Archive for the ‘IRC’ Category

« Older Entries
Newer Entries »

Beat Them at Their Own Game

Wednesday, April 16th, 2008

As a recent post also indicated, botnets are considered one of the main Internet security threats. Researchers from the Georgia Institute of Technology have proposed a new piece of software that can detect botnets, named BotSniffer.

It is hard to detect botnets, as they make use of existing protocols such as IRC in ways that it makes it hard to distinguish them from ‘normal’ users.

The researchers explain: “Our approach is based on the observation that, because of the pre-programmed activities related to C&C (command & control, ed.), bots within the same botnet will likely demonstrate spatial-temporal correlation and similarity.”

Read the full post (332 words, estimated 1:20 mins reading time)

Tags: Botnets, DDoS, IRC, Software
Posted in Botnets/DDoS, IRC, Software | 2 Comments »

IRCu Family IRCd DoS Exploit

Wednesday, April 9th, 2008

Last month a new bug have been found in IRCu family IRCd’s which can be exploited leading to a crashing server.

In this post on Milw0rm the bug and exploit is explained. IRCu (<= 2.10.12.12) and many derivatives are affected.

IRC-Junkie asked Slug, who found the bug and described it on Milw0rm, how he found the bug. “Core dump from one of our servers,” Slug starts. “send_user_mode in s_user.c does not check that the argument after a +r mode is present, if it is not than the NULL sentinel may be missed, causing the function to iterate over the boundary of the array.”

Read the full post (162 words, estimated 39 secs reading time)

Tags: Hack, IRC, IRCu
Posted in Hack, IRC, IRCd | 2 Comments »

Majority of Junk Traffic Consists of DDoS Targetted at IRC Servers

Tuesday, April 8th, 2008

Security Service Provider Arbor Networks studied the amount of junk traffic over the total sum of Internet traffic, and found some remarkable figures when it comes to IRC traffic.

Over the past 1,5 year the company analyzed data of 70 ISP’s. The findings show that on average 4% of all traffic is junk, such as spam and DDoS attacks topping 1,5TB of data, per second.

Of this 4%, on average 1300 DDoS attacks daily makes halve of the junk traffic. But on occasions, DDoS can make 5% of the total Internet traffic. Of the monitored DDoS attacks the majority consists of TCP SYN floods and ICMP floods targeted to IRC servers.

Read the full post (145 words, estimated 35 secs reading time)

Tags: Botnets, DDoS, Hack, IRC
Posted in Botnets/DDoS, Hack, IRC | 5 Comments »

AustNet Moves to InspIRCd

Thursday, April 3rd, 2008

After being based on a modified IRCu for a long period of time, AustNet moves to an InspIRCd based IRCd. IRC-Junkie asks AustNet’s Praetorian about the how, why and what of this change.

“The previous IRCd that was in use, Austhex 7, had served AustNet for quite a long period,” Praetorian explains. “it was modified quite a bit, to accommodate things that were unique to AustNet, such as “helpers”, and virtual world, which when implemented, was quite unique for its time.”

Being so heavily modified it also offered serious challenges in the last days of its use. Sections of its code became so outdated modern compilers had problems compiling the code.

Read the full post (365 words, estimated 1:28 mins reading time)

Tags: AustNET, InspIRCd, IRC, Software
Posted in IRC, IRCd, Networks | 8 Comments »

Yeah Right >:)

Wednesday, April 2nd, 2008

Obviously that was a lame attempt at an April Fool’s joke >:)

Naturally IRC-Junkie wasn’t the only one attempting:

InspIRCd announced The WOW Starts Now! The project would turn commercial with paid version ranging from Home Basic to Commercial. A free version named Basic would remain available. W00t explained: “It will continue to be available free for those of the world who cannot afford to pay for licencing. It includes an executable file built for redhat 5.1 on the 286 architecture with egcs 1.0 which may or may not work. YMMV.”

Read the full post (264 words, estimated 1:03 mins reading time)

Tags: InspIRCd, IRC, Quakenet, Undernet
Posted in IRC, Networks | 2 Comments »

« Older Entries
Newer Entries »