Penetration Testing mailing list archives
Re: IRC protocols and insecurity
From: "DokFLeed.Net" <dokfleed () dokfleed net>
Date: Thu, 9 Sep 2004 08:58:35 +0400
Heya, IRC network is great choice, i have been on IRC for some years, its security depends on whats it serving for you , I think everything flyes in readable text Depending on users, it can help worm spread unless you block all file transfers. If you are using mIRC clients with some of its powerful scripting engine, then Sky is the limit. DCC either Chat or Send are direct IP , even the normal /Whois will reveal your IP unless you are using a BNC or other means. DoS can be easy using IRC , so you have to manage this. restrict it internaly so students cant load external open proxy clients. Disable DDE in clients by defaults. a Sniffer on the server will see all the communications this is what i can think of now, and you decide how far is it secure for your own needs. DokFLeed Would you rather Hack and go to Jail or Hack and get paid ?!! ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- IRC protocols and insecurity proc ps (Sep 07)
- Re: IRC protocols and insecurity Chris Green (Sep 08)
- Re: IRC protocols and insecurity Jose Maria Lopez (Sep 09)
- Re: IRC protocols and insecurity DokFLeed.Net (Sep 09)
- Re: IRC protocols and insecurity Barrie Dempster (Sep 11)
- Re: IRC protocols and insecurity David Coppa (Sep 14)
- Re: IRC protocols and insecurity Barrie Dempster (Sep 11)
- RE: IRC protocols and insecurity Rob Shein (Sep 13)
- <Possible follow-ups>
- RE: IRC protocols and insecurity Todd Towles (Sep 10)