GEN:SID 1:2452
Message CHAT Yahoo IM ping
Summary This event is generated when a host in your network that has Yahoo Instant Messenger running attempts to maintain contact with a Yahoo IM server.
Impact Possible policy violation.  Instant Messenger programs may not be appropriate in certain network environments.
Detailed Information Hosts running Yahoo IM periodically communicate with a Yahoo IM server to maintain their connection.  This is a keep-alive message that simply indicates the presences of a host running Yahoo IM.
Affected Systems Any host running Yahoo Instant Messenger.
Attack Scenarios This particular type of Yahoo IM exchange has no known attacks, however it may represent a policy violation because the host is running Yahoo IM.
Ease of Attack A host running Yahoo IM will automatically ping a Yahoo IM server.
Corrective Action Disallow the use of IM clients on the protected network and enforce or implement an organization wide policy on the use of IM clients.
Additional References Yahoo Protocol
http://www.cse.iitb.ac.in/~varunk/YahooProtocol.htm