[ubuntu-uk] IRC security mention in Ubuntu Weekly News 27

alan c aeclist at candt.waitrose.com
Mon Jan 15 18:58:55 GMT 2007 

Michael Wood wrote:
> alan c wrote:
>> I  have only used IRC a few times, and have only a vague idea of the 
>> issues around it. I noyice in UWN 27 that
>> =====
>> If you are using IRC to connect to any of the Ubuntu IRC channels, the 
>> IRC Operator's Team would like to inform you that to make your 
>> connection secure you should use port 8001 when connecting to any of 
>> the Freenode servers. There has been a recent surge in people 
>> exploiting vulnerable routers of IRC users. Using port 8001 will 
>> prevent you from being disconnected from one of these DCC attacks. It 
>> is also recommended that you download and install the latest firmware 
>> for your router. Do note that all these attacks do is disconnect you 
>> from the IRC server. So to avoid being banned from a channel due to 
>> join and part flooding, fix your settings now.
>> =====
>>
>>   
> These kinds of attacks are quite rare and do not damage your system they 
> are just cause inconvenience to the user.
> 
> They also only effect certain models and makes of (broadband) router.
> 
> Effectively what the attacker does is send some malformed packets (data) 
> to your internet IP address via IRC (using DCC),
> a few routers have bugs in their firmware (the on-board software) which 
> don't deal with these malformed packets
> correctly and the connection gets reset.
> 
> Port 8001 is immune to this attack which is why they are recommending 
> it. In your irc clients stored server settings you can usually
> change which port it uses to connect.
> 
>> I presume the port used is fairy easy to examine by each user, however 
>> the comment about router firmware suggests more complications for 
>> users who are not really very technically experienced (I include 
>> myself here).
>>
>>   
> If you're rarely on IRC I wouldn't give this much thought.

I plan to hopefully use it more as time passes because it is a major 
communications facility for ubuntu information. However, the more that 
complications that arise the more likely it will be postponed etc.
-- 
alan cocks
Kubuntu user#10391

More information about the ubuntu-uk mailing list