Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Selling AIM Gateway/Listener To Employers

Posted by ryuzaki0 on from the no-we-must-hear-all dept.

PizzaFace writes "After pushing free instant messaging to more than 100,000,000 users, AOL is now selling AIM-monitoring software to businesses that want to monitor and control the messaging of their employees. AIM Enterprise Gateway will reportedly sell for about $35/employee/year."

10 of 267 comments (clear)

  1. Is it just me or... by Anonymous Coward · · Score: 2, Informative

    Has anyone with a packet logger and a campus LAN been doing this for years? Mine just finds any trafic with the (html)(body right next to each other (and the close html body tags nex to each other too). I have yet to get a false positive.

  2. Not so expensive && Slashdot is SLOWWWWWWW by Wills · · Score: 3, Informative
    USD35/employee/year is not really expensive for the benefit to employers of being able to demonstrate that they are "doing something" to monitor and prevent inappropriate comms. It's a reasonable step for an employer to take given the lawsuit risks these days. An employer who doesn't take any steps to monitor comms doesn't look good in court if they end up being sued, for example, in an employee-employee harrassment case.


    P.S. Rob, Nate, Jeff, your change of hosting service this week from Exodus East to Exodus West has made Slashdot incredibly s...l.........o...........w....... from Europe. It's taking 2 minutes to load a page compared to 10 seconds on the old host. Did OSDN pull the plug on your funding for the larger pipe at Exodus East? It's understandable but a shame nonetheless because it's going to stop people visiting.

    --
    Scroogle
  3. Re:Why a big deal? by phil+reed · · Score: 3, Informative

    Officially, yes. However AIM has this obnoxious habit of trying all sorts of non-standard ports. One network I set up (the managers wanted AIM shut down), I had to put up a http proxy server and close off port 80 from the users, and it snuck out port 53 (DNS). The AIM programmers went out of their way to evade firewalls.

    --

    ...phil
    "For a list of the ways which technology has failed to improve our quality of life, press 3."
  4. aol is NOT monitoring aim by jfruhlinger · · Score: 5, Informative

    AOL will NOT be monitoring AIM communications -- what this product essentially does is set up a private network WITHIN a company, based on the AIM protocols. It is that internal communication that is being monitored -- and not by AOL but by the company that buys the software from AOL. I imagine that the users will be able to use their clients to communicate with other AIM users outside their network, but if they don't want to be monitored, they can just download the standard free AIM client and use that instead.

    Several of my friends work for IBM, and they have been using something like this software, called Sametime, for a couple years. Sametime may have been a beta of this product.

    jf

  5. Re:Why a big deal? by AKnightCowboy · · Score: 3, Informative

    It definitely is a sneaky program. I noticed it even trying to connect out on port 20/tcp trying to masquerade as an active ftp data session. Thanks AOL dickheads. You couldn't isolate it to ONE port and let the network administrators choose whether to allow it or not could you? In my book that's the number one reason to ban AIM from the network even if it means filtering all AOL address space. Fuck 'em.

  6. Did NO ONE look at what this is? by batkiwi · · Score: 5, Informative

    It's not a magical AIM filter, which is what all the comments are suggesting.

    It's a way to run your OWN aim gateway server at your business.

    So I am at franks widgets (fwidg). I install the gateway server. Everyone at fwidg logs into the company aim server instead of the official AIM server, as employee@fwidg.com.

    So now we have intranet messaging, and apparently others can add us to the contact list as well (outsiders).

    OBVIOUSLY since all communication is going through this server, they can log/etc it. But htis is not some sort of magical firewall dropin that listens to aim conversations... there's been opensource projects that can do that for years now.

    It looks to me like it's aiming at the jabber and MSN/exchange messenger market. It's a locally hosted central server, so your business stuff isn't going out over the internet, and it authenticates against stuff you already have, according to their marketing. I'd guess that means ldap and active-directory.

  7. My solution to AIM monitoring... by Ageless · · Score: 5, Informative

    For the past few weeks I have been writing a program I currently call SecureIM. It is a encrypting proxy server that runs on your computer and allows you to have secure conversations over AIM. It's runs under Win32 and is tested with AIM 4.x and higher and Trillian.

    If you would like to check out the beta version, it's available at http://www.vonnieda.org/SecureIM

    The program will be getting a name change before v1.0 since there are several SecureIMs out there.

    Before you flame me about security or what not, please at least have a read of the Readme.txt file where I think I explain pretty well what SecureIM is and isn't capable of.

    I hope someone finds some use of it. Enjoy :)

  8. Re:Yet another reason to use Trillian by Tassach · · Score: 5, Informative

    That is why you open a SSH tunnel to a trusted outside server with access to a squid proxy, and set your AIM proxy to point to the forwarded port on localhost: ssh -L 3128:proxyhost:3128 trusteduser@trustedhost Substitute plink for ssh if using Windows.

    --
    Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
  9. Why Trillian wouldn't solve it in this case by evil_one · · Score: 2, Informative

    Trillian only can establish a secure connection if it has the ability to contact the other computer directly.
    If both ends are behind an IPmasq or similar firewall this won't work.
    OTOH, pgp/gpg would work fine, so long as
    1) both parties have it
    2) you have eachother's pubkeys
    gAIM and similar clients allow not only protocol plugins, but also general purpose - I don't see why gpg support couldn't be added in.

    --
    Desperation is a stinky cologne
  10. Agreed, but... by raretek · · Score: 2, Informative

    I agree they've made it tough to block if you're just targeting AOLs resource(as in time) sucking software. My experience is that most of the time for most offices (not counting tech companies), you don't want your users running ANY of the many time/bandwidth suckers out there. In that case, the following is extremely effective.

    Block all internet traffic for your desktop machines at the router/firewall/whatever, and force all web browsing through a squid proxy on a server that is not blocked. This breaks virtually all messaging and file sharing software, while also generally accelerating web browsing. Any users with special needs can be explicitly allowed through the router.

    Be sure to have a cache only dns server on your side of the link, and voila: Instant messanger stops working (and Aol doesn't get jack), you improve the web browsing experience for your users, and any new messaging programs/file sharing programs won't work. Win win win!

    Then you can spend that 35 bucks times X number of employees, which in my case comes to over 10 thousand bucks, on new hardware like switch upgrades, router upgrades, and the like, which will really make you look good.

    --
    Show me an effect without cause and then I'll believe in chaos.