Re: [Full-Disclosure] Why is IRC still around?
On Wed, 24 Nov 2004 21:17:24 -0600, vord [EMAIL PROTECTED] wrote: this is quite possibly the most ridiculous thing ive ever read. normally i would respond to it in more detail but i have received literally dozens of responses from members of this list who either sympathize with my position or have outright called you an idiot/lamer. i therefore see no need to defend myself or #hackphreak publicly when the public does not require it. they already know you're a moron, i dont need to beat a dead horse by making you look the fool over and over again. I'm sure all your script kiddie friends are backing you up, I don't doubt it for a second. That doesn't mean your right, it just means you have alot of script kiddie friends with the same views as yourself. It sounds like you've got the script kiddie support of the FD list. What an achievement, you must be so proud of yourself, so proud you had to post it on FD how many private e-mails you get off-list agreeing with you. If i'm an idiot lamer, i'd hate to hear what they're calling you. Thanks, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
i didn't get responses from anyone i knew ... i got responses from people who knew you, get it? btw, our offer still stands. if you would like to try and substantiate your claims, feel free to come back and try your hardest. this is over and never should have begun. DO NOT REPLY. I WILL NOT RESPOND. --vord On Thu, 25 Nov 2004 14:49:50 +, n3td3v [EMAIL PROTECTED] wrote: On Wed, 24 Nov 2004 21:17:24 -0600, vord [EMAIL PROTECTED] wrote: this is quite possibly the most ridiculous thing ive ever read. normally i would respond to it in more detail but i have received literally dozens of responses from members of this list who either sympathize with my position or have outright called you an idiot/lamer. i therefore see no need to defend myself or #hackphreak publicly when the public does not require it. they already know you're a moron, i dont need to beat a dead horse by making you look the fool over and over again. I'm sure all your script kiddie friends are backing you up, I don't doubt it for a second. That doesn't mean your right, it just means you have alot of script kiddie friends with the same views as yourself. It sounds like you've got the script kiddie support of the FD list. What an achievement, you must be so proud of yourself, so proud you had to post it on FD how many private e-mails you get off-list agreeing with you. If i'm an idiot lamer, i'd hate to hear what they're calling you. Thanks, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Thu, 25 Nov 2004 18:34:03 -0600, vord [EMAIL PROTECTED] wrote: i didn't get responses from anyone i knew ... i got responses from people who knew you, get it? btw, our offer still stands. if you would like to try and substantiate your claims, feel free to come back and try your hardest. this is over and never should have begun. DO NOT REPLY. I WILL NOT RESPOND. --vord Ok, I won't reply to call you and this e-mail childish. Too bad, my finger slipped. Thanks, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Tue, 23 Nov 2004, Danny wrote: What a stupid article. The author has it all wrong! IRC is a bed of roses with Celine Dion playing in the background. IRC is like the streets. You can find bad and good people, but it is stupid to say that anyone walking in the street or chatting on IRC is a criminal. -- gpg fp: 8a7e 9719 b38d 97c6 6af0 d345 12a0 3708 2c8c 3c11 http://boklm.mars-attacks.org/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Tue, 23 Nov 2004 21:56:41 -0600, vord [EMAIL PROTECTED] wrote: [flame] n3td3v/malformed, please think before you speak. ive already explained this to you more than once. #hackphreak is no longer associated with a group and no longer intends to be a channel dedicated primarily to matters of hacking/phreaking technical discussion [we therefore accommodate lamers who don't know anything and give IRC/hackers/phreakers a bad name whatever the fuck that means -- suffice it to say, its not primarily a help channel anymore. Yeah, you said it. You had to move stance on it being a lamer channel, because no one with intelligence is on the channel anymore. You make out as if it was planned. The channel went down hill and you have no choice but to admit its a lamer channel, full of script kiddies, who consider themselves real hackers. we talk to each other about whatever the fuck we want and answer questions when and if we damn well feel like it. we do not congregate there for your enjoyment, we do so for our own. moreover, most of us deal with computers all day long and don't particularly care to talk about them 24/7. I don't disagree with you on that. Lots of script kiddies are online 24/7. Even some of them work in computers as a job, then come home and go straight on the computer at home and spend all night on #hackphreak because they have no friends of social lives. oh hey, remind us why no one reads your forum even though you spam the link on this list several times a day. :X Probably because its not a public forum and its not been online for very long, and probably because I keep deleteing and adding forum sections alot at the moment. Its not really ment to be a public forum with loads of authors. Its really a place for me to post stuff i'm doing and let various vendors read it. The majority of members are infact vendors from various e-mails i've sent them on a security issue, and i've welcomed them to read some posts i've put up on my forum they may be interested in. The link I post on this list and other sites is for the homepage, not the forum. You'll notice I don't firectly link to the forum. Its really the homepage I intend people to read more than the forum, so people who read my posts on mailing lists and online forums can get a taste about what I stand for and believe in. as far as real hackers are concerned ... it takes one to know one; Are you calling me a hacker? If so, then you must be a hacker as well, as it takes a hacker to know a hacker. I'm not a hacker, if you read my homepage instead of going to the forum, you'll see I work against hackers, and report them whenever possible to vendors, to stop them being evil hax0rs. if there are real hackers anywhere its #hackphreak. if you like, you can send all of your hacking/security related questions directly to us from now on ... we would be glad to make you look like an idiot on a regular basis as it would certainly be entertaining. i will personally see to it that all of your questions are answered in a timely fashion. I think you seriously don't know the difference between script kiddies and real hackers. hackphreak has no real hackers as you admitted at the start of this e-mail, the channel is full of lamers, who only do general chat. The only real thing you do have is real script kiddies, thats the only *real* thing the channel has. Yes a script kiddie can be online infront of computers 24/7 and also work in I.T during the day, thats pretty run-of-the-mill for a script kiddie, unless you are thinking more of the teenger script kiddie who goes to school and comes home at night infront of mom and dads computer, which is also a script kiddie. Yeah, I would glady come back on the channel and further make a fool of you, but at the moment its only my bot on it, relaying the transcript to me outside the channel, for me to read at any casual time i've got spare time too. If you hadn't noticed the majority of nicks on the channel are various peoples bots, rather than sados like you who are *actually* on the channel, thinking youre a real cool guy being an op. You only have say 20 real people on the channel out of say 100. Now whose the real mug, the saddo with no social life op(vord), or the guy with a bot keeping logs of keywords(n3td3v), to try and to stop script kiddies hacking the internet? My bot is joined by various other intelligence agency bots and other security researcher bots. You decide. --v #hackphreak/undernet giving irc and real hackers/phreakers a bad name since 1998. I really feel sorry for you if you've been on the channel since 1998, you must be so proud. No friends, no social life for all those years. What a great thing. Yet again, the length of time you've been online or infront of computers does not make you anything less than a script kiddie. Real hackers are defined by skill. Not the length of time you've been online or on a IRC channel. Someone could be online 2 years and never
Re: [Full-Disclosure] Why is IRC still around?
this is quite possibly the most ridiculous thing ive ever read. normally i would respond to it in more detail but i have received literally dozens of responses from members of this list who either sympathize with my position or have outright called you an idiot/lamer. i therefore see no need to defend myself or #hackphreak publicly when the public does not require it. they already know you're a moron, i dont need to beat a dead horse by making you look the fool over and over again. --vord On Wed, 24 Nov 2004 22:07:26 +, n3td3v [EMAIL PROTECTED] wrote: On Tue, 23 Nov 2004 21:56:41 -0600, vord [EMAIL PROTECTED] wrote: [flame] n3td3v/malformed, please think before you speak. ive already explained this to you more than once. #hackphreak is no longer associated with a group and no longer intends to be a channel dedicated primarily to matters of hacking/phreaking technical discussion [we therefore accommodate lamers who don't know anything and give IRC/hackers/phreakers a bad name whatever the fuck that means -- suffice it to say, its not primarily a help channel anymore. Yeah, you said it. You had to move stance on it being a lamer channel, because no one with intelligence is on the channel anymore. You make out as if it was planned. The channel went down hill and you have no choice but to admit its a lamer channel, full of script kiddies, who consider themselves real hackers. we talk to each other about whatever the fuck we want and answer questions when and if we damn well feel like it. we do not congregate there for your enjoyment, we do so for our own. moreover, most of us deal with computers all day long and don't particularly care to talk about them 24/7. I don't disagree with you on that. Lots of script kiddies are online 24/7. Even some of them work in computers as a job, then come home and go straight on the computer at home and spend all night on #hackphreak because they have no friends of social lives. oh hey, remind us why no one reads your forum even though you spam the link on this list several times a day. :X Probably because its not a public forum and its not been online for very long, and probably because I keep deleteing and adding forum sections alot at the moment. Its not really ment to be a public forum with loads of authors. Its really a place for me to post stuff i'm doing and let various vendors read it. The majority of members are infact vendors from various e-mails i've sent them on a security issue, and i've welcomed them to read some posts i've put up on my forum they may be interested in. The link I post on this list and other sites is for the homepage, not the forum. You'll notice I don't firectly link to the forum. Its really the homepage I intend people to read more than the forum, so people who read my posts on mailing lists and online forums can get a taste about what I stand for and believe in. as far as real hackers are concerned ... it takes one to know one; Are you calling me a hacker? If so, then you must be a hacker as well, as it takes a hacker to know a hacker. I'm not a hacker, if you read my homepage instead of going to the forum, you'll see I work against hackers, and report them whenever possible to vendors, to stop them being evil hax0rs. if there are real hackers anywhere its #hackphreak. if you like, you can send all of your hacking/security related questions directly to us from now on ... we would be glad to make you look like an idiot on a regular basis as it would certainly be entertaining. i will personally see to it that all of your questions are answered in a timely fashion. I think you seriously don't know the difference between script kiddies and real hackers. hackphreak has no real hackers as you admitted at the start of this e-mail, the channel is full of lamers, who only do general chat. The only real thing you do have is real script kiddies, thats the only *real* thing the channel has. Yes a script kiddie can be online infront of computers 24/7 and also work in I.T during the day, thats pretty run-of-the-mill for a script kiddie, unless you are thinking more of the teenger script kiddie who goes to school and comes home at night infront of mom and dads computer, which is also a script kiddie. Yeah, I would glady come back on the channel and further make a fool of you, but at the moment its only my bot on it, relaying the transcript to me outside the channel, for me to read at any casual time i've got spare time too. If you hadn't noticed the majority of nicks on the channel are various peoples bots, rather than sados like you who are *actually* on the channel, thinking youre a real cool guy being an op. You only have say 20 real people on the channel out of say 100. Now whose the real mug, the saddo with no social life op(vord), or the guy with a bot keeping logs of keywords(n3td3v), to try and to stop script kiddies
Re: [Full-Disclosure] Why is IRC still around?
On Mon, 22 Nov 2004 17:14:09 -0600, vord [EMAIL PROTECTED] wrote: [flame response] firstly, n3td3v is only mad because i happened to ban him from #hackphreak ... which is incidentally the current home of former/current members of [where to begin?] rhino9, w00w00 ... and of course, people who're currently employed at CA/ISS/M$/FS/SIDC. the list goes on. are we script kiddies or do we maybe like to do more than talk about computers all day? you be the judge. anyway, that has nothing to do with this list or this discussion and im sure we'd all benefit from you, and morons like rap1st, keeping their mouths shut.[/flame response] You never *banned* me from anywhere. You banned a host mask I was using. I'm still on the channel with an open proxy and different nickname. Remind the others why you banned me, yeah you banned me because I was making fun of how lame you all are, and how none of you can answer simple questions, which don't even need a technical response, a first year uni student could answer. All you guys do on the channel is talk about pimps and whores and other *general chat* stuff. Nothing related to security or hacking is discussed (and if it is, its in very general terms) that would merit the name *hackphreak*. You give IRC and real hackers and phreakers a bad name. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Tue, 23 Nov 2004 15:12:06 GMT, n3td3v said: All you guys do on the channel is talk about pimps and whores and That's what it looks like if you didn't get a copy of the codebook. :) other *general chat* stuff. Nothing related to security or hacking is discussed (and if it is, its in very general terms) that would merit the name *hackphreak*. Steganography - it's not just for JPGs anymore. :) (Yes, I know it's not as easy to embed a hidden message into linear ascii text as you might think, because too often the encoding forces an odd word choice. That's why there's so *much* trash-talking, to enable something resembling a usable subchannel bandwidth.. ;) pgp0peG46sOdG.pgp Description: PGP signature
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004, Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Are you really serious ? Is it a joke ? This remind me some stupid article I read on nytime : http://www.nytimes.com/2004/05/06/technology/circuits/06chat.html (account required, if you don't have one try ptramo/ptramo) Read it, this is quite funny, they tell us that most of the bad things on the internet come from IRC. Here are some quotes : In a room called Prime-Tyme-Movies, users offered free pirated downloads of The Passion of the Christ'' and Kill Bill Vol. 2.'' [...] And in a far less obtrusive channel, a hacker may well have been checking his progress of hacking into the computers of unsuspecting Internet users. [...] Yet that pirated copy of Microsoft Office or Norton Utilities that turns up on a home-burned CD-ROM may well have originated on I.R.C. And the Internet viruses and denial of service'' attacks that periodically make news generally get their start there, too. This week, the network's chat rooms were abuzz with what seemed like informed chatter about the Sasser worm, which infected hundreds of thousands of computers over the weekend. [...] There seem to be I.R.C. channels dedicated to every sexual fetish, and I.R.C. users speculate that terrorists also use the networks to communicate in relative obscurity. [...] Some Internet experts believe that child pornography rings sometimes use their own private, password-protected I.R.C. servers. Particularly wary users can try to hide their identity by logging in to I.R.C. servers only through intermediary computers. [...] But perhaps the most disruptive use of I.R.C. is as a haven and communications medium for those who release viruses or try to disable Web sites and other Internet servers. -- gpg fp: 8a7e 9719 b38d 97c6 6af0 d345 12a0 3708 2c8c 3c11 http://boklm.mars-attacks.org/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Tue, 23 Nov 2004 20:21:45 +0100, nicolas vigier [EMAIL PROTECTED] wrote: Are you really serious ? Is it a joke ? Dude, I am seriously a naive idiot who just wanted to rant about the people that abuse IRC. Hopefully this was just a momentary brain fart, otherwise I might be in trouble, eh? Often there is humour in such circumstances; I had a few laughs in the process. Shit! Maybe I will meet my future wife on IRC! I would invite everyone from F-D. This remind me some stupid article I read on nytime : http://www.nytimes.com/2004/05/06/technology/circuits/06chat.html (account required, if you don't have one try ptramo/ptramo) What a stupid article. The author has it all wrong! IRC is a bed of roses with Celine Dion playing in the background. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
[flame] n3td3v/malformed, please think before you speak. ive already explained this to you more than once. #hackphreak is no longer associated with a group and no longer intends to be a channel dedicated primarily to matters of hacking/phreaking technical discussion [we therefore accommodate lamers who don't know anything and give IRC/hackers/phreakers a bad name whatever the fuck that means -- suffice it to say, its not primarily a help channel anymore. we talk to each other about whatever the fuck we want and answer questions when and if we damn well feel like it. we do not congregate there for your enjoyment, we do so for our own. moreover, most of us deal with computers all day long and don't particularly care to talk about them 24/7. oh hey, remind us why no one reads your forum even though you spam the link on this list several times a day. :X as far as real hackers are concerned ... it takes one to know one; i can see why you're in the dark on this matter. please see my previous message ... if there are real hackers anywhere its #hackphreak. if you like, you can send all of your hacking/security related questions directly to us from now on ... we would be glad to make you look like an idiot on a regular basis as it would certainly be entertaining. i will personally see to it that all of your questions are answered in a timely fashion. [/flame] stop replying to this on-list. --v #hackphreak/undernet giving irc and real hackers/phreakers a bad name since 1998. On Tue, 23 Nov 2004 15:12:06 +, n3td3v [EMAIL PROTECTED] wrote: On Mon, 22 Nov 2004 17:14:09 -0600, vord [EMAIL PROTECTED] wrote: [flame response] firstly, n3td3v is only mad because i happened to ban him from #hackphreak ... which is incidentally the current home of former/current members of [where to begin?] rhino9, w00w00 ... and of course, people who're currently employed at CA/ISS/M$/FS/SIDC. the list goes on. are we script kiddies or do we maybe like to do more than talk about computers all day? you be the judge. anyway, that has nothing to do with this list or this discussion and im sure we'd all benefit from you, and morons like rap1st, keeping their mouths shut.[/flame response] You never *banned* me from anywhere. You banned a host mask I was using. I'm still on the channel with an open proxy and different nickname. Remind the others why you banned me, yeah you banned me because I was making fun of how lame you all are, and how none of you can answer simple questions, which don't even need a technical response, a first year uni student could answer. All you guys do on the channel is talk about pimps and whores and other *general chat* stuff. Nothing related to security or hacking is discussed (and if it is, its in very general terms) that would merit the name *hackphreak*. You give IRC and real hackers and phreakers a bad name. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Vord, Let's extend your logic a bit... Given your diatribe, one can easily make the following assertion and assume your full support: {It is clear that the internet...being composed of largely uncontrollable, independent nodes...may easily be subverted for uses that are counter to the greater good of society. Therefore, as alternate means of communications and conducting legitmate business are in fact available, the internet will be closed until further notice. Please feel free to create a new internet which cannot be subverted or otherwise used in any manner which does not conform to the societal conventions we have chosen to enforce. } There is no communications channel which can not be subverted in some way or another, be it digital, analog, or paper. Your arguements/pontifications below, if carried to their logical conclusion, suggest that it would be approriate to consider doing away with all of them due to the potential which exists for abuse/misuse. How about a little focus on the people who are responsible, instead...you know, encouraging personal responsibility...that sort of thing? In any society, whether meat-based or bit-based, freedom does indeed have the side-effect of making it harder to prevent bad people from doing bad things. Nonetheless, I'll gladly take the headaches of dealing with bad people and bad things while enjoying the relative freedoms I have. [EMAIL PROTECTED] wrote on 11/20/2004 02:03:00 AM: ive never seen so many repetitive and knee-jerk reactions to one [potentially baseless] post in all my years of watching FD [the obvious exceptions being the OT political nonsense occurring here, especially as of late] as witnessed during my reading of this thread. but moving right along ... :D my take is that Danny merely suggests burning the security candle at both ends. it is complete nonsense to approve of ANYTHING simply because it has some, or even a vast lot, of legitimate users/uses. some things are just not worth defending or perpetuating, and perhaps IRC is one of them? [this is his question]. and for the record, they would move to another resource is not a coherent argument against his position [his question, rather] concerning the elimination of a problem-child medium. perhaps the cost to society via the spread piracy and virii [more importantly the altter] isnt worth the measly gain IRC affords its legitimate users? [well?] it IS incoherent, however, to argue that IRC (1) is the kiddiots means of choice for controlling his worms because it is the easiest or most efficient way to do so, while also contending (2) that an IRC sunset would not cause the immediate dissappearance of substansial internet-wide problems. making it harder MAKES IT HARDER and must therefore to some degree reduce the probability of abuse. therefore the gain afforded to legitimate users by this medium should be weighted against the direct affect its eradication would have on REAL problems -- and, clearly, no one here is qualified to make this judgement, else they would have offered such proof in immediate response to the original post as opposed to blabbing incessantly about incredibly obvious bullshit. the only potentially useful point anyone has made [not that it wasnt obvious] concerns the difficulty in removing the medium ... but this is irrelavent, of course, since it is more likely that the security community would suggest [and perhaps assist in the developement of] a replacement [most importantly] to the larger IRC networks. if shooting people is evil, OBVIOUSLY guns are flawed, but only insofar as people are capable of abusing them, willing to abuse them, and effective in their attempts at doing so. so to burn the candle at both ends you have to fight the spread of trojans and virii by fixing the holes they exploit and providing detection services, while also continually analyzing and evolving the structure on which it all rests. ie, the internet at its core... protocols, etc. im sure the original ford model-T had plenty of legitimate users who didnt drive drunk or generally cause mayhem ... i dont see it around anymore though ... hmm, i wonder if that correlates directly to the increased safety of automobiles ... hmm hmm, indeed. /sardonicism the issue is certainly not at all as cut and dry as most of you have made it out to be. --vord #hackphreak/undernet invulnerable to the accidents of people and books. On Fri, 19 Nov 2004 22:08:33 -, Darren Wolfe [EMAIL PROTECTED] wrote: I have never replied to anything on this list (I read it to keep up to date on vulnerabilities, but im not really qualified to contribute anything) but this particular message has peaked my interest. 1. Agreed, by using flaws in IE they then go on to subvert mirc into spamming people. 2. They do. 3. A tremendous amount :) 4. This is only because IRC provides the perfect medium in which to control those zombies (a single
Re: [Full-Disclosure] Why is IRC still around?
Vord from the in-famous script kiddie channel #hackphreak!! omg, thats the biggest no credibility lamer channel ever. Its channels like #hackphreak which give IRC a bad name, the exact reason this thread started probably!! Vord, go back to #hackphreak kiddo. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
bart the point was obviously wasted on you. firstly, that it would be appropriate to consider doing away with all of them [forms of communication] .. is by no means a logical conclusion to draw from my premise[s], nor did i ever express or imply such nonsense. however, i did state rather explicitly that it is NECESSARY to demand their continued evolution and potential [perhaps eventual] demise as they become obsolete. second, each and every form of communication has dispensable flaws in addition to its inherent and perhaps indispensable ones. where IRC is concerned, some flaws of the former variety are undeniably major contributing factors to the rampant malware plague and therefore worthy of some [more] attention, and [please note] not impossible to eliminate ... if only people were concerned. third, personal responsibility is precisely the issue here. placing all the blame on people who use guns to kill will never solve the problem of gun-related crime -- the same is true of placing all the blame for the existence of malware on malware creators, especially considering how long it has been allowed to flourish -- it is concordantly irresponsible behavior to continue to do so [fool me once, twice, three times]. naivety and idealism might make you happy inside, bart, but they NEVER solve anything. in conclusion, we should be trying to solve the problem from more than one angle. trying to convince people not to write worms, waiting until worms are released and issuing patches/inoculations, and all attempts at early detection/prevention are certainly noble endeavours. but history proves that they are not enough. a new angle of attack is necessary: the potential avenues for abuse should not ONLY be considered during development, but more importantly after deployment -- the internet itself [and most technology, i should say] has more or less been fire and forget [until its abused] ... and this is primarily why the computer security industry exists [lack of foresight]. i have nothing more to say on the subject, all replies should be directed off list if you insist upon making one. btw, the infrastructure simply doesn't exist to move all business off the internet ... the net is now built-in to the world economy, and has been for some time; don't be confused about this. deaf ears, no doubt. --vord #hackphreak/undernet sucka On Mon, 22 Nov 2004 09:01:31 -0600, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Vord, Let's extend your logic a bit... Given your diatribe, one can easily make the following assertion and assume your full support: {It is clear that the internet...being composed of largely uncontrollable, independent nodes...may easily be subverted for uses that are counter to the greater good of society. Therefore, as alternate means of communications and conducting legitmate business are in fact available, the internet will be closed until further notice. Please feel free to create a new internet which cannot be subverted or otherwise used in any manner which does not conform to the societal conventions we have chosen to enforce. } There is no communications channel which can not be subverted in some way or another, be it digital, analog, or paper. Your arguements/pontifications below, if carried to their logical conclusion, suggest that it would be approriate to consider doing away with all of them due to the potential which exists for abuse/misuse. How about a little focus on the people who are responsible, instead...you know, encouraging personal responsibility...that sort of thing? In any society, whether meat-based or bit-based, freedom does indeed have the side-effect of making it harder to prevent bad people from doing bad things. Nonetheless, I'll gladly take the headaches of dealing with bad people and bad things while enjoying the relative freedoms I have. [EMAIL PROTECTED] wrote on 11/20/2004 02:03:00 AM: ive never seen so many repetitive and knee-jerk reactions to one [potentially baseless] post in all my years of watching FD [the obvious exceptions being the OT political nonsense occurring here, especially as of late] as witnessed during my reading of this thread. but moving right along ... :D my take is that Danny merely suggests burning the security candle at both ends. it is complete nonsense to approve of ANYTHING simply because it has some, or even a vast lot, of legitimate users/uses. some things are just not worth defending or perpetuating, and perhaps IRC is one of them? [this is his question]. and for the record, they would move to another resource is not a coherent argument against his position [his question, rather] concerning the elimination of a problem-child medium. perhaps the cost to society via the spread piracy and virii [more importantly the altter] isnt worth the measly gain IRC affords its legitimate users? [well?] it IS incoherent,
Re: [Full-Disclosure] Why is IRC still around?
--vord #hackphreak/undernet sucka Go back to the channel you came from. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
vord wrote: and for the record, they would move to another resource is not a coherent argument against his position [his question, rather] concerning the elimination of a problem-child medium. perhaps the cost to society via the spread piracy and virii [more importantly the altter] isnt worth the measly gain IRC affords its legitimate users? [well?] This would be correct, if the move to a new medium wasn't 0-sum. However, it is a 0-sum move because IRC bots have already been retrofitted with remote control mechanisms using both IM and P2P technologies. This isn't hypothetically they'd move to another medium -- this is they already HAVE moved to other mediums. it IS incoherent, however, to argue that IRC (1) is the kiddiots means of choice for controlling his worms because it is the easiest or most efficient way to do so, while also contending (2) that an IRC sunset would not cause the immediate dissappearance of substansial internet-wide problems. making it harder MAKES IT HARDER and must therefore to some degree reduce the probability of abuse. therefore the gain afforded to legitimate users by this medium should be weighted against the direct affect its eradication would have on REAL problems -- and, clearly, no one here is qualified to make this judgement, else they would have offered such proof in immediate response to the original post as opposed to blabbing incessantly about incredibly obvious bullshit. Actually, I was one of the first respondants and I *DID* provide proof of this in mentioning the WASTE P2P protocol and IM methods used for remote control of said IRCbot networks. The existance of these utilities (which are available and somewhat documented) reduces the makes it harder portion of the equation to almost nothing. Hell, the gaobot infector implemented these as a secondary backdoor method quite some time ago. If you don't consider that to be proof of the point, then I suggest that you're a troll and that I shouldn't be here feeding you right now. the only potentially useful point anyone has made [not that it wasnt obvious] concerns the difficulty in removing the medium ... but this is irrelavent, of course, since it is more likely that the security community would suggest [and perhaps assist in the developement of] a replacement [most importantly] to the larger IRC networks. That's not an irrelivent point - any kiddie with a dedicated PC can setup their own IRC server. Replacing the existance of all of the current IRC servers won't remove the ability for a cracker to easily setup their own. If the proposal is negate IRC, then that proposal has to have a realistic plan for doing so. im sure the original ford model-T had plenty of legitimate users who didnt drive drunk or generally cause mayhem ... i dont see it around anymore though ... hmm, i wonder if that correlates directly to the increased safety of automobiles ... hmm hmm, indeed. /sardonicism No doubt, but there are people out there who choose to drive classic automobiles and forego their personal; safety in order to do so. How would you suggest stopping that? Most people don't use IRC. Many do. If that's the point you're trying to prove here, you're right - but the point is effectively moot. the issue is certainly not at all as cut and dry as most of you have made it out to be. Sure it is. :) -Barry ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
[flame response] firstly, n3td3v is only mad because i happened to ban him from #hackphreak ... which is incidentally the current home of former/current members of [where to begin?] rhino9, w00w00 ... and of course, people who're currently employed at CA/ISS/M$/FS/SIDC. the list goes on. are we script kiddies or do we maybe like to do more than talk about computers all day? you be the judge. anyway, that has nothing to do with this list or this discussion and im sure we'd all benefit from you, and morons like rap1st, keeping their mouths shut.[/flame response] at any rate -- thank you Barry for providing some relevant information and a legitimate, civilized response. two things on the issue of servers: (1) bandwidth expense and (2) an anonymity sacrifice [on someones part] would have to occur/be incurred if they should be forced to setup their own servers. ironically, since [as you mention] their software has already been fitted to other mediums, there would be no incentive to setup said servers, unless of course there are people who don't have such retro-fitted software at their disposal who wish to cause problems, in which case any upgrade to IRC itself would eliminate the threat coming from people who are totally lame and have no resources ... would the difference be negligible? I'm not sure. but again, i don't care anymore ... no one is concerned ... the end. btw, i was referring to everyone who drives a car not driving a model-t ... im sure they'd have kept on doing it for the entire century had someone not come along and made them change. --vord #hackphreak/undernet On Mon, 22 Nov 2004 19:50:12 +, n3td3v [EMAIL PROTECTED] wrote: im a crybaby, waa waa. :o( ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
An internet zorro. Just what we need. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3v Sent: Monday, November 22, 2004 9:41 AM To: [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] Why is IRC still around? Vord from the in-famous script kiddie channel #hackphreak!! omg, thats the biggest no credibility lamer channel ever. Its channels like #hackphreak which give IRC a bad name, the exact reason this thread started probably!! Vord, go back to #hackphreak kiddo. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
if shooting people is evil, OBVIOUSLY guns are flawed, but only insofar as people are capable of abusing them, willing to abuse them, and effective in their attempts at doing so. so to burn the candle at both ends you have to fight the spread of trojans and virii by fixing the holes they exploit and providing detection services, while also continually analyzing and evolving the structure on which it all rests. ie, the internet at its core... protocols, etc. But, just like IRC, a gun has legit uses. I am alive today because I was in a situation where it was kill or be killed (I surprized so folks robbing my house). So, OBVIOUSLY, guns are not flawed. Your argument, on the other had, is. james ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
IRC is a tool/channel to exchange messages, just like mailing lists, web forums, instant messengers and etc. If there's no IRC, hackers or who has the same ideas would also find other channels to found groups, as you joined the Full-Disclosure mailing list. :P On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I can easily show you the flaw in this thinking. Take it to the extreme and ban everything except http and pop/smtp since that's all 95% of the users on the net use anyway. If only those two existed would it stop virus or spam? All that would accomplish is changing the infection and control vectors to using only those two protocols. Well that and it would pretty much limit the internet to being a newpaper/postoffice instead of maturing into a more functional communications medium that drives innovation. Geo. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
This has got to be close to the most stupid thread ever on full-disclosure. I'm not sure if it gets that because the original email was so incredibly naieve or just narrow minded or just a result of very shallow thinking. It's almost dumb enough that you could suggest its premise to some American Senator, that's in bed with the RIAA/MPAA, as a way of stopping those who traffic copyrighted material from communicating and tomorrow you'd see a bill before congree outlawing IRC. The only way IRC will ever go away is when something better comes along and even then, maybe not. There are countless IRC chat networks, aside from the big X and a lot of people are quite happy and content with the status quo and nothing anyone says or does is going to make them change. The person who brought it up should be forced to clean toilets at McDonalds for a year or something equally disgusting. Darren ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
vord [EMAIL PROTECTED] wrote: if shooting people is evil, OBVIOUSLY guns are flawed, but only insofar as people are capable of abusing them, willing to abuse them, and effective in their attempts at doing so. so to burn the candle at both ends you have to fight the spread of trojans and virii by fixing the holes they exploit and providing detection services, while also continually analyzing and evolving the structure on which it all rests. ie, the internet at its core... protocols, etc. On Sat, 20 Nov 2004 18:59:54 -0700, james edwards [EMAIL PROTECTED] wrote: But, just like IRC, a gun has legit uses. I am alive today because I was in a situation where it was kill or be killed (I surprized so folks robbing my house). So, OBVIOUSLY, guns are not flawed. Your argument, on the other had, is. james what? ... from the perspective of someone with initiative to solve security problems it should not matter whether or not a legitimate use for something exists, or whether or not the number of legitimate uses for something out number the illegitimate. all that matters is whether or not abuse can occur. the possibility for abuse and certainly the actuality of abuse are what constitute flaws in a something. both guns and IRC, by all reasonable measures, are abused and therefore flawed as well. further, whether these things have any more or any fewer flaws than anything else is also irrelevant. IRC is abused, it is flawed, it should be fixed or trashed, and only continually used while a better alternative is in development. the irony here is that IRC contributes a great deal to the malware/virii/trojan/scriptkid problem, which seems to be a rather large concern on this list and elsewhere, yet very little to nothing is being done about these problems in relation to IRC specifically -- not by server admins, not by developers, and not by security professionals -- to my knowledge. and as stated previously, they would move to another medium is an incoherent defense for inaction. please accept and understand precisely why IRC is the medium of choice for this kind of activity: because it is easiest to abuse; and if you don't accept this ... how else do you account for the disproportionate amount of it taking place on IRC versus all other mediums mentioned in this thread? anyone? [flame] and btw james, everyone knows that people have flaws -- there probably isn't anything more obvious than this fact; but considering your argument above, i suggest you leave those problems to the psychologists and start doing your job. [/flame] --vord #hackphreak/undernet invulnerable to the accidents of people and books. http://www.eleat.org [NSFW] http://vord.rsc.cx [NSFW] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? yes, some do. The three most common forms of viral use of IRC that I see are: 1. Virus/worm/trojan writers have it connect to a server and notify a channel that it has infected xx.xx.xx.xx. This is an attempt to keep the virus writer anonymous. 2. mIRC scripts (I'm not going to say more) 3. bot nets which are a form of DoS attack. 2) A considerable amount of script kiddies originate and grow through IRC? True, but some of our experts gain some of their knowlege from IRC as well. It's a two-way street. 3) A wee bit of software piracy occurs? yes, but people also have Kazaa (FastTrack), Nuttella, FTP, warez sites, and Newsgroups. 4) That many organized DoS attacks through PC zombies are initiated through IRC? This goes back to mIRC scripting. The ones that don't would be able to check a website/blog/wiki to look for commands. 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Anything on the Internet has a certain level of anonymity that is available. There are proxies, temporary e-mail accounts, etc. Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I'm not offended. IRC has the ability to let you hold a conference with people from all over the world. Or to just have fun. Sure there are other chatting platforms that could be used, but they aren't as flexible. If IRC were to suddenly stop existing, Bulletin boards and Wiki would become even more popular. Most of them allow the same level of anonymity that IRC gives to people. Or some poor soul's blog would be overrun with comments. Unfortunately, all of the things you have listed as the downside to IRC would happen anyway. My 2c worth -- Chris Umphress http://daga.dyndns.org/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? because you can't, i'm not sure what you think IRC is.. but it isn't one network run by a few geeks. It's thousands of networks accross the world, open source IRC servers and millions/billions(?) of users. You can't stop IRC because people do bad things there, this is the internet.. what do you expect? -- zxy_rbt2 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
ive never seen so many repetitive and knee-jerk reactions to one [potentially baseless] post in all my years of watching FD [the obvious exceptions being the OT political nonsense occurring here, especially as of late] as witnessed during my reading of this thread. but moving right along ... :D my take is that Danny merely suggests burning the security candle at both ends. it is complete nonsense to approve of ANYTHING simply because it has some, or even a vast lot, of legitimate users/uses. some things are just not worth defending or perpetuating, and perhaps IRC is one of them? [this is his question]. and for the record, they would move to another resource is not a coherent argument against his position [his question, rather] concerning the elimination of a problem-child medium. perhaps the cost to society via the spread piracy and virii [more importantly the altter] isnt worth the measly gain IRC affords its legitimate users? [well?] it IS incoherent, however, to argue that IRC (1) is the kiddiots means of choice for controlling his worms because it is the easiest or most efficient way to do so, while also contending (2) that an IRC sunset would not cause the immediate dissappearance of substansial internet-wide problems. making it harder MAKES IT HARDER and must therefore to some degree reduce the probability of abuse. therefore the gain afforded to legitimate users by this medium should be weighted against the direct affect its eradication would have on REAL problems -- and, clearly, no one here is qualified to make this judgement, else they would have offered such proof in immediate response to the original post as opposed to blabbing incessantly about incredibly obvious bullshit. the only potentially useful point anyone has made [not that it wasnt obvious] concerns the difficulty in removing the medium ... but this is irrelavent, of course, since it is more likely that the security community would suggest [and perhaps assist in the developement of] a replacement [most importantly] to the larger IRC networks. if shooting people is evil, OBVIOUSLY guns are flawed, but only insofar as people are capable of abusing them, willing to abuse them, and effective in their attempts at doing so. so to burn the candle at both ends you have to fight the spread of trojans and virii by fixing the holes they exploit and providing detection services, while also continually analyzing and evolving the structure on which it all rests. ie, the internet at its core... protocols, etc. im sure the original ford model-T had plenty of legitimate users who didnt drive drunk or generally cause mayhem ... i dont see it around anymore though ... hmm, i wonder if that correlates directly to the increased safety of automobiles ... hmm hmm, indeed. /sardonicism the issue is certainly not at all as cut and dry as most of you have made it out to be. --vord #hackphreak/undernet invulnerable to the accidents of people and books. On Fri, 19 Nov 2004 22:08:33 -, Darren Wolfe [EMAIL PROTECTED] wrote: I have never replied to anything on this list (I read it to keep up to date on vulnerabilities, but im not really qualified to contribute anything) but this particular message has peaked my interest. 1. Agreed, by using flaws in IE they then go on to subvert mirc into spamming people. 2. They do. 3. A tremendous amount :) 4. This is only because IRC provides the perfect medium in which to control those zombies (a single message from one person is immediately sent to everyone in the channel at the same time). If a better medium was available, they'd use that. IRC is as close to a real time group conversation as you can get that doesn't used closed protocols. It's fast, simple and used by an enormous number of people - particuarly those who play online games, and for open source projects (#gentoo on freenode regularly has over 900 people in it). In answer to your final question - IRC is very useful for quick conversations in real time with groups of people. Sure there are other things - usenet, web based forums, email based mailing lists, IM networks etc but none have that group feeling as much as IRC. It's problem is twofold - firstly, mirc (the most popular client) has a number of flaws that make it easy to steal peoples auth passwords. But these are not automated! The user must be tricked into typing some commands to set the exploit in motion. This is also the second problem - a link may be mentioned in a channel and people will click on it - from there, if your browser is vulnerable, you can be hit by any number of trojans. There was a winamp trojan going about a few months ago (which I reported and is now fixed - go me :D ) which involved clicking a link in irc that opened winamp through a file association that exploited a security flaw that installed a script for mirc that spammed the same link to everyone in the channel. Like any other medium, it is a combination of a lack of
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 17:10:13 -0500, Tim [EMAIL PROTECTED] wrote: My mistake; I was referring to the discussion, collaboration, and creation, not the spread. You mentioned DDoS attacks below. I don't believe that use is a form of discussion, collaboration, or creation. Some say we should, but I am not one of those. My point was to get rid of the most well established tool (and easiest to use) for these types of activities. Any tool can be used by anyone for good or evil. If one knows the kiddies are all hanging out on IRC, then you can get a lot of good info about what their new attacks are by loitering on their channels. What's the difference? IRC is so well established for the type of activity I am referring to. As it is established for many productive things. Ever check out freenode? I'll leave the piracy battle for someone else - I just mentioned it as a part of the problem. If you aren't prepared to defend it on this list, better not mention it. =) Sure netcat is an alternative, but which one is easier to use? Um... netcat, or raw tcp sockets. I would argue it is easier to write something that just opens a connection, and listens for commands to come back, than something that has to speak IRC. Speaking IRC has its own advantages, but in the absence of it, it is still trivial to manage a bot net. I thought I would throw out the idea. If you want to call me a troll, then so be it, but don't get your panties in a knot over the whole thing Pardon my harsh reply. It wasn't personal, and is directed only at your reasoning. It is a similar reasoning that leads to the slippery slope toward censorship. No worries. Case closed. :) ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
james edwards wrote: It is not IRC that is the problem, it is the people on IRC that cause problems. Guns don't kill people all by by themselves; people kill people. but it's the holes they make that really do 'em in, no? %-) -- dk ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny [EMAIL PROTECTED] wrote: What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? To be honest: Yes, i think it is quite narrow-mindet to say that. Sure, there are some scriptkiddies and crackers who organize themselves through internet relay chats. But if you think you proposal right through to the end, you should also consider abandoning almost every email-software, instant-messenger and the like. Good luck with that. If you approach the problem this way, why not cut through your network cable, which is the best way to protect yourself? /irony Best wishes, Christian -- Christian Fromme EMail: derfromme at gmx.de PGP-Pubkey: http://www.informatik.fh-wiesbaden.de/~cfrom001/pgp/index.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
The fact that it is an open protocol makes it easy to spot, you don't look for specific ports you look for specific behavior (i.e. - privmsg) Not that I'm saying this should be done. IRC is used by many ppl in very good ways! I'm just saying that the two points shouldn't be confused. SSL is a bit of a different story. --Harry Bowes, Ronald (EST) wrote: [snip] So do you intend to scan every computer on the Internet on port 6667, and shut down every server found running, the move on to random ports that zombies probably use, and start attacking sites that provide open source clients that use an open protocol? ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around? (Because anything less would be uncivilized)
Well, fellow F-D'ers, thanks to the vast array of intelligence and experience found on this list, my rant about abolishing IRC has been proven to be far from a solution. I..can't tell if it's sarcasm or not, damn those trolls and their mind poisoning ways. -- zxy_rbt2 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 2004-11-19 at 12:40 -0500, Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? Not as much as email does. What about that old TCP/IP do you know how many viruses use that? according to leading antivirus vendors I believe the official figure is LOTS 2) A considerable amount of script kiddies originate and grow through IRC? Yep, I've heard they've also migrated to HTTP as well, let's get rid of that. 3) A wee bit of software piracy occurs? Nothing compared to bittorrent and the other p2p networks, it's called sharing information, if some people want to share illegal information that's inevitable. (Do you know how many terrorists use phones to communicate? the figures would scare your family for generations!) 4) That many organized DoS attacks through PC zombies are initiated through IRC? Yeh, so we should take that communication mechanism away as they are obviously not clever enough to use, MSN,YAHOO,JABBER,ICQ,Email,Web Forums, BBS, Telephones, VOIP, Roger Wilco, talkd, the unix write command, windows messaging, snail mail, Pigeons, Cups and string, Shouting very loud, morse code, hand signals. 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? It's more anonymous than the other communication mechanisms on the net is it? Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Sorry to offend you if I do, but based on your reasons for getting rid of IRC, we'd have to get rid of alot of communication mechanisms. The reason IRC is used alot for the things you've described is because it's been around for a long time and the networks and relations built on IRC have lasted, taking it away (which is far from possible) would only mean that all the activities would migrate to other mediums. Can I ask if you missed the whole shadowcrew incident? they had an IRC channel but did alot of their stuff on a web forum... Think about it for a second what good would closing IRC down do to prevent that? BTW... Most OSS was also built around IRC collaboration, just have a look at freenode and ask the currently 800+ people in #gentoo, the 700+ people in #debian or the 300+ that are in #slackware and #fedora. Now that you've thought it through and you want to take away a massive support mechanism from all these people, how do you propose we do it? I tried smoking the same drugs as you and I firmly believe magic monkeys are the solution to our problems, I'll create a #magicmonkeys IRC channel so we can co-ordinate it. Disclaimer: If this reply seemed like it was in jest, it may be because I consider the original message to be a joke Barrie Dempster (zeedo) - Fortiter et Strenue http://www.bsrf.org.uk [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ] signature.asc Description: This is a digitally signed message part
Re: [Full-Disclosure] Why is IRC still around?
Is IRC bad? Yes. Is SMTP bad? Yes. Why? Because they are simple and basic protocol implementations created decades ago. Not that they aren't efficient and easy, but they certainly have their shortcomings in terms of security and AAA. Yes, people can certainly switch to other mediums which will in turn be subject to abuse and exploits - but at least a more modern medium will likely have more controls and accountability in place. Whether or not there is any legitimate use of the IRC, we all know that it has been a haven for illegal activity and abuse for at least (2) decades now. We need to move forward with technology. Or would you rather be like Microsoft - and attempt to be backward compatible for all-time - and continue to use products that have fundamental flaws in them? On Fri, 19 Nov 2004 12:17:09 -0800, Mister Coffee [EMAIL PROTECTED] wrote: Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? And? There are a hell of a lot of normal users on IRC too who don't wreck havoc. A lot of spam comes in email. Does that make email bad? 2) A considerable amount of script kiddies originate and grow through IRC? And AIM, ICQ, Jabber, web-forums, mailing lists, etc. IRC is one medium amungst many. 3) A wee bit of software piracy occurs? Some, perhaps. But unlike, say BitTorrent or Kazaa, IRC's primary role is communication rather than file transfer. You could make the same argument for ANY of the IM clients that support file transfer. 4) That many organized DoS attacks through PC zombies are initiated through IRC? Many do. Yes. But many also originate through other media, and, again, it's not the medium's fault that people use it for nefarious purposes. Hitmen get calls on their cell phones. Should we eliminate cell phones to stop the hitmen? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Anonymity is not a bad thing in many, man, respects. And the list of legitimate uses goes on and on as well. Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? No offense. But the arguments aren't especially strong. We're not pushing to sunset the IRC protocol because there are still thousands and thousands of -legitimate- users in the world. Unlike most IM systems, the IRC nets are completely independant. There are some serious advantages to that. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Yes? IRC is a protocol. A tool like any other. Last I looked there were still hundreds to thousands of IRC users at any given time who were there just to hang out and BS with their friends. It's still a valid community if you will, in spite of the nefarious uses other people have put it to. If you sunset something like IRC, the 3v1L [EMAIL PROTECTED] will just move their bots and trojans somewhere else. ...D Cheers, L4J ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -- ME2 http://www.santeriasys.net/rss.php ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around? (Because anything less would be uncivilized)
On Fri, 19 Nov 2004 22:48:46 +, Andrew Smith [EMAIL PROTECTED] wrote: Well, fellow F-D'ers, thanks to the vast array of intelligence and experience found on this list, my rant about abolishing IRC has been proven to be far from a solution. I..can't tell if it's sarcasm or not, damn those trolls and their mind poisoning ways. I am serious. That concludes this topic. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
been on yahoo lately? or AOL channels or hell how bout gnutella? -Original Message- From: Danny [mailto:[EMAIL PROTECTED] Sent: Friday, November 19, 2004 2:53 PM To: Keith Pachulski Cc: Mailing List - Full-Disclosure Subject: Re: [Full-Disclosure] Why is IRC still around? On Fri, 19 Nov 2004 14:47:31 -0500, Keith Pachulski [EMAIL PROTECTED] wrote: how bout because it is entertaining and it is an easy way to communicate with a large group of ppl at once So that trumps it's infestion of illegal activites? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
how bout because it is entertaining and it is an easy way to communicate with a large group of ppl at once -Original Message- From: Danny [mailto:[EMAIL PROTECTED] Sent: Friday, November 19, 2004 12:40 PM To: Mailing List - Full-Disclosure Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny: there's not need to keep replying, this is a mailing list. Here's what happens: 1) Question posted. 2) Valid replies posted. 3) 30-40 others repeat replies at 2) 4) In come the trolls.. -- zxy_rbt2 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
In the last year or two of subscribing to FD, that is the single most idiotic statement I have ever read. -Original Message- From: [EMAIL PROTECTED] on behalf of Danny Sent: Fri 19/11/2004 17:40 To: Mailing List - Full-Disclosure Cc: Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
there is some great stuff developed on irc. have you ever used a cvsbot? I just love those check-in privmsg notifications. chris == 'when all you have is a nail-gun, every problem looks like a messiah' Danny wrote: On Fri, 19 Nov 2004 17:10:13 -0500, Tim [EMAIL PROTECTED] wrote: My mistake; I was referring to the discussion, collaboration, and creation, not the spread. You mentioned DDoS attacks below. I don't believe that use is a form of discussion, collaboration, or creation. Some say we should, but I am not one of those. My point was to get rid of the most well established tool (and easiest to use) for these types of activities. Any tool can be used by anyone for good or evil. If one knows the kiddies are all hanging out on IRC, then you can get a lot of good info about what their new attacks are by loitering on their channels. What's the difference? IRC is so well established for the type of activity I am referring to. As it is established for many productive things. Ever check out freenode? I'll leave the piracy battle for someone else - I just mentioned it as a part of the problem. If you aren't prepared to defend it on this list, better not mention it. =) Sure netcat is an alternative, but which one is easier to use? Um... netcat, or raw tcp sockets. I would argue it is easier to write something that just opens a connection, and listens for commands to come back, than something that has to speak IRC. Speaking IRC has its own advantages, but in the absence of it, it is still trivial to manage a bot net. I thought I would throw out the idea. If you want to call me a troll, then so be it, but don't get your panties in a knot over the whole thing Pardon my harsh reply. It wasn't personal, and is directed only at your reasoning. It is a similar reasoning that leads to the slippery slope toward censorship. No worries. Case closed. :) ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 2004-11-19 at 17:40, Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Who is 'we' and what makes you think anyone cares what you 'sunset'. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? This has to be a troll. It's just too stupid. - M ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I don't think that it would have any impact at all with regard to stopping malware and crackers. Even if the legitimate IRC servers were shut down, it would still be a simple matter for them to create their own servers on non-standard ports. Barring their ability to do that, they'll completely move to IM or P2P protocols (like WASTE) to carry out their attacks. They've already created the tools to do this and they're actively doing it right now. In fact, in this regard IRC is a godsend with regard to tracking down attackers. It's easier to determine the location of an IRC bot and to track unencrypted IRC traffic than it is to track WASTE packets or IM connections. Protocols (and their implementations) aren't causing the illegal activity as much as the drive to carry out illegal acts is. -Barry ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Micheal Espinola Jr wrote: Is SMTP bad? Yes. Why? Because they are simple and basic protocol implementations Are or were ? smtp supports tls for example (I dropped irc because I have very little knowledge about it). Not that they aren't efficient and easy, but they certainly have their shortcomings in terms of security and AAA. smtp supports both plaintext (login/password) and tls/certificate authentications. Configuration is not a technology issue but a sysadmin issue. We need to move forward with technology. Or would you rather be like Microsoft - and attempt to be backward compatible for all-time - and continue to use products that have fundamental flaws in them? smtp is backward compatible with fossile like technology (sendmail comes to mind as it have a 'good' bugs record) but also 21th century technology aware (s/mime, tls). Much could be said against protocols such as rpc, ftp, telnet, iiop, http, ... but some/most of them are also supporting some somewhat new technology (encryption, authentication, ...) some of them do not add much value when used over the internet (rpc comes to mind) these are more lan protocols. Microsoft don't try to be backward compatible: w2k is not backward compatible with nt or dos, even xp sp2 is not backward compatible with xp sp1:-) ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec [EMAIL PROTECTED] wrote: Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I don't think that it would have any impact at all with regard to stopping malware and crackers. Even if the legitimate IRC servers were shut down, it would still be a simple matter for them to create their own servers on non-standard ports. Barring their ability to do that, they'll completely move to IM or P2P protocols (like WASTE) to carry out their attacks. They've already created the tools to do this and they're actively doing it right now. In fact, in this regard IRC is a godsend with regard to tracking down attackers. It's easier to determine the location of an IRC bot and to track unencrypted IRC traffic than it is to track WASTE packets or IM connections. Protocols (and their implementations) aren't causing the illegal activity as much as the drive to carry out illegal acts is. Fair enough... I just need to be enlightened. Thanks for your time. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 14:47:31 -0500, Keith Pachulski [EMAIL PROTECTED] wrote: how bout because it is entertaining and it is an easy way to communicate with a large group of ppl at once So that trumps it's infestion of illegal activites? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Friday 19 November 2004 3:31 pm, Poof wrote: Wow, NICE analogy Jeff! While IRC is here to stay... The future seems more like servers that're only hosted through big companies/etc as most datacenters are 'forbidding' use of IRC(Ports 6660-6669, 7000) on their network. As any other service, you can put IRC on any port you want. Max -- Linux garaged 2.6.9-ac9 #2 SMP Tue Nov 16 17:07:13 CST 2004 i686 Intel(R) Pentium(R) 4 CPU 2.80GHz GenuineIntel GNU/Linux -BEGIN GEEK CODE BLOCK- Version: 3.12 GS/S d- s: a-29 C++(+++) ULAHI+++ P+ L+ E--- W++ N* o-- K- w O- M-- V-- PS+ PE Y-- PGP++ t- 5- X+ R tv++ b+ DI+++ D- G++ e++ h+ r+ z** --END GEEK CODE BLOCK-- gpg-key: http://garaged.homeip.net/gpg-key.txt ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Might as well ask yourself Why are trolls like me still around? Hooked 'em good, monkey. :o) On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
I think its about time to sunset this discussion, how many people need to send emails saying the same thing? - Original Message - From: Keith Pachulski [EMAIL PROTECTED] To: Danny [EMAIL PROTECTED]; Mailing List - Full-Disclosure [EMAIL PROTECTED] Sent: Friday, November 19, 2004 2:47 PM Subject: RE: [Full-Disclosure] Why is IRC still around? how bout because it is entertaining and it is an easy way to communicate with a large group of ppl at once -Original Message- From: Danny [mailto:[EMAIL PROTECTED] Sent: Friday, November 19, 2004 12:40 PM To: Mailing List - Full-Disclosure Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Sat, 20 Nov 2004 09:58:48 -0500, ntx0f [EMAIL PROTECTED] wrote: I think its about time to sunset this discussion, Sunsets are nice to watch in the summer months over here. Thanks,n3td3v http://www.geocities.com/n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, Nov 19, 2004 at 12:40:26PM -0500, Danny wrote: 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? You answered yourself. Because such mostly unregulated, seminanonymous medium is needed. You have problem with unpatched machines? Patch them, then and do not waste time whining. And what would we do without bash.org? Alex -- mors ab alto 0x46399138 pgpLG8cJJB87E.pgp Description: PGP signature
Re: [Full-Disclosure] Why is IRC still around?
Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I daresay the world would not be much different. The early dedicated DDoS systems had their own inter-agent communication channels of varying complexity and sophistication. I'm sure if something easy and convenient such as IRC were not around for the skiddie copycats that came along later to usurp, at least one or two of said copycats would probably have managed to scrape together just enough talent to roll their own simple, lightweight distributed messaging system to use as a communication and coordination channel for their bot armies and thus we'd have ended up more or less where we are. Likewise, other methods of more or less anonymous intercommunication between like-minded skiddies would have evolved had IRC not, as the nature of the underlying structure of the Internet is essentially anonymous communication (recall that this is a completely unintended, and perfectly expected, effect of the purpose of the underlying network technology -- it was to be used for a physically closed network, where the fact a machine was on the network _meant_ that machine was supposed to be there _and_ that its location _AND_ the names and whereabouts of the ranking officers responsible for the techies running it would be readily available). Ditto, s/w piracy would have found other largely untraceable online outlets such rooted FTP and web servers, compromised SOHO machines with fast connections and totally clueless admins, P2P, etc, etc... In short, without IRC I'd expect we'd be pretty much exactly where we are anyway (save we would have had one less inane question to answer on some mailing list). -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 14:55:12 -0500, Keith Pachulski [EMAIL PROTECTED] wrote: been on yahoo lately? or AOL channels or hell how bout gnutella? Do they organize zombies, foster the creation of backdoors, round up DoS attacks? Sure, getting rid of the big piracy rings would be nice, but I am focusing on the malware, zombies, bots, organized DoS attacks, etc. aspect of IRC. ..D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
That's because the Internet is free and no one can control what survives on it. What survives isn't what is *ethical* but what is *useful*. And IRC is very useful for some people, so it's here to stay. The problem is not IRC; the problem is the misuse some people make of it. We cannot make knives dissapear, because they are useful; instead, we must get rid of people that uses knives to kill. - Original Message - From: Danny [EMAIL PROTECTED] To: Mailing List - Full-Disclosure [EMAIL PROTECTED] Sent: Friday, November 19, 2004 2:40 PM Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Even better idea: Get sunset internet1 /me just solved problems 1-5 On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? And? There are a hell of a lot of normal users on IRC too who don't wreck havoc. A lot of spam comes in email. Does that make email bad? 2) A considerable amount of script kiddies originate and grow through IRC? And AIM, ICQ, Jabber, web-forums, mailing lists, etc. IRC is one medium amungst many. 3) A wee bit of software piracy occurs? Some, perhaps. But unlike, say BitTorrent or Kazaa, IRC's primary role is communication rather than file transfer. You could make the same argument for ANY of the IM clients that support file transfer. 4) That many organized DoS attacks through PC zombies are initiated through IRC? Many do. Yes. But many also originate through other media, and, again, it's not the medium's fault that people use it for nefarious purposes. Hitmen get calls on their cell phones. Should we eliminate cell phones to stop the hitmen? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Anonymity is not a bad thing in many, man, respects. And the list of legitimate uses goes on and on as well. Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? No offense. But the arguments aren't especially strong. We're not pushing to sunset the IRC protocol because there are still thousands and thousands of -legitimate- users in the world. Unlike most IM systems, the IRC nets are completely independant. There are some serious advantages to that. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Yes? IRC is a protocol. A tool like any other. Last I looked there were still hundreds to thousands of IRC users at any given time who were there just to hang out and BS with their friends. It's still a valid community if you will, in spite of the nefarious uses other people have put it to. If you sunset something like IRC, the 3v1L [EMAIL PROTECTED] will just move their bots and trojans somewhere else. ...D Cheers, L4J ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? It is not IRC that is the problem, it is the people on IRC that cause problems. Guns don't kill people all by by themselves; people kill people. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D I would be lost w/o freenode. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
How exactly do you propose to accomplish this? IRC is an open protocol and there are many open clients and open servers which can run on any port, and run encrypted with SSL. So do you intend to scan every computer on the Internet on port 6667, and shut down every server found running, the move on to random ports that zombies probably use, and start attacking sites that provide open source clients that use an open protocol? Your suggestion makes no sense, and it's something that's impossible to implement. Why not just make knives illegal? I mean, they're frequently used as a weapon, right? Ron Bowes Information Protection Centre Government Of Manitoba -Original Message- From: Danny [mailto:[EMAIL PROTECTED] Sent: Friday, November 19, 2004 11:40 AM To: Mailing List - Full-Disclosure Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: ? 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? email, http, aol users;)? 2) A considerable amount of script kiddies originate and grow through IRC? and criminals through phones 3) A wee bit of software piracy occurs? p2p? 4) That many organized DoS attacks through PC zombies are initiated through IRC? just a control network, could also (and is) handeld through p2p-technologie 5) The anonymity of the whole thing helps to foster all the illegal anonymity?;) and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? yes, you are. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Unfortunately IRC is not the problem. Removing IRC will cause the systems that use it to leverage another control channel. The people that abuse it will use another forum... The problem is that systems exist that can be mass exploited and used to coordinate attacks and that there are people happy to exploit those systems. You can use any of the following to coordinate the same attacks: - a web page - ping - DNS - newsgroups - ftp - AIM - Jabber - P2P - Email - blog ... Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Oh, crap s/Get/Why not/ Sorry On Fri, 19 Nov 2004 12:49:32 -0600, shrek [EMAIL PROTECTED] wrote: Even better idea: Get sunset internet1 /me just solved problems 1-5 On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 12:17:09 -0800, Mister Coffee [EMAIL PROTECTED] wrote: Danny wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? And? There are a hell of a lot of normal users on IRC too who don't wreck havoc. A lot of spam comes in email. Does that make email bad? 2) A considerable amount of script kiddies originate and grow through IRC? And AIM, ICQ, Jabber, web-forums, mailing lists, etc. IRC is one medium amungst many. 3) A wee bit of software piracy occurs? Some, perhaps. But unlike, say BitTorrent or Kazaa, IRC's primary role is communication rather than file transfer. You could make the same argument for ANY of the IM clients that support file transfer. 4) That many organized DoS attacks through PC zombies are initiated through IRC? Many do. Yes. But many also originate through other media, and, again, it's not the medium's fault that people use it for nefarious purposes. Hitmen get calls on their cell phones. Should we eliminate cell phones to stop the hitmen? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Anonymity is not a bad thing in many, man, respects. And the list of legitimate uses goes on and on as well. Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? No offense. But the arguments aren't especially strong. We're not pushing to sunset the IRC protocol because there are still thousands and thousands of -legitimate- users in the world. Unlike most IM systems, the IRC nets are completely independant. There are some serious advantages to that. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Yes? IRC is a protocol. A tool like any other. Last I looked there were still hundreds to thousands of IRC users at any given time who were there just to hang out and BS with their friends. It's still a valid community if you will, in spite of the nefarious uses other people have put it to. If you sunset something like IRC, the 3v1L [EMAIL PROTECTED] will just move their bots and trojans somewhere else. Well said. Thanks for your time. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 12:40:26 EST, Danny said: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? And is there *anything* on that list that is in the least bit IRC-specific, or can any *other* IM system work just as well? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Only if you *also* manage to stomp out AIM, and MSN Messenger, and Yahoo, and Jabber, and... Because if you don't, they'll just pick up and move elsewhere. pgpYYNSove8Iw.pgp Description: PGP signature
Re: [Full-Disclosure] Why is IRC still around? (Because anything less would be uncivilized)
Well, fellow F-D'ers, thanks to the vast array of intelligence and experience found on this list, my rant about abolishing IRC has been proven to be far from a solution. Maybe I will throw my suggestion in as Feature Request for Internet2. :D ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Wow, I think you have a great point! To add to the list, Los Angeles has quite a bit of crime, so I think that it should be removed from the face of the planet. Of course, I think some fraud has been occurring on eBay--remove them also. Oh, and some Catholic priests have been in the news for some questionable activities, why keep them around--Catholicism has been overated (been around too long), nuke em. /sarcasm IRC is a great communication tool that has grown and evolved over the years. There will always be a medium for questionable activities and illegal acts to propagate regardless of what communication link you remove. -Michael On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
Danny wrote: Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Many people use IRC; and still do. It's a legitimate medium I've used since the 80's for it's intended purpose. Your abolish idea is, to be honest, a bit simplistic don't you think? Let's just cut through the proselytizing and ban this whole Internet thing, that'll stop 'em. :) What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Path of least resistance. If not IRC another venue would be used. -- dk ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
Wow, NICE analogy Jeff! While IRC is here to stay... The future seems more like servers that're only hosted through big companies/etc as most datacenters are 'forbidding' use of IRC(Ports 6660-6669, 7000) on their network. Just a thought. ~ That's because the Internet is free and no one can control what survives on it. What survives isn't what is *ethical* but what is *useful*. And IRC is very useful for some people, so it's here to stay. The problem is not IRC; the problem is the misuse some people make of it. We cannot make knives dissapear, because they are useful; instead, we must get rid of people that uses knives to kill. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004, Danny wrote: What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? Narrow minded or not, it's irrelevent. Sure, the world *might* be a little teenie bit safer without IRC, but then, the same could be said about half the readership of this list (Hi Paul!): why not sunset them as well? Your argument boils down to the pre-emptive removal of anything that could conceivably be used in an illegitimate manner - as we have all seen with gun control, banning the *tool* is not going to stop the violence. Might as well ban knives, chewing gum, and techno music.. ...D -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF Civilization is in a tailspin - everything is backwards, everything is upside down- doctors destroy health, psychiatrists destroy minds, lawyers destroy justice, the major media destroy information, governments destroy freedom and religions destroy spirituality - yet it is claimed to be healthy, just, informed, free and spiritual. We live in a social system whose community, wealth, love and life is derived from alienation, poverty, self-hate and medical murder - yet we tell ourselves that it is biologically and ecologically sustainable. The Bush plan to screen whole US population for mental illness clearly indicates that mental illness starts at the top. Rev Dr Michael Ellner ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
My mistake; I was referring to the discussion, collaboration, and creation, not the spread. You mentioned DDoS attacks below. I don't believe that use is a form of discussion, collaboration, or creation. Some say we should, but I am not one of those. My point was to get rid of the most well established tool (and easiest to use) for these types of activities. Any tool can be used by anyone for good or evil. If one knows the kiddies are all hanging out on IRC, then you can get a lot of good info about what their new attacks are by loitering on their channels. What's the difference? IRC is so well established for the type of activity I am referring to. As it is established for many productive things. Ever check out freenode? I'll leave the piracy battle for someone else - I just mentioned it as a part of the problem. If you aren't prepared to defend it on this list, better not mention it. =) Sure netcat is an alternative, but which one is easier to use? Um... netcat, or raw tcp sockets. I would argue it is easier to write something that just opens a connection, and listens for commands to come back, than something that has to speak IRC. Speaking IRC has its own advantages, but in the absence of it, it is still trivial to manage a bot net. I thought I would throw out the idea. If you want to call me a troll, then so be it, but don't get your panties in a knot over the whole thing Pardon my harsh reply. It wasn't personal, and is directed only at your reasoning. It is a similar reasoning that leads to the slippery slope toward censorship. tim ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
One alternative - silc. http://www.silcnet.org/ G On or about 2004.11.19 12:40:26 +, Danny ([EMAIL PROTECTED]) said: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -- Gregory A. Gilliss, CISSP E-mail: [EMAIL PROTECTED] Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3 ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 14:47:36 -0600, Bowes, Ronald (EST) [EMAIL PROTECTED] wrote: How exactly do you propose to accomplish this? IRC is an open protocol and there are many open clients and open servers which can run on any port, and run encrypted with SSL. So do you intend to scan every computer on the Internet on port 6667, and shut down every server found running, the move on to random ports that zombies probably use, and start attacking sites that provide open source clients that use an open protocol? Your suggestion makes no sense, and it's something that's impossible to implement. Why not just make knives illegal? I mean, they're frequently used as a weapon, right? Yah, you are right. I just needed to rant when I see all these trojan's written to call home (to an IRC channel) and DoS attacks coordinated via IRC to control unpatched anti-virus-less Windows PC zombies. Next topic... ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, November 19, 2004 9:40 am, Danny said: 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? I think you answered the question. It is still around because it is useful for some. It's not like the ability to host an Internet server is regulated. Anybody can create one. -Eric -- arctic bears - email and dns services http://www.arcticbears.com ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 15:54:54 -0500, Tim [EMAIL PROTECTED] wrote: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? Isn't email the primary spreading mechanism of viruses? My mistake; I was referring to the discussion, collaboration, and creation, not the spread. should we sunset email? Some say we should, but I am not one of those. My point was to get rid of the most well established tool (and easiest to use) for these types of activities. 2) A considerable amount of script kiddies originate and grow through IRC? And if there were no IRC, they would use AIM, or MSN messenger, or more likely, jabber. What's the difference? It is popular amongst hackers (of any level of morality) because it is open. What's the difference? IRC is so well established for the type of activity I am referring to. 3) A wee bit of software piracy occurs? And it doesn't on any other protocol? People who want to pirate will do it using whatever tools are available. Take away one, and others will be used. I'll leave the piracy battle for someone else - I just mentioned it as a part of the problem. 4) That many organized DoS attacks through PC zombies are initiated through IRC? It wouldn't be any harder to pull this off via netcat. If it is the anonymity an attacker wants, they just use one of the zombies as the server. Sure netcat is an alternative, but which one is easier to use? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? How is it any more anonymous than email, or web, or any other unauthenticated protocol? My point was to get rid of the most well established tool (and easiest to use) for these types of activities. You obviously can't get rid of them all. Please don't tell me you trust the From: header in your email, or believe that all of the IPs in your weblogs are directly tied to a person's home PC. And all these years frig! The list goes on and on... Yes, but every one of those arguments is horribly flawed. I am not sure if you are just being a troll or what. I thought I would throw out the idea. If you want to call me a troll, then so be it, but don't get your panties in a knot over the whole thing Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Am I narrow minded to say that it would be a much safer place? yes, you are being narrow-minded. Fair enough. ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
I have never replied to anything on this list (I read it to keep up to date on vulnerabilities, but im not really qualified to contribute anything) but this particular message has peaked my interest. 1. Agreed, by using flaws in IE they then go on to subvert mirc into spamming people. 2. They do. 3. A tremendous amount :) 4. This is only because IRC provides the perfect medium in which to control those zombies (a single message from one person is immediately sent to everyone in the channel at the same time). If a better medium was available, they'd use that. IRC is as close to a real time group conversation as you can get that doesn't used closed protocols. It's fast, simple and used by an enormous number of people - particuarly those who play online games, and for open source projects (#gentoo on freenode regularly has over 900 people in it). In answer to your final question - IRC is very useful for quick conversations in real time with groups of people. Sure there are other things - usenet, web based forums, email based mailing lists, IM networks etc but none have that group feeling as much as IRC. It's problem is twofold - firstly, mirc (the most popular client) has a number of flaws that make it easy to steal peoples auth passwords. But these are not automated! The user must be tricked into typing some commands to set the exploit in motion. This is also the second problem - a link may be mentioned in a channel and people will click on it - from there, if your browser is vulnerable, you can be hit by any number of trojans. There was a winamp trojan going about a few months ago (which I reported and is now fixed - go me :D ) which involved clicking a link in irc that opened winamp through a file association that exploited a security flaw that installed a script for mirc that spammed the same link to everyone in the channel. Like any other medium, it is a combination of a lack of knowledge by the users and exploits/vulnerabilities in software, the only difference, is that on IRC it tends to spread quickly because of its real time nature. So in conclusion, no, IRC should not be killed off, mirc's scripting vulnerabilities should be closed in some way, and vulnerabilities in other software should continue to be discovered and fixed. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: 19 November 2004 17:40 To: Mailing List - Full-Disclosure Subject: [Full-Disclosure] Why is IRC still around? Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? If you mean botnets that gather on IRC as a control channel, I believe IRC is used because it's a relatively simple protocol to code to. It'd be just as easy, arguably easier, to use some other protocol. Check out steele's writeup on a web based botnet of proxies: http://lowkeysoft.com/proxy/ The screenshots at least will give you some idea of how effective a web control channel can be. Do you plan on coming back in two or three years to post Why is HTTP still around? 2) A considerable amount of script kiddies originate and grow through IRC? A lot of us originated and grew through IRC, and I'll give it to you that it's a good playground for the kiddies to play in, but I don't really see how any other communication channel would have prevented this. Most of the kids of today and tommorow are probably coming up through web forums and such anyways. 2 years: Why is phpBB still around? 3) A wee bit of software piracy occurs? I'll hand this one to you too, but the actual transfers go from client to client, not through the IRC servers. Surely this isn't any more insidious than meeting up in some other chat protocol or web site to transfer files from one person to another. Compare to bittorrent where public websites can post a torrent, and hundreds of people who wouldn't have a clue as to how to join an IRC channel can distribute a file with surprising efficiency, both downloading and uploading segments to each other in an automated way. 4) That many organized DoS attacks through PC zombies are initiated through IRC? See 1) 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? If you're not connecting through a proxy/3rd party system in some way, then your anonymity on IRC is probably not as high as you might think. The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Because (assuming that you could somehow stop people from running IRC servers, which I would love to hear how) in two years we'd have to sunset another protocol that people used as a anonymous hangout/warez trading/malware control channel. What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? I don't believe it'd be much safer. The same things that make IRC a nice protocol for script kiddies are the same things that make it a nice simple tool for communication for legitimate purposes. I believe that anything that would prove to be as nice of a chat setup for legitimate users, would be just as convenient for illegitimate purposes. -- Robert Wesley McGrew http://cse.msstate.edu/~rwm8/ ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
RE: [Full-Disclosure] Why is IRC still around?
If you DID manage to take away IRC, they'd find another way to manage their bots. Perhaps they'd all migrate their DDoS nets to Battle.net. /jokes Ron Bowes Information Protection Centre Government Of Manitoba -Original Message- From: Danny [mailto:[EMAIL PROTECTED] Sent: Friday, November 19, 2004 2:53 PM To: Bowes, Ronald (EST) Cc: Mailing List - Full-Disclosure Subject: Re: [Full-Disclosure] Why is IRC still around? On Fri, 19 Nov 2004 14:47:36 -0600, Bowes, Ronald (EST) [EMAIL PROTECTED] wrote: How exactly do you propose to accomplish this? IRC is an open protocol and there are many open clients and open servers which can run on any port, and run encrypted with SSL. So do you intend to scan every computer on the Internet on port 6667, and shut down every server found running, the move on to random ports that zombies probably use, and start attacking sites that provide open source clients that use an open protocol? Your suggestion makes no sense, and it's something that's impossible to implement. Why not just make knives illegal? I mean, they're frequently used as a weapon, right? Yah, you are right. I just needed to rant when I see all these trojan's written to call home (to an IRC channel) and DoS attacks coordinated via IRC to control unpatched anti-virus-less Windows PC zombies. Next topic... ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
An excellent question. On Fri, 19 Nov 2004 12:40:26 -0500, Danny [EMAIL PROTECTED] wrote: Well, it sure does help the anti-virus (anti-malware) and security consulting business, but besides that... is it not safe to say that: 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? 2) A considerable amount of script kiddies originate and grow through IRC? 3) A wee bit of software piracy occurs? 4) That many organized DoS attacks through PC zombies are initiated through IRC? 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? The list goes on and on... Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? What would IT be like today without IRC (or the like)? Am I narrow minded to say that it would be a much safer place? ...D ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -- ME2 http://www.santeriasys.net/rss.php ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
I wish it was possible, but it just wouldn't work. The hackers would move onto the next best chat system, whatever that may be at the time. For it ever to work, you would need to ban all chat communications and peer 2 peer on the internet, and thats unlikely to happen, and would be hard to police. In the meantime what would you do with the billions of legitimate users of IRC, IM and P2P? Tell them to go away as well? I'm anti-malicious hackers, but this idea just would never work. Thanks,n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Re: [Full-Disclosure] Why is IRC still around?
1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc? Isn't email the primary spreading mechanism of viruses? should we sunset email? 2) A considerable amount of script kiddies originate and grow through IRC? And if there were no IRC, they would use AIM, or MSN messenger, or more likely, jabber. What's the difference? It is popular amongst hackers (of any level of morality) because it is open. 3) A wee bit of software piracy occurs? And it doesn't on any other protocol? People who want to pirate will do it using whatever tools are available. Take away one, and others will be used. 4) That many organized DoS attacks through PC zombies are initiated through IRC? It wouldn't be any harder to pull this off via netcat. If it is the anonymity an attacker wants, they just use one of the zombies as the server. 5) The anonymity of the whole thing helps to foster all the illegal and malicious activity that occurs? How is it any more anonymous than email, or web, or any other unauthenticated protocol? Please don't tell me you trust the From: header in your email, or believe that all of the IPs in your weblogs are directly tied to a person's home PC. The list goes on and on... Yes, but every one of those arguments is horribly flawed. I am not sure if you are just being a troll or what. Sorry to offend those that use IRC legitimately (LOL - find something else to chat with your buddies), but why the hell are we not pushing to sunset IRC? Am I narrow minded to say that it would be a much safer place? yes, you are being narrow-minded. tim ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html