Re: [PEN-TEST] IRC

[Jason Witty <jason () WITTYS COM>]

What about all of the various trojans that do things like post "Hey world,
100.1.1.1 is infected with SubSeven, Come Hack me!" to #hack or the like?
And the same thing goes for trojans that simply post your IP, FQDN, and NT
SAM file?  What if the next Outlook worm that comes around simply does the
things mentioned above, then copies the contents of c:\My Documents (or the
like) to IRC?

There's many other reasons against it as well - loss in productivity,
proliferation of pirated software, virus infections due to software
downloaded through non-scanned channels, legal liability due to some jerk
hitting on a 14 year old in #teen, etc.  Just some food for thought.  HTH.

Jason


At 06:16 PM 2/22/01 -0500, Brooke, O'neil (EXP) wrote:
> I don't think that the Irc protocol will cause any compromises. There are
> some Irc client vulnerabilities and you may want to check into those.
> Perhaps packetstorm.securify.com and www.tlsecurity.com could help you
> there.
>
> One of the problems with IRC is that there are some nasty people out there
> and they are able to identify the computers you are using to get onto IRC.
> If someone goes into IRC via your Internet feed and annoys the script
> kiddies your firewall may get hit with DDOS attacks and other probes. This
> does not really have to do with the IRC protocol, but more to do with human
> nature.
>
> -----Original Message-----
> From:  Beauregard, Claude Q [mailto:CQBeauregard () AAAMICHIGAN COM]
> Sent:  Thursday, February 22, 2001 1:49 PM
> To:    PEN-TEST () SECURITYFOCUS COM
> Subject:       [PEN-TEST] IRC
>
> Does anyone know where I can get good documentation on the weakness of IRC
> and how allowing such a service through the firewall can compormise
> security.
>
> Thanks