A friend asked me what port AIM used and I guessed something along the lines of 5190. I wanted to check to make sure and, after issuing the command netstat -n from the comamnd prompt, I couldn’t find any port even close to that in use. But I did see 443 in use.. SSL, eh? I was connected to the IP 126.96.36.199 at port 443. Using Sam Spade, I did an IP Block check and sure enough it was America Online.
UPDATE: Originally, I wrote the following:
This means that all communication between AOL’s server and their AIM 6 chat client is very well encrypted — great news for users who wish to use AIM in an environment where the latest (and most aggressive) version of Websense is running. Even though all of my outbound connections at work are encrypted by default, it’s nice knowing that if I even accidently sign on with an insecure connection, my work-related, code-laden chats can’t be sniffed (so suck it, Websense!).
After my post, however, two friends suggested that it’s possible for AOL to just use port 443, not for SSL, but because it’s open on nearlly all firewalls. I then decided to do additional research and after being told that Ethereal and Packetyzer were out-of-style, I downloaded Wireshark, sniffed my packets and found that only the initial login is encrypted. The rest of everything, nick lists, conversations, etc are all sent in clear-text :| So now back to square one.. make sure your connection is fully encrypted or you use an HTTPS AIM proxy if you want to chat it up on networks that employ Websense and other hardcore tracking software.