11 September 2006

Securing your instant messages

If you're like me and resistant to use an all-for-one IM client like GAIM or Scatterchat (basically GAIM + Tor), but still want to secure your instant messages. This is what I've done so far.

I use Yahoo Instant Messenger, Windows Live Messenger, and (less often) ICQ. None of these are listed on the Guide to Torifying applications. However, the general concept is to use SOCKS v5 and route the traffic through 127.0.0.1, port 9050. This did work for Windows Live Messenger.

It didn't work, however, for Yahoo Instant Messenger (meaning it wouldn't connect). I tried HTTP proxy, 127.0.0.1, port 8118, which is what Tor uses for Firefox. This worked.

Neither of these options worked for ICQ.

Before I tried this, both Windows Live Messenger and Yahoo Instant Messenger revealed their foreign IPs via "netstat" or by using an application like Active Ports. After re-routing the IM traffic, both show 127.0.0.1 or the default gateway as the foreign IP.

I haven't done any further traffic analysis so I'm not certain its working yet but will keep testing. If you're seeing any obvious flaws in what I'm doing feel free to point them out.
Post a Comment