Bugtraq mailing list archives

Re: Dynamic DNS "Spoofing" & IRC

From: Darren Reed <avalon () caligula anu edu au>
Date: Sat, 3 May 2003 14:22:58 +1000 (Australia/ACT)

In some mail from Intel Nop, sie said:


This is a trivial "feature/flaw" I've been holding onto for a bit, and it's
probably commonly known, but I haven't seen it posted anywhere, more of a
neat little thing in taking advantage of IRC and it's treatment of dyndns
within DNS if reverse lookup is possible.

IRC (Internet Relay Chat) servers being a common ground for chat, have some
annoyances such as the username@ipaddress or username@domainname, some
people don't like that etc, being that they have to use a bouncer to avoid
showing their own ip address or hostname to other users if they want to
maintain some sort of privacy.


Bah!  Why do people still expect to have any sort of privacy ?!

Haven't you all gotten over it yet and realised that anyone can
know anything and everything about your life if they have enough $$ ?!

Privacy is such a 20th century concept, get with the times!

Oh, and btw, revealing user@hostname was quite a deliberate design
decision that was debated many times (and probably still is.)

IRC is meant to be a means for communicating with people and when
you're communicating with someone you generally want to know something
about them.  Revealing user@hostname was not ever considered to be a
privacy risk and you might argue is no different to CLID.  I for one
refuse to answer the phone if I cannot see who the other party is that
is calling me because it is generally considered good etiquette to let
someone know who you are when calling.  Revealing more information also
serves as something of a disincentive towards anti-social behaviour and
before you say "but if someone wants to be, they can use methods like
that posted to hide", history shows that for most it is either too
difficult or too much trouble for the average moron to do.

Another reply mentioned "stats L" output being useful.  Well at one
point it was, but today IRC is, for better or worse, far from being
anything as egalitarian as it used to be.

Darren

Current thread:

Dynamic DNS "Spoofing" & IRC Intel Nop (May 02)
- Re: Dynamic DNS "Spoofing" & IRC Markus Kovero (May 02)
- Re: Dynamic DNS "Spoofing" & IRC c4 (May 02)
- Re: Dynamic DNS "Spoofing" & IRC Niels Bakker (May 02)
- Re: Dynamic DNS "Spoofing" & IRC Thomas Wouters (May 02)
- Re: Dynamic DNS "Spoofing" & IRC Darren Reed (May 03)