Internet relay chat
Download
1 / 14

- PowerPoint PPT Presentation


  • 940 Views
  • Updated On :

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li What is IRC? Internet Relay Chat is one of the most popular and most interactive services on the Internet. Using an IRC client (program) you can exchange text messages interactively with other people all over the world.

Related searches for

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about '' - omer


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Internet relay chat l.jpg

Internet Relay Chat

Security Issues

By Kelvin Lau and Ming Li


What is irc l.jpg
What is IRC?

  • Internet Relay Chat is one of the most popular and most interactive services on the Internet.

  • Using an IRC client (program) you can exchange text messages interactively with other people all over the world.


What is irc3 l.jpg
What is IRC?

  • Benefits

    • Allows chat and file sharing

    • Companies can avoid fees from long distance and conference calls

  • Drawbacks

    • Consumes bandwidth

    • Means of spreading worms

    • Susceptible to flooding

    • Can be embedded in trojans and act as a hostile server unnoticed


Protocol l.jpg
Protocol

  • Server/Client model

  • Allows DCC (Direct Computer-to-Computer) connections

    • DCC connections bypass server for direct chat and file-transfers between clients


Usage l.jpg
Usage

  • Users connect to a public IRC server

  • Join channels

  • Chat with other users

  • Share files through DCC connections


How is irc used for malicious purposes l.jpg
How is IRC used for malicious purposes?

  • Malicious users can privately exchange exploit information

    • Passwords

    • Warez (Pirated Software)

    • Vulnerability Information

    • Attacker Tools

      • Viruses, Worms, Flooders


Intruder detection avoidance l.jpg
Intruder Detection Avoidance

  • Checking that server administrators are offline

  • Exploiting backdoors to gain administrator control

  • Erasing presence from log files.

  • Uploading tools to hidden directories

  • Hiding tools in trojans to run processes in background


How is irc exploited l.jpg
How is IRC exploited?

  • Servers have little control over DCC file transfers

  • IRC is not confined to a specific infrastructure, so completely private networks can be created

    • Common method for communication between attackers

    • Sets up an invitation only channel for other intruders.


Distributed denial of service l.jpg
Distributed Denial of Service

  • Distributed Denial of Service (DDOS) attacks

    • Clone/Flood/War bots simulate multiple users connected to a channel

    • Bots spread and infect hundreds of computers that log into the channel

    • Attacker sends a command through IRC causing all bots to simultaneously flood packets to a target

    • Attacks can use UDP, TCP, ICMP and SYN packets


Distributed denial of service10 l.jpg
Distributed Denial of Service

  • Major company servers have been shut down by DDOS attacks (Yahoo, eTrade, Amazon.com, DALnet)


What if your server is being attacked right now l.jpg
What if your server is being attacked, right now?

  • If the attacker uses ICMP packets, make sure your server does not reply to ICMP packets or install a firewall

  • Set the amount of connections per IP Address to 1 connection, or ban the IP Addresses of the bots

  • Have as few services as possible running, and switch of services such as FTP

  • Keep your software up to date


Irc lab setup l.jpg
IRC Lab Setup

  • IRC Server

    • Linux-based Unreal IRC server

    • Will modify configuration file for own use

  • IRC Client

    • PolarisX based on popular mIRC client

    • Runs on Windows

  • Kaiten DDoS program

    • Generates IRC bots

    • Capable of various flood attacks and spoofing


Irc lab goals l.jpg
IRC Lab Goals

  • What you will do in the lab

    • Set up Linux IRC server and Windows clients

    • Initiate chat and file transfers

    • Perform and analyze IRC DDoS attacks



ad