• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Making Windows Live Messenger safer?

MichaelD

MichaelD

Lifer
I've traditionally eschewed IM-type programs due to the security risks they present to your network; too many open ports and things of that nature.

But now I have to use one. I'm using Windows Live Messenger v8.1.

Is there a way to make it "safer?" I.E. by locking down settings on my router or within my firewall program?

I use Symantec Client Firewall 7, if that helps.

Thanks for the assistance.
 
Link to information about the Windows Live Messanger protocol KB:
http://support.microsoft.com/kb/903056/en-us

The obvious answers here are:

1. Do not allow external communication. Keep all traffic inside your network. Giving the Internet direct access to your PCs is always a bad idea. In addition to increased risk of attack, you don't want your confidential information being IM'd out over the Internet unencryped (see #3).
2. Unless they are needed, disable file transfer and audio/video capabilities. Note in the link that IM traffic goes through the Live Communications Server. The others are peer-to-peer. Disabling them limits connections between PCs, which limits your exposure in case one of them is compromised.
3. If you're going to allow people to discuss confidential information through IM (you might as well, because there's no good way to prevent people from doing it anyway), enable TLS encryption. Again, this is to minimize your risk incase your network is compromised and attackers start sniffing traffic.


Edit: These are best practices for any instant messaging applications, not specific to just Windows Live Messenger.
 
Thanks very much, Zugzwang152. I really need to read up and do what I can.

*edit*

I read the article and now I'm confused. It mentions Microsoft Office Live Communications Server 2005; I'm not running a server and this isn't for work use (all IM programs are blocked/forbidden/WebSensed out) where I work.

This is for my home use. I use Symantec Client Firewall on my home PCs running unmanaged.

Does that change the situation any?
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top