Full Disclosure mailing list archives
Re: irc over ssl
From: Denis Solaro <dsolaro () coffeehaus com>
Date: Mon, 24 May 2004 18:16:58 +0200
On Mon, 24 May 2004 13:16:40 +0100 "Dave Howe" <DaveHowe () cmn sharp-uk co uk> wrote:
Giannakis Eleftherios wrote:are there any known issues concerning rootkits, backdoors, cmd execution concerning an irc(with ssl) client ?The answer to the question as posed is No However, the *real* answer to the question is to componentize the four items we are discussing, and query each individually. 1. The IRC Client The client may well have overflow or other vulnerabilities, either currently or in the version you are using.
Or it can be called mIrc and be coded by someone who obviously never read one rfc or document on secure programming. This is one of the problems behind the reputation of IRC. We have used internal IRC servers in one of my past jobs where we used to manage links from the US to Frankfurt and to London. IRC is awesome (if used internally) to get whole teams of Network admins / Sysadmins to work together without annoying one to one calls or having to move to a separate conference room. You can cut and paste switch config, firewall config lines just like that. Unfortunately because of mIrc's reputation, some high management decided to have use disuse it.... Great, especially since we are all Solaris or Cisco kids and nothing to do with Microsoft based half compliant IRC stuff. So if you can get the author or mIrc extradited to some secret jail under the Homeland Security policy, I wouldn't mind doing the beating up and medieval stuff. I have some nasty shielded SCSI cables I could use as a whip. PS: Just for the "mIrc colors" invention that man deserves the "hungry lion at the Colosseum" treatment. -- Denis Solaro -- denis.solaro () wanadoo fr _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- irc over ssl Giannakis Eleftherios (May 24)
- Re: irc over ssl Maarten (May 24)
- Re: irc over ssl Dave Howe (May 24)
- Re: irc over ssl Denis Solaro (May 24)
- Re: irc over ssl Ron DuFresne (May 24)
- Re: irc over ssl Denis Solaro (May 24)
- Re: irc over ssl Mortis (May 24)
- <Possible follow-ups>
- Re: irc over ssl adam (May 24)
- Re: irc over ssl Valdis . Kletnieks (May 24)
- RE: irc over ssl Lionel Hendricks (May 24)
- RE: irc over ssl Ron DuFresne (May 24)
- Re: irc over ssl Dave Howe (May 25)
- Re: irc over ssl Denis Solaro (May 25)
- Re: irc over ssl Dave Howe (May 25)
- Re: irc over ssl Valdis . Kletnieks (May 24)
- Re: irc over ssl Ron DuFresne (May 25)