Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Why is IRC still around?
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sat, 20 Nov 2004 09:02:07 +1300

Danny wrote:

Well, it sure does help the anti-virus (anti-malware) and security
consulting business, but besides that... is it not safe to say that:

1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
2) A considerable amount of "script kiddies" originate and grow through IRC?
3) A wee bit of software piracy occurs?
4) That many organized DoS attacks through PC zombies are initiated through IRC?
5) The anonymity of the whole thing helps to foster all the illegal
and malicious activity that occurs?
The list goes on and on...

Sorry to offend those that use IRC legitimately (LOL - find something
else to chat with your buddies), but why the hell are we not pushing
to sunset IRC?

What would IT be like today without IRC (or the like)? Am I narrow
minded to say that it would be a much safer place?

I daresay the world would not be much different.

The early dedicated DDoS systems had their own inter-agent 
communication channels of varying complexity and sophistication.  I'm 
sure if something easy and convenient such as IRC were not around for 
the skiddie copycats that came along later to usurp, at least one or 
two of said copycats would probably have managed to scrape together 
just enough talent to roll their own simple, lightweight distributed 
messaging system to use as a communication and coordination channel for 
their bot armies and thus we'd have ended up more or less where we are.

Likewise, other methods of more or less "anonymous" intercommunication 
between like-minded skiddies would have evolved had IRC not, as the 
nature of the underlying structure of the Internet is essentially 
anonymous communication (recall that this is a completely unintended, 
and perfectly expected, effect of the purpose of the underlying network 
technology -- it was to be used for a physically closed network, where 
the fact a machine was on the network _meant_ that machine was supposed 
to be there _and_ that its location _AND_ the names and whereabouts of 
the ranking officers responsible for the techies running it would be 
readily available).

Ditto, s/w piracy would have found other largely untraceable online 
outlets such rooted FTP and web servers, compromised SOHO machines with 
fast connections and totally clueless "admins", P2P, etc, etc...

In short, without IRC I'd expect we'd be pretty much exactly where we 
are anyway (save we would have had one less inane question to answer on 
some mailing list).

Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]