From: Chris Green (cmg@dok.org)
Date: Wed Sep 08 2004 - 14:15:48 EDT
proc ps <procps@softhome.net> writes:
[snip]
> As the clients purpose are just for file sharing, email, internet
> access, instant messaging and some irc usage for the students.
[snip]
> How can I secure/scan for virii what the members are downloading via
> IRC? How about the possibilities of hijacking connections via IRC?
> What are the threats that can come to this network via the IRC
> protocol?
The File transfer capabilities of IRC are implemented using the DCC
protocol. DCC was an addon after IRC was created that transmits port
information across the messages between clients and then one client
connects to the other client without using the server at all.
http://www.irchelp.org/irchelp/rfc/dccspec.html
There are client side vulnerabilities and server side vulnerabilities
in IRC software much like anything else.
-- Chris Green <cmg@dok.org> Don't use a big word where a diminutive one will suffice. ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT