We are happy to announce that Living Internet is now part of BroadbandNow! Read here to find out more.

IRC Security

Similarly, Internet “chat” services like IRC could be used; indeed there’s an emerging tradition of using IRC and similar services for
real-time, anonymous, control of worms and viruses.

– M. Leech; Chinese Lottery Cryptanalysis Revisited: The Internet as a Codebreaking Tool; RFC 3607; September 2003.

See the Internet
section for general security information. This section describes
IRC specific security risks. IRC
insecure, public space, so you should have fun but be cautious:

  • Confidentiality. The IRC space is completely insecure with respect to confidentiality. Any user on IRC can record the conversation on a channel, and many people do. And anyone administering
    one of the servers on the network can record all of the conversations on that

    The one protection you have is that your identify should be
    restricted to your nickname. However, your real identify could be discovered based
    on your IP address in the event someone
    went to the trouble of breaking into the IRC web server logs.

    On systems
    like DALnet that provide you with a permanent nickname your identity is technically easier to discover,
    although in normal circumstances an IRC administrator will not provide this information
    to third parties unless under a valid court order.

  • Gender. IRC is a large public space, like a big city,
    and a woman can sometimes attract unwanted attention. Women shouldn’t choose feminine nicknames unless they want to advertise their gender, and may want to choose
    a neutral name like “Yukon” or something similar.
  • Personal information. Never under any circumstance give out your address, phone number, real name, or
    other identifying information to anybody on the Internet, no matter who they say they are or what
    the reason is.
  • Viruses. Never run an IRC script or type a command that someone else asks you to, unless you are absolutely sure you know what it does. For example, the IRC command “/fserve 1 c:” can give a hacker access to your hard drive. Other commands can give a hacker complete control of your IRC session with very undesirable results. This ability of IRC to run scripts has been exploited by worms to propagate across the Internet. And of course, make sure you are running a virus protection program.

Resources. The following sites provide more information on IRC security: