Re: IRC Channel Access

Sean Parsons wrote:
> They say there is some DCC exploit my router is susceptible to, but can't be
> specific, so they run some test on my connection and then kick/ban me from
> channels. There is nothing wrong with my Linksys WRT54G router, except some
> script kiddies on their network flood channels and I will apparently loose
> connection and be dropped. So instead of educating people or patching their
> servers, they kick//ban people, and when you ask questions the play with
> their bots and pelt you with useless links... 6 on 1 is a bit overwhelming.
>
>
>
> I tried 3 clients, same thing. Whatever they have built tests connections.
> They can't explain why this is an issue to them if my connection gets
> dropped, it's really my problem... They suggested changing from port 6667 to
> 8001 and after a great deal of confusion about "how " to do it in the
> various clients, I was still kicked/banned from certain channels. So I give
> up with these guys and their power trip. I've done nothing but
> read/learn/contribute so I'm not a threat, but they feel this is the way to
> handle things.
>
>
>
> The DCC problem has been an issue for years, but to suddenly target users in
> chat rooms designed to educate, is ridiculous and irresponsible behavior. So
> I'd rather not use freenode, unless I have no other choice. BTW I am on a
> fixed IP so it wouldn't take much for then to ban me from every channel..
>
>
>
> Sean Parsons
>
>
>
> From: plug-discuss-bounces@lists.plug.phoenix.az.us
> [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Bob
> Elzer
> Sent: Friday, November 13, 2009 9:42 AM
> To: 'Main PLUG discussion list'
> Subject: RE: IRC Channel Access
>
>
>
> It's kind of like a web page, it's only on the one server.
>
>
>
> But unless you have a static IP, I'm not sure how they could ban you.
>
>
>
> You could try loggin on with a different name, and even a different client.
>
>
>
>
>
>
>
> _____
>
> From: plug-discuss-bounces@lists.plug.phoenix.az.us
> [mailto:plug-discuss-bounces@lists.plug.phoenix.az.us] On Behalf Of Sean
> Parsons
> Sent: Friday, November 13, 2009 8:22 AM
> To: 'Main PLUG discussion list'
> Subject: IRC Channel Access
>
> Is freenode the only access to PLUG-AZ? I seem to have been kicked out of a
> channel because my "router" is buggy, some exploit they say I am susceptible
> to and there for are banned from the #Ubuntu channel entirely. The ops think
> its funny to gang up and pelt you with conflicting answers and when you call
> them on their behavior you get lectured on net etiquette, kettle?
>
>
>
> Needless to say I am too old for kid games, is there another server that has
> access to the channel?
>
>
>
> Sean Parsons
>
Sean, this info was a bit new for me so I looked it up:

***********************************************

        DCC SEND exploit

The DCC send exploit can refer to two bugs, a variant buffer overflow
<http://en.wikipedia.org/wiki/Buffer_overflow> error in mIRC
<http://en.wikipedia.org/wiki/MIRC> triggered by filenames longer than
14 characters^[1]
<http://en.wikipedia.org/wiki/Direct_Client-to-Client#cite_note-0> and
an input validation error
<http://en.wikipedia.org/w/index.php?title=Input_validation_error&action=edit&redlink=1>
in some routers manufactured by Netgear
<http://en.wikipedia.org/wiki/Netgear>, D-Link
<http://en.wikipedia.org/wiki/D-Link> and Linksys
<http://en.wikipedia.org/wiki/Linksys>, triggered by the use of port
0^[/citation needed
<http://en.wikipedia.org/wiki/Wikipedia:Citation_needed>/] . The router
exploit, in particular, may be triggered when the phrase 'DCC SEND '
followed by at least 6 characters without spaces or newlines appears
anywhere in a TCP
<http://en.wikipedia.org/wiki/Transmission_Control_Protocol> stream on
port 6667, not just when an actual DCC SEND request has been made. (from
http://en.wikipedia.org/wiki/Direct_Client-to-Client)


***********************************************

learn something new every day. :)
Unfortunately, they don't specify which models are affected, or even
what the test is to determine
if you have an affected model. Personally, I don't use such commodity
devices as they cannot handle
some of the traffic I put through here daily (several other game players
in the house wanting access
on specific ports, torrent traffic, all that). I use an openbsd box
(which gives me full control of what
where and how). I could help you setup one if you want.

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss