lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: nocmonkey at gmail.com (Danny)
Subject: Why is IRC still around?

On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec <bkfsec@....lonestar.org> wrote:
> Danny wrote:
> 
> 
> 
> >Well, it sure does help the anti-virus (anti-malware) and security
> >consulting business, but besides that... is it not safe to say that:
> >
> >1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
> >2) A considerable amount of "script kiddies" originate and grow through IRC?
> >3) A wee bit of software piracy occurs?
> >4) That many organized DoS attacks through PC zombies are initiated through IRC?
> >5) The anonymity of the whole thing helps to foster all the illegal
> >and malicious activity that occurs?
> >The list goes on and on...
> >
> >Sorry to offend those that use IRC legitimately (LOL - find something
> >else to chat with your buddies), but why the hell are we not pushing
> >to sunset IRC?
> >
> >What would IT be like today without IRC (or the like)? Am I narrow
> >minded to say that it would be a much safer place?
> >
> >
> >
> I don't think that it would have any impact at all with regard to
> stopping malware and crackers.
> 
> Even if the legitimate IRC servers were shut down, it would still be a
> simple matter for them to create their own servers on non-standard
> ports.  Barring their ability to do that, they'll completely move to IM
> or P2P protocols (like WASTE) to carry out their attacks.  They've
> already created the tools to do this and they're actively doing it right
> now.
> 
> In fact, in this regard IRC is a godsend with regard to tracking down
> attackers.  It's easier to determine the location of an IRC bot and to
> track unencrypted IRC traffic than it is to track WASTE packets or IM
> connections.
> 
> Protocols (and their implementations) aren't causing the "illegal
> activity" as much as the drive to carry out illegal acts is.

Fair enough... I just need to be enlightened. Thanks for your time.

...D

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ