PDA

Click to See Complete Forum and Search --> : IRC and CTCP

Satanic Atheist
09-09-2003, 12:03 PM
Is it possible to block CTCP on IRC so that your local ip address and user name are not given out?

I don't particularly wish to run through a proxy, but if I could just filter out CTCP, it should stop users figuring it out.

I've searched all over the net, and I've come to two possible conclusions:

1) Use a proxy and perform some redirection tricks so it gets redirected off the internal (masqueraded) network and shows up as 192.168.1.1 or something.

2) Use IPTables to block incoming connections on port 6667 (but allow outgoing info and masq'ed info). The only problem here is that I've heard that IRC uses UDP ports and not TCP ports and UDP is a connectionless system.

Does anyone have any ideas to make this happen? My reasons for doing this are not to hide, but I really wouldn't want anyone to test my security (just in case they find a hole).

James
serz
09-09-2003, 02:13 PM
Originally posted by Satanic Atheist
Is it possible to block CTCP on IRC so that your local ip address and user name are not given out?
I'm afried that's not possible. user@host are always shown.

What many people do is use Virtual Hosts, so they can't traced or something.
decamber
09-12-2003, 07:20 AM
Originally posted by Satanic Atheist
Is it possible to block CTCP on IRC so that your local ip address and user name are not given out?

I guess no. Please correct me if I'm wrong, but I think IRC uses the ident protocol (see RFC 1413 (http://www.faqs.org/rfcs/rfc1413.html)) to retrieve user information. Blocking ident(d) connections will result in not being able to connect to the IRC network.
Satanic Atheist
09-12-2003, 08:41 AM
Well, I was quite happily messing around on IRC when some moron decided (in a VERY full channel) to broadcast my logon name to my own server (and my machine, as it happens) and my IP address. Cheers.

Quick 1-2 to the server later and the Firewall now blocks SSH connections.

Ah well, thank God for Linux security and after a torrent of Internet abuse straight into the Firewall (and the IPTables logging file hitting the roof) my machine is still "uncompromised".

I really don't think this would even be possible with a Windoze machine and it would've been cracked in seconds.

Thanks for the replies, but if it hasn't been cracked by now, I doubt I'm in any danger.

James