Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Why is IRC still around?
From: Danny <nocmonkey () gmail com>
Date: Fri, 19 Nov 2004 13:59:52 -0500

On Fri, 19 Nov 2004 13:54:30 -0500, bkfsec <bkfsec () sdf lonestar org> wrote:
Danny wrote:



Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:

1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of "script kiddies" originate and grow through IRC?
3) A wee bit of software piracy occurs?
4) That many organized DoS attacks through PC zombies are initiated through IRC?
5) The anonymity of the whole thing helps to foster all the illegal
and malicious activity that occurs?
The list goes on and on...

Sorry to offend those that use IRC legitimately (LOL - find something
else to chat with your buddies), but why the hell are we not pushing
to sunset IRC?

What would IT be like today without IRC (or the like)? Am I narrow
minded to say that it would be a much safer place?



I don't think that it would have any impact at all with regard to
stopping malware and crackers.

Even if the legitimate IRC servers were shut down, it would still be a
simple matter for them to create their own servers on non-standard
ports.  Barring their ability to do that, they'll completely move to IM
or P2P protocols (like WASTE) to carry out their attacks.  They've
already created the tools to do this and they're actively doing it right
now.

In fact, in this regard IRC is a godsend with regard to tracking down
attackers.  It's easier to determine the location of an IRC bot and to
track unencrypted IRC traffic than it is to track WASTE packets or IM
connections.

Protocols (and their implementations) aren't causing the "illegal
activity" as much as the drive to carry out illegal acts is.

Fair enough... I just need to be enlightened. Thanks for your time.

...D

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]