceforge.net/
GAIM Encyption: http://gaim-encryption.sourceforge.net/