[Fwd: Re: Ubuntu irssi 0.8.12-4ubuntu2]

Terence Simpson stdin at stdin.me.uk
Sun Oct 12 13:21:35 UTC 2008 

Sarah Hobbs wrote:
> Could you guys give some input on this please?
>
> Thanks,
>
> Hobbsee
>   
>
This would be the way I'd address the points below (not subscribed to
ubuntu-devel@)
>         Hi!
>
>  Thanks for the (indirect because of my Debian PTS derivates
> subscription - direct would had been much more appreciated) notification
> about this router bug:
>
> * Ubuntu Merge-o-Matic <mom at ubuntu.com> [2008-10-07 19:43:37 CEST]:
>   
>> Launchpad-Bugs-Fixed: 263259
>> Changes: 
>>  irssi (0.8.12-4ubuntu2) intrepid; urgency=low
>>  .
>>    * debian/patches/90irc-ubuntu-com.dpatch: Changed irc.ubuntu.com's
>>      default port to 8001 to avoid DCC exploit (LP: #263259).
>>     
>
> <https://help.ubuntu.com/community/FixDCCExploit>
>
>  Though, it makes me wonder about several things:
>
>  -) Is this a freenode only specific issue? If not, why does the page
> only list freenode? I can understand that it's the most important for
> Ubuntu because irc.ubntu.com points there, but would changing the
> default port for OFTC to 7000 (as documented on their page as
> alternative) work here, too? I tried to update the page with respect
> to that, but I'm not too sure what port(range) the buggy routers are
> checking.
>   
Not a Freenode specific issue, it's the routers (and possibly firewalls)
not the networks. irc.ubuntu.com was the only one changed because that's
our official support/work network which users connect to. Other networks
could/should probably be changed, but I'd be impossible to collect a
list of every IRC network and all the alternate ports each listens to.
So we fix what we can right now.
>  -) Isn't switching it per default for all users propably causing more
> troubles for firewall admins and similar than it solves? How common are
> these buggy routers?
>   
I doubt it, if an admin decided to restricts all outgoing ports but open
6667, they can open 8001. For most uses it will have no impact.
>  -) Why would changing the client be a fix when it's related to the port
> one connects to? It's not really clear here wether Colloquy is affected
> in itself even without a buggy router, but I guess that's what is meant
> here?
>   
If the manufacturer of the router/firewall does not release a
firmware/software update to fix the issue, changing ports is the only
way to protect oneself from the exploit.
>  Given any deeper insight and answers might help me trying to figure out
> how sever it really is and wether this change should be applied to
> Debian in a timely manner, too (and wether I/we should dig further for
> alternative ports of other networks listed in the IRC clients).
>
>  Thanks,
> Rhonda
> P.S.: I'm not subscribed to the list but will try to follow the archive.
>    Thus it would be kind if you could Cc me on replies.
>
>

More information about the Ubuntu-irc mailing list