A friend of mine is works in the financial services market. His company has a need to record Instant Messenger video sessions (think AOL and MSN webcam ) and archive them. They need to do this on the network as opposed to having client software do it locally on the desktop. This is due to the varied desktop systems, only half are Windows based.
Anyone know of a commercial solution or open source libraries that could do this? I know many IPS’ can detect IM video but he needs to record. Is IM video even encrypted? Before you start with the privacy concerns this is done with full knowledge of both parties who are also employees of the same company. It is a pilot program at this point.
–Chris
Technorati Tags: AIM video, record, MSN Messenger
Popularity: 100% [?]
July 1st, 2008 at 3:25 pm
Hey, nice question! I really would like to hear recommendations as well, because I know soon some manager in my company will have similar thoughts and will want to record all video conferences so that we can “protect our users better..”
It pays to be prepared..
July 1st, 2008 at 8:36 pm
How about recording all traffic to disk.. Perhaps port limiting. Then should it be needed later, you have all the packets that you could then reconstruct into the original chat session.
Also, recording at the network level you’ll want to make sure that end-to-end crypto is turned off.
July 17th, 2008 at 1:38 pm
If you are using a dedicated commercial IM software, with all servers within his network, he might be able to find or request a library or functionality from the vendor.
As for capturing any type of video call (AOL, MSN, Skype) things get really complicated. For instance, Skype is encrypted, and you really can’t record much. MSN used to be un-encrypted, but no way to distinguish sessions on the network in some easy way.
So for such a requirement a full packet capture needs to be investigated, which is a HUGE effort for net-admins, since you need to do this at all possible transit points on the network where the traffic will traverse.
I would suggest a different approach: Create a client-side recording module which will record and send the recorded material to a central archive in a transparent or semi-transparent automatic way. At the end of the day, developing this for several platforms may be much easier then packet capture
Bozidar
http://www.shortinfosec.net