Bugtraq mailing list archives
Re: IRC Security Loophole
From: mark () zang kcc hawaii edu (Mark)
Date: Fri, 3 Feb 1995 00:54:53 -1000 (HST)
I read somewhere that there is a security loophole in IRC. I don't know anything else about it but I would like to find out more information about this. I heard that information about this IRC loophole can be found by FTP at ftp.cert.org, but I couldn't find anything relevant there.
The security concerns with IRC relate almost exclusively to ircII clients that have been modified in the source code or scripts. A source code backdoor to let people gain access to your account can be made to be very invisible, (but usually instantly spottable by anyone with knowledge of C code), but to date most backdoors relate to responding to loud noisy one line commands over IRC. Script backdoors can be more intricate because it doesnt take as much skill to develop usually and the intricacies and subtleties of the scripting language can hide holes quite readily. Again they can be spotted and most to date have been boorishly primitive. To protect yourself from the source code attack, the best thing is to replace your client if you are in doubt as to its origins. You can find a client on anonymous ftp at coombs.anu.edu.au in the /pub/irc/ircII directory. Installing is left as an exercise to the reader. This machine is generally considered to be the safest place to obtain a client. To protect yourself from scripts with dangerous holes in them, basically dont run scripts from other people unless you are competent enough with the language to understand the workings. I myself dont run any scripts and have been using irc for over six years. You dont need them and often they are annoying and will lead to you being removed from channels. (i.e. textbox). Also there are people of doubtful intelligence that enjoy sending people trojan scripts via IRC's DCC that immediately open your account to the world and inform the world of such. Dont run any scripts as a rule. Hope this helps, Mark
Current thread:
- Re: MAGIC PIDs (was Re: magic??) robert owen thomas (Feb 02)
- Re: MAGIC PIDs (was Re: magic??) Neil Woods (Feb 02)
- IRC Security Loophole Lorna Leong (Feb 02)
- Re: IRC Security Loophole Mark (Feb 03)
- Re: IRC Security Loophole Silicon Avatar (Feb 03)
- Re: IRC Security Loophole Kernel Panic (Feb 03)
- Re: IRC Security Loophole Silicon Avatar (Feb 03)
- port checking under solaris 2.3? James W. Abendschan (Feb 02)