Re: Disabling DCC on irc

From: Andy (andy@kohn.cjb.net)
Date: 06/24/02 

From: andy@kohn.cjb.net (Andy)
Date: 23 Jun 2002 22:34:53 -0700

Where I work, I asked them to give me access to irc servers, but they
don't agree if there is file sharing in it, so I need a way to connect
to irc but not be able to do file transfering.
If they block all ports above 1024 I won't be able to connect to a irc
server, right??

eirik@mi.uib.no (Eirik Seim) wrote in message news:<slrnahbc2e.h2c.eirik@kain.mi.uib.no>...
> On 23 Jun 2002 03:31:26 -0700, Andy wrote:
> > Greetings,
> > Which settting should I configure in a firewall to disable dcc-send on
> > irc to the clients pcs on a network? (but allow them to connect to a
> > irc server)
>
> When UserA wants to initiate a DCC connection with UserB, he's IRC client
> opens a listening port on his computer, and sends a message to UserB
> containing the port number. UserB's client then connects with that port,
> meaning it is actually UserB who is initiating the TCP connection.
>
> Blocking DCC connections initiated from the inside (as it appears to the
> users), means blocking incoming connection requests to the client pcs on
> basically all ports above 1024.
>
> Blocking DCC connections initiated from the outside (again, as it appears
> to the users), means blocking the client pcs to initiate a connection on
> ports above 1024.
>
> You could of cause tell your users to configure their clients to use a
> certain port range for DCC, and then block this port range.. but I don't
> think that is a good solution :)
>
> NAT, however, is a good help at blocking DCC.
>
> Why do you want to block DCC, by the way? If viruses and trojans are a
> concern, consider disabling the frequently used "autoget" option.
>
>
> - Eirik

Relevant Pages

  • Re: Disabling DCC on irc
    ... opens a listening port on his computer, and sends a message to UserB ... means blocking incoming connection requests to the client pcs on ... Blocking DCC connections initiated from the outside (again, ...
    (comp.security.firewalls)
  • Re: Disabling DCC on irc
    ... opens a listening port on his computer, and sends a message to UserB ... means blocking incoming connection requests to the client pcs on ... Blocking DCC connections initiated from the outside (again, ...
    (comp.security.firewalls)
  • Re: Disabling DCC on irc
    ... Where I work, I asked them to give me access to irc servers, but they ... > opens a listening port on his computer, and sends a message to UserB ... means blocking incoming connection requests to the client pcs on ... > Blocking DCC connections initiated from the outside (again, ...
    (comp.security.firewalls)
  • Re: Hardware firewalls
    ... can tell the difference between MiRC or Trillian trying to open a IRC ... Trilian is a legit user of the IRC port because you just clicked it to ... you didn't ask the trojan to report to mummy. ... Hardware firewalls, whilst superior in most regards, can't make this ...
    (comp.security.firewalls)
  • natd port forward times out, tcpdump yields nothing
    ... When someone connects to irc.domain.com on IRC ports (6667, 8067, ... port requests to the IRC jail as per normal (such as port 80, ... $IPF 10 allow all from any to any via lo0 ... $IPF 20 deny all from any to 127.0.0.0/8 ...
    (freebsd-net)
Quantcast