IRC

Discussion in 'other software & services' started by JayK, Oct 24, 2003.

Thread Status:
Not open for further replies.
  1. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    I need to venture to the brave net world (to me anyway) of IRC.

    Any tips for security? I don't know nuts about IRC.

    What should I use? Anything special to take note of ?

    I'm a true noobie...


    Karma cookies are awaiting the first good comprehensive answer.
     
  2. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    I know a bit about IRC.. One, I would get a good IRC client (MIRC or Berisrc, www.mirc.com I dont knwo Bersirc's web addy, sorry), there are no real "attacks" on IRC, mostly,its /dns feature (you can get somones IP address, and IP number on alot of IRC networks, just by /whois and /dns) I recommend IRClean (www.diamondCS.com.au) to prevent against mIRC worms, dont accept DCC's (Direct connects, as these are not through the IRC server, its directly connected 1-on-1 :doubt:) Although, my Firewall blocks all DCC and get file requests, I also disable it on mIRC, if using mIRC, be careful on what (If any) addons/scripts you download, watch out for IRC bots, read the helpfiles of the IRC client, and enable ctcp flood protection,

    And also, remember, dont refer to the rooms as "chats" or "chatrooms" its "channel" and "IRC network" :p

    Do a search, for basic IRC commands, to help out further..
     
  3. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,332
    Location:
    Netherlands
    Hi JayK,

    General guidelines:
    http://colalug.org/members/resources/IRC/

    Protect your identity:
    http://www.newircusers.com/security.html
    http://www.ircbeginner.com/ircinfo/irc-safety.html

    General info and more links:
    http://www.irchelp.org/irchelp/security/index.html

    Regards,

    Pieter
     
  4. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    *feels kind of stupid* heh, I didnt even think A while back (about 4 months ago, or 5 before I got into security) I have given out my real name :doubt: guess if someone wanted to do something to me, it would have done happened, by now? :doubt:
     
  5. JayK

    JayK Poster

    Joined:
    Dec 27, 2002
    Posts:
    619
    What's so dangerous about giving out your real name? You scared of stalkers?
     
  6. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey JayK

    I would recommend using mIRC (http://www.mirc.co.uk/) for IRC, there are lot of variety however to choose from though. Don’t associate with b0red group and stay away from Elite chans (channels) or you may quickly become a target for entertainment purposes. Use good and well configured Software Firewall; don’t except File Sends especially if they send without notification first, even then I wouldn’t recommend receiving even if it’s from those you think you trust. If you must you should manually scan the files with AV & AT, and if you receive compression files make sure that the AV & AT is configured to handle them.

    If you use mIRC be sure to check for updates every so often, or better yet subscribe to the Mailing List “mIRC Release-list.

    It is now possible to get a notification by E-mail as soon as a new mIRC version has released. Subscribing to the list is very easy; just fill in your E-mail address below and we will make sure you will be among the first to know about every new mIRC version. We will update you on the new functions and features in mIRC and you will get a list of fast download addresses. We guarantee your E-mail address will only be used for release announcements.” (http://www.mirc.co.uk/mailing.html).

    A basic command list can be found on the official mIRC website (http://www.mirc.co.uk/cmds.html). Also when connected to IRC type “/list” to get all visible Channel list for that Network. Remember most IRC Networks requires Identd server to be active, however beauty of using mIRC is using Feature “Enable only when connecting”. “Enable only when connecting

    This turns the identd server on only when you're connecting to an IRC server. The moment an identd request is received and replied to, or the moment you connect to the IRC server and see the MOTD, the identd server is turned off.”

    There are number of IRC Networks that masks your Hostname to make the Named Address or IP irresolvable to prevent its users from being attacked via packet.

    There are usually channel called #Help on most IRC networks, you can go there ask any questions your heart desires. You may want to try to keep it IRC related though, and if you seek for further information, or encounter problems you may PM or E-mail me at will…

    Enjoy Exploring IRC! ;)
     
  7. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Hey Comp01

    You said “* there are no real "attacks" on IRC *”, I completely disagree…


    You also said “* my Firewall blocks all DCC and get file requests, I also disable it on mIRC *”, if you in reference to Software Firewall I don’t see this possible unless your Firewall is acting as proxy the middle man between the mIRC client and the IRC server to filter it’s content.

    DCC File Transfers:

    Client A > Sends File Request to Client B (Through the IRC server)
    Client B > Receives File Request from Client A and Accepts, with connection informatics that’s been sent with the File Request from Client A the client makes the initiating Connections.

    -
    Client B > Sends File Request to Client A (Through the IRC server)
    Client A > Receives File Request from Client B and accepts, with connection informatics that’s been sent with the File Request from Client B the Client A makes the initiating Connections.
     
  8. Weber

    Weber Registered Member

    Joined:
    Jun 16, 2003
    Posts:
    107
    Location:
    Porto Alegre - Brazil
    Hi,

    I use HydraIRC. You can get it at http://www.hydrairc.com/

    I know nothing about security on IRC. I just use it to download some stuff...
     
  9. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    771
    Location:
    Headquarters - London & Field Offices -Worldwide
    Hello JayK
    Of course one may chat using some messenger program/clients. We can recommend Trillian. This client can be made very secure using PGP if one desires. It also can have multiple chat rooms (on whatever server one wants) running at the same time as well as most messenger programs.

    Best wishes
     
  10. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    My firewall blocks all direct connection requests ... I do not know why, I can try and try to sned files or recieve files from mIRC, and its not going to hapen, same way with MSN messenger, and every other messenger service there is (I dont send or recieve files anyways) :doubt:
     
  11. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    Actually there could be number of reasons why you aren’t capable of File Transfers either way. From your “Current Security Programs I run:” list I noticed Sygate Personal Firewall would be the Software Firewall you using? Could you confirm that Sygate Personal Firewall is blocking your mIRC initiating Connections?

    This would mean you need to get another to send you a file for testing purposes…
     
  12. Phant0m

    Phant0m Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    3,684
    Location:
    Canada
    I don’t have photographic memory but with Sygate Personal Firewall don’t you need to give p2p Software server rights? And/or create an rule to authorize initiating Connections to/from?
     
  13. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Well, by defualt, Sygate Personal Firewall gives server rights to EVERYTHING, But, I have it configured so that NOTHING has server rights, thats probably why :doubt: ah well... just one step safer, I guess :p
     
Thread Status:
Not open for further replies.