lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <41F25B61.9050702@ip-solutions.net>
From: hhoffman at ip-solutions.net (Harry Hoffman)
Subject: Scan for IRC

Use ngrep to look for signs of irc (i.e. PRIVMSG) instead of just 
looking for the ports irc (ususally, but not always) runs on.

something like: "ngrep -qitd eth0 'privmsg'" will probably get you much 
better results.

HTH,
Harry

ALD, Aditya, Aditya Lalit Deshmukh wrote:
> How do u know that you are looking for the irc traffic ? Somewhere you must
> have see connections going out to some host or some connection attempts. You
> could always try sniffing using that ip address on all ports if you have set
> up everthing else correctly... 
> 
> How ever if something is not setup correctly then you would have trouble
> shoot this. Maybe posting some more info will help us all diagnose this for
> you and help u out - maybe offlist ? 
> 
> -aditya
> 
> 
>>-----Original Message-----
>>From: full-disclosure-bounces@...ts.netsys.com 
>>[mailto:full-disclosure-bounces@...ts.netsys.com] On Behalf Of RandallM
>>Sent: Saturday, January 22, 2005 05:04 AM
>>To: full-disclosure@...ts.netsys.com
>>Subject: [Full-Disclosure] Scan for IRC
>>
>>I am so sorry for interrupting the list. I'm trying to pick up IRC
>>communications on the network. I've made some filters for Ethereal and
>>Observer but can't seem to pick it up. I'm doing something 
>>wrong. Used the
>>6668-6669 ports. Any help? 
>>
>>thank you
>>Randall M
>>
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>
> 
> 
> 
> ________________________________________________________________________
> Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ