Re: [Full-Disclosure] Why is IRC still around?

From: Nick FitzGerald (
Date: 11/19/04

  • Next message: GuidoZ: "Re: [Full-Disclosure] Gmail anomaly"
    To: Mailing List - Full-Disclosure <>
    Date: Sat, 20 Nov 2004 09:02:07 +1300

    Danny wrote:

    > Well, it sure does help the anti-virus (anti-malware) and security
    > consulting business, but besides that... is it not safe to say that:
    > 1) A hell of a lot of viruses/worms/trojans use IRC to wreck further havoc?
    > 2) A considerable amount of "script kiddies" originate and grow through IRC?
    > 3) A wee bit of software piracy occurs?
    > 4) That many organized DoS attacks through PC zombies are initiated through IRC?
    > 5) The anonymity of the whole thing helps to foster all the illegal
    > and malicious activity that occurs?
    > The list goes on and on...
    > Sorry to offend those that use IRC legitimately (LOL - find something
    > else to chat with your buddies), but why the hell are we not pushing
    > to sunset IRC?
    > What would IT be like today without IRC (or the like)? Am I narrow
    > minded to say that it would be a much safer place?

    I daresay the world would not be much different.

    The early dedicated DDoS systems had their own inter-agent
    communication channels of varying complexity and sophistication. I'm
    sure if something easy and convenient such as IRC were not around for
    the skiddie copycats that came along later to usurp, at least one or
    two of said copycats would probably have managed to scrape together
    just enough talent to roll their own simple, lightweight distributed
    messaging system to use as a communication and coordination channel for
    their bot armies and thus we'd have ended up more or less where we are.

    Likewise, other methods of more or less "anonymous" intercommunication
    between like-minded skiddies would have evolved had IRC not, as the
    nature of the underlying structure of the Internet is essentially
    anonymous communication (recall that this is a completely unintended,
    and perfectly expected, effect of the purpose of the underlying network
    technology -- it was to be used for a physically closed network, where
    the fact a machine was on the network _meant_ that machine was supposed
    to be there _and_ that its location _AND_ the names and whereabouts of
    the ranking officers responsible for the techies running it would be
    readily available).

    Ditto, s/w piracy would have found other largely untraceable online
    outlets such rooted FTP and web servers, compromised SOHO machines with
    fast connections and totally clueless "admins", P2P, etc, etc...

    In short, without IRC I'd expect we'd be pretty much exactly where we
    are anyway (save we would have had one less inane question to answer on
    some mailing list).

    Nick FitzGerald
    Computer Virus Consulting Ltd.
    Ph/FAX: +64 3 3529854
    Full-Disclosure - We believe in it.

  • Next message: GuidoZ: "Re: [Full-Disclosure] Gmail anomaly"

    Relevant Pages

    • Re: The Future of the Usenet (was: Re: Good-Bye
      ... If killfiles worked, the Usenet would be ... Without trolls and spammers, the Usenet could be the most ... to a means for making the world a smaller place, very much like IRC, ... on our network as well, albeit that there is nothing for them to leech. ...
    • Re: Possible virus?
      ... The traffic that you are seeing are going to an IRC network, ... >inbound tcp src outside: dst ...
    • Re: checking if my system is compromised
      ... We are contacting you in order to inform the Abuse Department of your ISP that the following IPs have been compromised by unknown persons: ... Abusers have been caught on IRC using ... Network, please reply to our reporting e-mail, so this way we can ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    • Re: Port 6667
      ... > I have been scanning my network for a while and found IRC ... > Port 6667 on two machines. ... It sounds like you have an IRC client running. ... If you did not install it ...
    • Re: [Full-Disclosure] Why is IRC still around?
      ... > 3) A wee bit of software piracy occurs? ... > 4) That many organized DoS attacks through PC zombies are initiated through IRC? ... > to sunset IRC? ...