[[EMAIL PROTECTED]] Fri, Jul 12, 2002 at 10:16:53AM -0400 wrote: > Why is IRC considered such a security risk? I have heard people discussing IRC >like it was made by the devil himself. Can anyone provide me with some insight into >this. For the sake of discussion, let's assume that DCC is NOT set to Auto Get.....
Well, The first thing that comes to mind is BufferOverruns of some sorts, within the client itself. but lets assume that the client is not vulnerable to any known Bugs/Exploits. Depending on how you are connected to the IRC network itself, you run the risk of exposing your connecting IP/ISP. Now assuming of course your PC is 100% up to date with all the latest security patches, How about when somone posts /sends a interesting URL to the channel and you click on it out of curiosity, this will open your browser to a potental malicious ( broad term ) site, what i mean is that it solely gathers information. ( IP,ISP,Connection, DNS, etc.. Now instead of attacking your machine directly, the bad guy decides go for your ISP's DNS server, is able to compromise it, modify's the DNS info for the mail servers to point to malicious POP server soly to collect e-mail/passwords, etc... hell, not even that, how about a little social engineering calling your ISP pretending to be you or get info about you "This IP was attacking me here's the (falsified) logs." or mabee just grabbing access to the telco itself, The possibilities are only limited to the imagination of the attacker. Basicly as stated before, athough Your machine may be 100% secure, when you connect to the outside world is when you open the doors to endless attacks/vulnerabilities. -nocon
