Re: IRC protocols and insecurity

From: Barrie Dempster (barrie@reboot-robot.net)
Date: Thu Sep 09 2004 - 17:40:03 EDT

• Next message: 4secure@web.de: "virus product pentest"
• Previous message: tblinux@covad.net: "Testing a web app with heavy JS use"
• In reply to: DokFLeed.Net: "Re: IRC protocols and insecurity"
• Next in thread: David Coppa: "Re: IRC protocols and insecurity"
• Reply: David Coppa: "Re: IRC protocols and insecurity"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2004-09-09 at 05:58, DokFLeed.Net wrote:

> I think everything flyes in readable text
<snip>
> a Sniffer on the server will see all the communications

You can setup most IRC servers with an SSL option and you could force
users to use this, therefore it would all be encrypted.

If you pick a well maintained actively developed IRC server, it will be
just as secure as any other service you run, in essence. Also running
the server locally rather than using MSN or other clients that rely on
external servers will mean you can A: trust the servers fully and B:
control them and maintain them yourself.

If you want to have intra-company communication, bulletin boards and IRC
isn't a bad choice.

-- 
Barrie Dempster (zeedo) - Fortiter et Strenue
  http://www.bsrf.org.uk
[ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: 4secure@web.de: "virus product pentest"
• Previous message: tblinux@covad.net: "Testing a web app with heavy JS use"
• In reply to: DokFLeed.Net: "Re: IRC protocols and insecurity"
• Next in thread: David Coppa: "Re: IRC protocols and insecurity"
• Reply: David Coppa: "Re: IRC protocols and insecurity"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:05 EDT