Home page logo

basics logo Security Basics mailing list archives

Re: Blocking IRC Access
From: getting_out <getting_out () tele2 it>
Date: Tue, 18 Nov 2003 21:48:35 +0100

hmm, blocking irc. I think it's a very difficult thing to do.
If you have an open port, I can always connect to irc.
For example, in my office there's a firewall that block all ports (except needed), but I can still connect by the 80. I simply use an HttpTunnel. I can't download file, but I can chat (and it's what I wanna do).

I think that a pretty way is to look on which user-agent sends varius irc program and then forbit it. Or accept only some type of user-agent like IE, Netscape, Mozilla, Opera, etc, etc! But I can still make a program that get all the communication on local host, redirect through the firewall adding (and if needed removing the wrong one) user-agent ;)

Tell me on how will you block irc connection. I'm really interested in it.


On Mon, 2003-11-17 at 14:46, Mike wrote:

>> Hi All,
>> I'm looking at moving my career towards security, so was interested when I
>> received an email from our security department that stated they would be
>> blocking IRC by closing ports 6665-6669.
>> I would have thought a lot more ports would need to be closed if the secops
>> wanted to completely block IRC.
>> What is the "best" way to disable access to IRC?
>> Block known ports, what ports would need to be blocked?
>> Or just drop packets, how would that be done?
>> We use Cisco equipment and are primarily a win2k 70% winxp 30% site
>> Like I said I'm wanting to move into security, but at the moment I wouldn't
>> even class myself as a novice.
>> Any input I could get from this list will be very much appreciated!
>> Thanks
>> Mike


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]