Comments on: Record IM video on the network? http://www.infosecpodcast.com/2008/07/record-im-video-on-the-network/ Information Security related news, opinions and ramblings Tue, 12 May 2009 17:22:17 -0600 http://wordpress.org/?v=2.9.1 hourly 1 By: Bozidar http://www.infosecpodcast.com/2008/07/record-im-video-on-the-network/comment-page-1/#comment-28005 Bozidar Thu, 17 Jul 2008 18:38:18 +0000 http://www.infosecpodcast.com/?p=183#comment-28005 If you are using a dedicated commercial IM software, with all servers within his network, he might be able to find or request a library or functionality from the vendor. As for capturing any type of video call (AOL, MSN, Skype) things get really complicated. For instance, Skype is encrypted, and you really can't record much. MSN used to be un-encrypted, but no way to distinguish sessions on the network in some easy way. So for such a requirement a full packet capture needs to be investigated, which is a HUGE effort for net-admins, since you need to do this at all possible transit points on the network where the traffic will traverse. I would suggest a different approach: Create a client-side recording module which will record and send the recorded material to a central archive in a transparent or semi-transparent automatic way. At the end of the day, developing this for several platforms may be much easier then packet capture Bozidar http://www.shortinfosec.net If you are using a dedicated commercial IM software, with all servers within his network, he might be able to find or request a library or functionality from the vendor.
As for capturing any type of video call (AOL, MSN, Skype) things get really complicated. For instance, Skype is encrypted, and you really can’t record much. MSN used to be un-encrypted, but no way to distinguish sessions on the network in some easy way.
So for such a requirement a full packet capture needs to be investigated, which is a HUGE effort for net-admins, since you need to do this at all possible transit points on the network where the traffic will traverse.

I would suggest a different approach: Create a client-side recording module which will record and send the recorded material to a central archive in a transparent or semi-transparent automatic way. At the end of the day, developing this for several platforms may be much easier then packet capture

Bozidar
http://www.shortinfosec.net

]]> By: Jason http://www.infosecpodcast.com/2008/07/record-im-video-on-the-network/comment-page-1/#comment-27999 Jason Wed, 02 Jul 2008 01:36:58 +0000 http://www.infosecpodcast.com/?p=183#comment-27999 How about recording all traffic to disk.. Perhaps port limiting. Then should it be needed later, you have all the packets that you could then reconstruct into the original chat session. Also, recording at the network level you'll want to make sure that end-to-end crypto is turned off. How about recording all traffic to disk.. Perhaps port limiting. Then should it be needed later, you have all the packets that you could then reconstruct into the original chat session.

Also, recording at the network level you’ll want to make sure that end-to-end crypto is turned off.

]]> By: JK http://www.infosecpodcast.com/2008/07/record-im-video-on-the-network/comment-page-1/#comment-27998 JK Tue, 01 Jul 2008 20:25:21 +0000 http://www.infosecpodcast.com/?p=183#comment-27998 Hey, nice question! I really would like to hear recommendations as well, because I know soon some manager in my company will have similar thoughts and will want to record all video conferences so that we can "protect our users better.." It pays to be prepared.. Hey, nice question! I really would like to hear recommendations as well, because I know soon some manager in my company will have similar thoughts and will want to record all video conferences so that we can “protect our users better..”

It pays to be prepared..

]]>