After much time spent researching dedicated server providers I couldn't help but notice a trend. The trend of which I speak is the labeling of all IRC as, "abuse".

It is understandable that certain behavior often associated with IRC use could be seen as a risk for a network, but to place a 100% ban on all IRC activity seems illogical to me.

IRC (Internet Relay Chat) was born in 1988 as a communications program with the intention of allowing USENET kinds of discussions on a BBS (Bulletin Board System). Starting as a single server, the IRC network has grown into a massive chat network consisting of thousands of servers linked worldwide.

The problem with banning IRC lies within the terminology.

IRC is a term that is used to describe two separate things simultaneously, the loose confederation of worldwide chat networks and also the name of the protocol used by those chat networks.

IRC is the standard protocol for text-based chat (RFC1459). This is similar to how SMTP (Simple Mail Transfer Protocol) is the standard protocol for host-to-host mail transport (RFC821).

Thus logic would suggest that placing a blanket ban on 'IRC' because it might lead to abuse would be similar to banning SMTP since it is used by spammers to send unsolicited email.

Here is some of the language used in the Acceptable Use Policies:

unitedcolo: "IRC of all types"

serverbeach: "ServerBeach does not allow the use of IRC on the ServerBeach network. This includes, but is not limited to, the use of IRC clients, server software, bots or anything related to IRC. Violators' servers will be suspended."

nocster: "does not allow IRC or IRC bots to be operated on our servers."

By not being specific about what types of IRC usage is allowed the guilty providers are discriminating against an established and abuse neutral Internet standard protocol.

Here is a real life situation in which I believe IRC to be perfectly harmless to the network that the server operates on:

Company wants to develop a system for real-time text-based internal communication. Rather than reinvent the wheel they decide to use the IRC protocol as the backend. They install an IRC server on their dedicated web server and develop a Flash front-end communications client. The IRC server is password protected and individual IP addresses are not displayed when a user performs a /whois. When an employee logs into the website they are brought into an IRC channel that represents their department (ie. #marketing). They can then communicate amongst their peers, and management can send system-wide messages as well as private messages to whoever is logged onto the IRC server. Eggdrop bots exist in every channel to provide powerful tools such as notifications for upcoming deadlines, meetings, etc.

This useful system could easily be considered means for account suspension due to abuse when the AUPs use wordings such as, "IRC of all types".

Based on the facts I have provided I call for all service providers currently placing a flat ban on all IRC to rethink the situation and hopefully revise their policies.

Thank you.

Well...

What you're probably going to get in response is that if they allow IRC in some forms, others will sneak by. Our datacenter bans IRC, so we do too - but I also know that if your IRC is private and not connected to *any* other servers then it's possible that the DC will look the other way - I've heard of it but never tried it. You'd have to ask the providers with that specific scenario above.

Also keep in mind a lot of providers didn't ban IRC in the past, and have gotten burned by that.

-David

it is a question of enforcement. allowing this and with that stipulation but not the other thing and that thing and this thing simply doesnt work. the provider can not reliably monitor the way you use irc and neither do they have to really. the ratio of legitimate applications such as the one you described to the common uses is miniscule, thus the small number of legitimate uses can be safely ignored. when your network is at the brunt of a 100meg + flood you will write an AUP to prohibit anything and everything relating to the cause of the attack. its very simple really.

with that said, most smaller providers would make an exception if a case like this were presented to them.

paul

Based on the facts I have provided I call for all service providers currently placing a flat ban on all IRC to rethink the situation and hopefully revise their policies.


Good luck. It AIN'T gonna happen.

There are several other legitimate tools that can be used for communication that don't need ircd. ircd is far too antiquated for such tasks anyway. IM and web based chat are becoming much more popular for use in corporations and private organizations.

Spam is annoying as hell, but it doesn't generate several Gbps of traffic that will take down your entire network and, possibly, part of your transit provider's as well. Attacks aimed at IRC servers or those that host IRC related services do.

These providers didn't just conjure up these restrictions for the hell of it. Past experience has made it extremely necessary to ban all use. If you want to get on your soapbox and point a finger at someone then I suggest you do it toward the packet kiddies that have reeked havoc on networks since 1997.

Depends on the IRC server.

There are several largish IRC servers that have strict policys and enforce them. Eg - no warez - no spam - nothing illegal - that way it doesnt attract the script kiddys.

Places like efnet with no rules on this type of thing just get used for XDCC bots and DOS NETS - this is why EFNET has been dossed constantly.

Take QUAKENET - good rules - and they enforce them - they arnt dossed that much - and when they do its not very much.

FREENODE - free software based chat - they havent been dossed atall / much.

So yes i agree that IRC shouldnt be banned from this point of view.

HOWEVER - i still down allow IRC on my network. I would rather ban it outright - and save the hassle of checking up on peoples irc networks and if its ok etc...

Allow irc = makea few more sales = probably lose alot more in support costs.

omg im rambling its late and im tired :(

Originally posted by wubwob
Depends on the IRC server.

There are several largish IRC servers that have strict policys and enforce them. Eg - no warez - no spam - nothing illegal - that way it doesnt attract the script kiddys.

Places like efnet with no rules on this type of thing just get used for XDCC bots and DOS NETS - this is why EFNET has been dossed constantly.

Take QUAKENET - good rules - and they enforce them - they arnt dossed that much - and when they do its not very much.

FREENODE - free software based chat - they havent been dossed atall / much.

So yes i agree that IRC shouldnt be banned from this point of view.

HOWEVER - i still down allow IRC on my network. I would rather ban it outright - and save the hassle of checking up on peoples irc networks and if its ok etc...

Allow irc = makea few more sales = probably lose alot more in support costs.

omg im rambling its late and im tired :(

From a ISP point of view however you have to look at it as

How much trouble is this 1 customer worth? if they are part of a IRC network that gets Dossed say 2 times a month, depending on the varacity of the DOS it could affect (often times will) your other customers ability to use your services. This is one of the main reasons many a datacenter don't allow IRCd

Originally posted by synaptik
After much time spent researching dedicated server providers I couldn't help but notice a trend. The trend of which I speak is the labeling of all IRC as, "abuse".


Thank you.

What you are asking is allowing you to run private IRC channels. Since, you are running IRC chancels with known-users. I don’t see why not? Just tell the providers that you are willing to be “held 100% responsible for the DDOS bandwidth wasted by your server”. In additional pay your providers $100 per hour for cleanup any potential DDOS attacks. I bet they will re-write a contract just for you.

Fonpi

... and than you might run into troubles when someone just thinks "hey cool. let's try this handy little tool... yeah, cool IP Adress... press start? Ok."

Get what i mean? You'll just be **** outta luck then... because you might have to pay a bill which might be hundred times greater then your monthly fee.

I used to hang out on IRC channels a lot over the past 10 years or so, and I've seen a lot there. As a host I wouldn't allow IRCd to be run on a server either. They are too often victims of prolonged DDoS attacks, having to worry about Warez, porn, etc. As the ultimate provider of that machine you could easily be made responsible for all of that. Not to mention if you run the ircd on a server that's doing things for other clients you risk losing your other clients as well. In general the pro's of making a user happy don't outweigh the con's of losing several other customers.

We are experiencing an increasing number of customers asking pointed questions about what we host. The most frequent are, do you host adult sites, do you host irc, so you host warez. Frankly, the types of clients who ask these questions are the ones we want to have. Note: they do not ask what kind of irc accounts or any more detailed questions. They have just heard bad things regarding hosts who host irc.

Just a few points I want to argue and agree with.

1. IRC is very hazardous but still very demanded, just as Adult and game hosting is.

1. While IRC is the source of most attacks, there are tons web sites that get attacked and have absolutely nothing to do with IRC.

2. Attacks are inevitable but highly preventable and will eventually happen - direct or indirect. It's all about being prepared. I can name a few companies that have caught on and created seperate networks for problem clients.

3. Incoming bandwidth isn't the problem if you have adequate filtering - or shouldn't be at least.

4. The people with the private nets not linked any where are usually the ones flooding. None of the kiddies use efnet any more to launch their attacks -- It splits constantly without attacks.

IRC should not be offered on the same network as non-irc users, EVER.

You may also notice companies are starting to allow IRC for servers that are on a different network, some you have to colocate to get it, some have a different network setup, some are just purely meant for IRC. In the end, IRC is just how you handle it, it still should never be on the same network as non-IRC users, just as added safety, even the best filtering in the world can't stop the biggest of DoS, so no use putting them at risk.

I think it is just like driving. You get in your car ever day and go to work/school or any where else. And suddenly wham your and taken off the road. Only to get stopped by the cop, pay your plinko chip, and move the f*uk on. Because whether that fool in that car was listening to country or rap his ass still got hit.

___

It is just like someone posting a rude comment on their site that could piss off a someone with some bw, or a person taking channels on fnet with your ips. Now is it.

Originally posted by synaptik
Thus logic would suggest that placing a blanket ban on 'IRC' because it might lead to abuse would be similar to banning SMTP since it is used by spammers to send unsolicited email.

Most providers would block SMTP in a heartbeat if they could get away with it. Until IRC is considered that important by a critical mass of users, and it probably never will be, most providers won't want to take on the considerable burden of dealing with IRC-related problems so that a few users can be appeased with official IRC support.

Fair? No. Smart business? Yes.

Of course, just because a provider disallows something, doesn't mean they actively hunt down people who are doing it but aren't causing any problems.

I know first hand of several large hosting companies that don't officially allow IRC, but who could care less as long as you're not causing them to get packeted and the checks clear each month.

IRC is a useful tool - and it is not "antiquated" as some suggest.

Personally, I hate messaging clients like AIM and ICQ. I dont like being that reachable. People see your name become dark (after being gray for an hour) and they know you are at the computer, so they bother you with something in AIM. If you dont answer them, you're being "anti-social".

Yeah, well sometimes it is nice to check the e-mail without someone bothering the hell out of you.

With IRC, they see you there and all they know is your idle time. You could be there, but they dont know it unless you type something.

Many IM clients contain spyware and adware.

Many IRC clients do not. I like IRC and I use it on a daily basis.

It is a shame that some hosts have become so conservative (they dont want porn, controversial sites, IRC, shell accounts... and on and on and on).

amen to that, look at the big vulvnerbility to aim that was released, a little messing with how you send a game invite and boom they have total control of you winblowz box.. irc on the other hand.... not a chance if you use bitchx or basic unscripted irc client.

It is a shame that some hosts have become so conservative (they dont want porn, controversial sites, IRC, shell accounts... and on and on and on).
You've noticed this too? Some of those things you mentioned may be liability issues whereas others may be resource issues. Most hosts don't want to take the risk and would rather take the safe road. This can be a good thing or bad thing depending on how you look at it.

Originally posted by Dragoon
Good luck. It AIN'T gonna happen.

There are several other legitimate tools that can be used for communication that don't need ircd. ircd is far too antiquated for such tasks anyway. IM and web based chat are becoming much more popular for use in corporations and private organizations.

Spam is annoying as hell, but it doesn't generate several Gbps of traffic that will take down your entire network and, possibly, part of your transit provider's as well. Attacks aimed at IRC servers or those that host IRC related services do.

These providers didn't just conjure up these restrictions for the hell of it. Past experience has made it extremely necessary to ban all use. If you want to get on your soapbox and point a finger at someone then I suggest you do it toward the packet kiddies that have reeked havoc on networks since 1997.


"Spam is annoying as hell, but it doesn't generate several Gbps of traffic that will take down your entire network and, possibly, part of your transit provider's as well. "

No, it might not take out your upstream. But it sure as hell will take out your mail server and on smaller networks enough SPAM could have the same effect as a DDoS attack.

"There are several other legitimate tools that can be used for communication that don't need ircd. ircd is far too antiquated for such tasks anyway. IM and web based chat are becoming much more popular for use in corporations and private organizations."

You want to talk about antiquated? Sendmail. SMTP. TelNet. Those are antiquated protocals. But we still use them. Why? Because they get the job done.

IM and WebBased chat programs might be popular for internal communications amongst empoyees at large companies, but they are quite possibly the worst possible choice for such communications.

None of them support encryption and employess have this nasty habit of talking about everything from passwords to security alarm codes to financial information.

Not so long ago, a high level executive of a company was chatting by ICQ with another high level exec. Little did he know his chat system had been compromised and the details of his very private conversation made thier way into the news and slashdot poked fun at his stupidity for using such an insecure medium to discuss such sensitive information.

"These providers didn't just conjure up these restrictions for the hell of it. Past experience has made it extremely necessary to ban all use."

Sure they did. Its fun to prove that you're in charge. I know it is. I like to show that I am in charge by blocking access to things.

"Good luck. It AIN'T gonna happen."

I agree. It wont happen. There are far too many people in this business that are so closed minded it is incredible. In thier quest to prove that they are in control of thier networks, they hurt end users and destroy the ability of users to utilize the full scope of avaliable technology.

But thats fine and dandy. There are two types of webhosting companies in this world. Those that cater to corporate clients and big business and those that suppport the individual.

Offically, my host bans IRCd on my dedicated box. But the powers that be said that I can run an IRCd as long as it dosent attract attacks. The first time it did - I was told - would be the last time IRCd was part of the crontab.

Originally posted by Alex042
You've noticed this too? Some of those things you mentioned may be liability issues whereas others may be resource issues. Most hosts don't want to take the risk and would rather take the safe road. This can be a good thing or bad thing depending on how you look at it.

Yep. I sure have. And its a bad thing as far as I am concerned. It stiffles free speech and undermines the purpose of the internet (before most corporations even knew what a website was) - free expression and exchange of information without censorship of any kind.

The next thing you know hosts will refuse to host the sites of poltical canidates they dont agree with, political sites that bash the wretched establishment and that dare to make anyone think about anything except thier SUVs and being "good americans".

And I think good 'ole Ben Franklin has something to say about this issue.

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."

- Benjamin Franklin, 1755

KKimmel,

I agree with many of your points about hosting IRC, but you make one fundamental error in your assertations:

It stiffles free speech

As long as you are paying company A for their services, what you are allowed to do falls under their TOS/AUP. This is by no means a free speech issue.

Its like your parents disallowing you to smoke at age 18 while you are still living with them. If you want to smoke, get your own house, same thing here.

Free speech on the internet is a great thing but when you look into the words, they say "free" and "speech". Unfortunatly nothing on the internet is "free" including the servers and bandwidth that power it. If a host wants to only accept certain types of clients its their right to do so and your right to find another company. There are tons of icr friendly hosts out there that have designed their networks to be dos resistant. So it makes sense for clients that want irc to go somewhere that has the infrastructure to support it.

Why did you write us an essay?

Well I figure as the owner of a 15,000 user irc network ranked in top 15th in size that I have alot to say about this issue. On the one hand boy do I hate having to search out isps that are willing to allow irc and stop putting us on unstable overloaded cogent lines. IRC is very stereotyped as taking loads and loads of dos. Would you guys like to know why? It's because it really does. Most IRC networks specially those housing warez get at least 1 10mbit+ dos a month. It does also get worse then this 1 attack a month and I mean far worse. This little 1 attack a month many isps arent bothered by. Its when there is a "packet kiddie" who becomes upset at a net for some unknown reason and spends 1 week dosing several servers a night at usually 30-100mbit and even more very often.The problem with this is these attacks kill subnets of network rather easily and when it happens every night isps tend to get rather frustrated with the one client who is making several of there customers very angry.And the really bad part about this is thats just allowing 1 client to run irc if you allow many clients the potential for this increases at an exponential amount. Then to make it worse is shell hosting companies that put 40-50ircds on 1 box taking there not monthly dos but there hourly dos adding huge risk of dos and huge attacks upon a network. This can be very frustrating for an isp to deal with.

Now on the other hand my network gets very few dos attacks. We have several servers that if someone would like me to post the mrtg graphs would show that we get very little dos. We have 1 server that has been with us running a hub for about 9 months and has not taken any dos. For that matter alone none of our hubs hav taken any dos to my knowledge. We also have several large client servers in which have not taken dos. One of our main client servers averaging from 1300-2000 concurrent users at any given time in which we have had for 4 months has not had a single dos. This tends to frustrate me with dealing with isps and they telling me they dont allow irc as the dos risks are bad. Several servers we do actually have do not allow irc due to the risks but due to our very low dos rates and the hard work we make at making sure our dos risks are very low isps tend to do us the favor of overlooking our irc servers. We appreciate this very much and try to give them any advertising to friends and stuff who are looking to buy servers. IRC really is a double edged sword on 1 side alot of good can come from it and on the other side alot of risk can also come from it. But overall I fully understand why the companies do what they do and ban all of irc and as much dos as I have seen on many irc networks I would do the same thing rather then have to put up with all the attacks and abuse its just easier to save the man hours and not allow irc.

Rizon CEO

Originally posted by kkimmel
Yep. I sure have. And its a bad thing as far as I am concerned. It stiffles free speech and undermines the purpose of the internet (before most corporations even knew what a website was) - free expression and exchange of information without censorship of any kind.

The next thing you know hosts will refuse to host the sites of poltical canidates they dont agree with, political sites that bash the wretched establishment and that dare to make anyone think about anything except thier SUVs and being "good americans".

And I think good 'ole Ben Franklin has something to say about this issue.

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."

- Benjamin Franklin, 1755

I think you are going a bit overboard in this case. When you further your actions and have a contract with a host, your rights and freedom are limited to their TOS/AUP/SLA etc. policies. Also, comparing one's political standings with anothers business ventures is the wrong way of doing this. Someone that expresses themself through the likes of politics will not 'cause harm and dissatisfaction to other customers unlike disruption of a network that is hosting IRCd.

If an individual wants to run an IRC network, either A) find a host that will put up with the likes of running a such thing or B) fork out your own money and get yourself a dedicated server and do the work yourself.

Umm any hosting company can allow IRC and all should. You don't need fancy firewalling or anything like that. You only need one thing:

Null Routing: Work with the upstream provider (or set this in your own routers) so that if IP xx.xx.xx.xx gets more then y amount of traffic it gets null routed for z amount of minutes. This is a good idea for any host to have as it will also protect you from attacks on normal webservers. So even if your dedicated customer running irc gets hit 10X a day your network will never be harmed.

It's the potential liability which network service providers are afraid off. Not many network technicians are educated enough to handle DoS attacks, let alone DDoS.

Secondly, not many are willing to increase the risk of attacks on their network and face the reality of loosing clients.

What risk do you have if the traffic is going to be null routed?

Null routing is good but alot of irc customers would prefer to take the dos personally id rather have some of my servers null and some of them be able to take the dos so someone doesnt have to attack each server for 3 seconds and all of our servers be gone for 3-4hrs. Which is why we shell out some money for servers with good firewalls designed to take attacks. Null routing atracts dosers knowing they only have to attack for 30 seconds and theserver is nulled for hrs.

Thats why the server should only be nulled for 10 minutes or so.

but that still kinda gives dosers a reason to dos and anything that gives them motivation and reason to dos is bad and makes the attacks much more common.

Originally posted by Nessun
but that still kinda gives dosers a reason to dos and anything that gives them motivation and reason to dos is bad and makes the attacks much more common.

He'll get bored soon enough.

that is very true but I dont wanna give him reasons to dos.

Basically, what you anti-IRC ban people have to understand is that when it all boils down to it, permitting or not permitting IRC is a business question, and business questions generally boil down to "how much does it cost?"

The company I worked for was one of the first ones to ban IRC as policy; we considered the matter internally at length, but when it boiled down to it, we found that it simply cost too much money to allow our customers to run IRC.

We found that almost every time we got hit with a DOS attack, it was a server running IRC on the receiving end. When it came down to it, the DOS attacks were not only impacting our business, it was endangering it. Customers were leaving, it was costing us money (in overtime salary due to on-call work), and it was all for a very small subset of our customers who also tended to have the lowest month-to-month retention rate -- they often tended to go out of business leaving us with the many-thousand dollar bandwidth bill unpaid. In fact, they made up the majority of our large dollar bad debt.

We were losing customers. It was costing us money. They weren't paying their bills. So we cut them loose.

Simple business logic. I expect most of these businesses that banned IRC have been in similar situations. How do you argue with that?

The only way you're going to change the policy is by presenting a solution, not one that simply mitigates the damage, but permits the provider to PROFIT from IRC WHILE mitigating the damage done to other clients.

Firewalling? It works. Sometimes. Can you afford the times it doesn't work? Or when your upstream screws up the access list? (which they inevitably do) Get rid of the problem users? Again, it works. Sometimes. Can you trust your customers to police that effectively? Can you afford the damage when they don't?

If you've got a good solution that works and solves the problems while remaining profitable, write it up and make sure the decision makers see it. Most will go for it; free profitable business plans aren't usually turned away ;)

EDIT: Also, keep in mind that this is coming from a pro-IRC person who just happens to see the business side of the issue -- I've personally been using IRC non-stop since ~1994.

As a person who runs alot of irc I 100% agree irc is really a big ddos target and I dont blame businesses for banning it.

It's strange how several IRC requests have come up lately. If this is such an antiquated protocol, why is it back in demand all of a sudden? Is there a benefit of IRC over something else?

lack of corperate influence (irc is still run by people)

kkimmel - Actually, ICQ supports encryption via PKI with a small plugin. Trillian supports encryption between ICQ users as well.

As for IM clients containing spyware - some do, so don't, the same can be levvied at IRC Clients as well, same for the bug in AIM, you're going to tell me that no IRC client hasn't had a similar sort of problem? No, didn't think so.

Offering (or not) IRC is a business decission, IRC tends to attract the wrong kind of people, and I can't imagine many providers wanting to spends hours of tech time at £10+ an hour cleaning up after any problems for an account that is worth £10 a month, it's just not business sense to do so. Not to mention the time spent checking up on people either to see if they were using IRC responsibly and not using it for Warez, DoS etc. etc.