IRC and DCC send security risk
Pol Muaddib
muaddib@mailandnews.com
Sun, 1 Jul 2001 21:26:14 +0200
Right ON!
Khaled better get his act together and stick to RFCs.
* - * - *
Tzahi Fadida
Tzahi@mailandnews.com
Fax (+1 Outside the US) 240-597-3213
* - * - * - * - * - *
-----Original Message-----
From: netfilter-admin@lists.samba.org
[mailto:netfilter-admin@lists.samba.org]On Behalf Of Daniel Stone
Sent: Sunday, July 01, 2001 9:13 AM
To: blaster
Cc: netfilter@lists.samba.org
Subject: Re: IRC and DCC send security risk
On Sun, Jul 01, 2001 at 09:03:08AM +0200, blaster wrote:
> Hi,
>
> As mIRC now send 2 msg when you start a DCC (because it seems some irc
> client need them both), netfilter should rewrite the ip in both and not
only
> in the PRIVMSG part because one of the NOTICE going out with your LAN ip
> with is can be considered as a security risk giving out infos on the LAN
> configuration.
>
> There the 2 msg issues by mirc, see on DCC receiver side :
>
> NOTICE nick :DCC Chat (myLANip)
> PRIVMSG nick :�DCC CHAT chat externalipinlongformat 1285�
>
> The myLANip should be rewrite too.
No, this is completely untrue. It should be left how it is, it is mIRC that
is at fault here. ip_conntrack_irc and ip_nat_irc will not be extended
because the mIRC author decides to dictate random crap on a whim.
We're sticking to the RFC, not Khaled Mardam-Bey.
d
--
Daniel Stone <daniel@sfarc.net>
<Nuke> "can NE1 help me aim nuclear weaponz????? /MSG ME!!"