Reporter Packet Storm
`The risks of using an AOL client behind a firewall
Many users wish to use AOL client or AIM (AOL Instant Messenger) behind the company firewall. However, opening
the firewall for an AOL client can present a security risk to the entire network.
AOL client connects to the AOL server at port 5190.
This is usually easy enough for the administrator to configure the firewall to allow this port (5190), and the client will
work properly. However, the AOL client establishes an IP tunnel to the AOL server and creates a VPN between the
AOL network, and the Client's network (with the assistance of the AOL client of course), this basically allows
complete communication between the client and the remote server (the AOL client receives an IP address on the
virtual network, and therefore there is no way the firewall can limit this communication), and this also means that the
client is now exposed to all kinds of IP based attacks, such as nukes, access to personal web servers and ftp
servers, and much more, from anyone on the Internet (All they have to figure out is the Virtual IP address given by
the AOL server).
The firewall is basically helpless against this, because this is all going through port 5190 which was allowed for
communication by the administrator.
To see it in action, start your AOL client, and run "winipcfg" (under Windows 95) to see you have a new adapter
(besides the dial-up-adapter or network adapter you used to connect to the Internet with). This adapter will have
its own IP and gateway information. AOL's home page is at: www.aol.com For information on how to connect AOL
client through a firewall, see: http://webmaster.info.aol.com/firewall.html