Solved

Interesting IRC question ... 500 points up for grabs

Posted on 2004-08-20
7
230 Views
Last Modified: 2013-11-21

A friend uses IRC extensively ....

He asked me a little while ago an interesting question ... and I have just thought of posting it here now, and maybe get an answer to it ...

He said to me that whenever he seems to have private conversations with persons from a lot of the channels, there seem to be some people aware of what they are talking about .... in the private chats. He uses mIRC.

Is this possible, and how was that achieved and how can one combat this issue?



0
Comment
Question by:CrisAndrei
7 Comments
 
LVL 19

Expert Comment

by:Dexstar
ID: 11852641
CrisAndrei:

> He said to me that whenever he seems to have private conversations with
> persons from a lot of the channels, there seem to be some people aware
> of what they are talking about .... in the private chats. He uses mIRC.

> Is this possible, and how was that achieved and how can one combat this issue?

Well, it is *possible*, but not very likely.  IRC is inherently insecure.  Each person connects to a server, and the servers themselves are all interconnected.  Anyone between you and the server you are using, or anyone between the person you're talking with and the server they're using, or anyone between the two servers COULD monitor the network traffic and see what you're talking about.  Furthermore, anyone who operates an IRC server could log anything you say and record it forever.

However, since there are hundreds of thousands of people using IRC, with lots of private chats going on, it's just unreasonable to monitor them all.

The solution is to use a DCC chat (tricky to do behind firewalls, but still possible).  DCC means "Direct Client-to-Client", so the two people are talking directly without any IRC server involved.  That means that only people between you and the other person could listen in, which dramatically reduces the number of people who could listen in.

Another way (or to be used in combination with DCC) would be to use a client that supports some level of encryption.  Trillian does, but I'm not sure of any others, although they do exist.

HTH,
Dex*
0
 
LVL 8

Expert Comment

by:Wojciech Duda
ID: 11852689
Actually has your friend thought about the possibility that if he has a private chat his partner could be telling details to someone else, also via a private chat?
0
 

Author Comment

by:CrisAndrei
ID: 11858231

This is what happened:
He logged into a Undernet, and joined a motoring club channel.
There's been some arguements within the channel, at which stage, he opened a private chat with a very good friend of his.
They were talking in private about the arguement that going on in the channel, at which point, one of the other people from the channel, whom the arguement was going against, started posting their private chat.

My friend got quite upset, and closed the irc client, and he's been very upset ever since, as this affected him badly.
Hence his question to me as to how this may have been achieved.....

0
 
LVL 19

Accepted Solution

by:
Dexstar earned 500 total points
ID: 11859794
CrisAndrei:

> There's been some arguements within the channel, at which stage, he opened a private
> chat with a very good friend of his.

Well, you know what they say about arguing on the Internet being like competing in the Special Olympics, right?

> My friend got quite upset, and closed the irc client, and he's been very upset ever
> since, as this affected him badly.
> Hence his question to me as to how this may have been achieved.....

There are a couple of ways this could've happened:
    1) His friend told the other guy what was being said (Occam's Razor tends to make this think this is the correct option)
    2) The other guy was an IRC operator and had the power to monitor the chat.
    3) One or other's computer was hacked into which allowed the other guy to monitor what was being said.
    4) The other guy was impersonating his friend, so the private chat was REALLY with the other guy, not his friend.

BTW, a DCC chat would've only prevented #2.  Anyway, IRC is like the wild west:  It's mostly safe, but there are some real jackasses out there and you should be careful.  Regardless, he shouldn't let anything about IRC upset him that much.  It's just IRC.

-D*
0
 
LVL 1

Expert Comment

by:Alien3
ID: 11927839
yeah i agree.

it takes a person with packet sniffer to sniff the IRCd  ( Internet Relay Chat Deamon) Software that usually runs on linux systems.  

Im IRC operator on many irc networks and I cant really sniff the chat myself because I dont have access to most of IRCd's  
you have to be owner of IRCd yourself to find out what going on your IRCd server.  

also
using SSL connection would stop sniffers from reading your private chats.  



0

Featured Post

Register Today - IoT Current and Future Threats

Are you prepared to protect your organization from current and future IoT Threats?  Join our Wi-Fi expert in episode three of our webinar series for a look at the current state of Wi-Fi IoT and what may lie ahead. Register for our live webinar on April 20th at 9 am PDT!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question