Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Network IPS, Proventia Network MFS, RealSecure Server Sensor, IBM Security Host Protection for Servers (Windows), Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology, IBM Security Host Protection for Desktops, IBM Security Host Protection for Servers (Unix):
This signature detects when a user logs in to the Yahoo! Instant Messenger service.
Proventia-G 1.1 and earlier: G Series, Proventia Network IDS: A Series, Proventia Network IPS: 2.0, Proventia Network MFS: 1.0, RealSecure Server Sensor: 7.0, IBM Security Host Protection for Servers (Windows): 184.108.40.2060, IBM Security Host Protection for Servers (Windows): 1.0.914.0, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 1.0, IBM Security Host Protection for Desktops: 8.0.614.1, IBM Security Host Protection for Servers (Unix): 2.2.2
Microsoft Windows, Unix Unix, Apple Macintosh, Yahoo Messenger
Yahoo! Messenger is a network service that allows Internet users to send "instant messages" and files to other users also running Yahoo! IM clients. These clients operate by connecting to a central server to log in and obtain the names of other clients. The Yahoo! Messenger protocol employs many versions and methods of connecting users together, including tunneling over HTTP, exchanging proprietary protocol traffic through a central server, and direct client-to-client connections. A typical Yahoo! IM message consists of a simple packet containing the originating user's login name, the destination login name, and a text message.
Your institution's security policy may permit the use of instant messaging systems on your network. As a part of your institution's security policy, consider restricting use of instant messaging systems as needed. If restriction of instant messaging is not possible, file transfers over instant messaging services should be monitored for potentially malicious software.
Yahoo! Instant Messenger service user login