[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: IRC and DCC send  security risk
From:       Daniel Stone <daniel () sfarc ! net>
Date:       2001-07-01 7:12:36
[Download RAW message or body]

On Sun, Jul 01, 2001 at 09:03:08AM +0200, blaster wrote:
> Hi,
> 
> As mIRC now send 2 msg when you start a DCC (because it seems some irc
> client need them both), netfilter should rewrite the ip in both and not only
> in the PRIVMSG part because one of the NOTICE going out with your LAN ip
> with is can be considered as a security risk giving out infos on the LAN
> configuration.
> 
> There the 2 msg issues by mirc, see on DCC receiver side :
> 
> NOTICE nick :DCC Chat (myLANip)
> PRIVMSG nick :
DCC CHAT chat externalipinlongformat 1285

> 
> The myLANip should be rewrite too.

No, this is completely untrue. It should be left how it is, it is mIRC that
is at fault here. ip_conntrack_irc and ip_nat_irc will not be extended
because the mIRC author decides to dictate random crap on a whim.

We're sticking to the RFC, not Khaled Mardam-Bey.

d 

-- 
Daniel Stone						     <daniel@sfarc.net>
<Nuke> "can NE1 help me aim nuclear weaponz????? /MSG ME!!"

[prev in list] [next in list] [prev in thread] [next in thread]