Page 1 of 2 12 LastLast
Results 1 to 25 of 34
  1. #1
    Join Date
    Jul 2005
    Location
    Australia
    Posts
    4

    IRC Clients, Are they so bad?

    Hello all.

    Long time reader, first time poster here.

    I was just wanting to know what the big huff is about IRC Clients? I mean I can understand not allowing IRCD servers, they produce alot of trafic and can potentialy be used to host DDoS botnets, warez channels, and unwanted pornography trading rooms. But what is so bad about running a BitchX client?

    I am always on the look out for a cheap server. I run a various sites and I also use them for customers which I service in the mining industry. I cant see what the problem is with irc clients. If I am stuck somewhere out in the middle of the down under, remote western australia somewhere, doing some work for a minning customer and I find I need some help with something I would like to be able to fire up BitchX and visit one of the many valuable linux or BSD channels. Sometimes if you ignore the arogant people you can find some very helpfull individuals contributing to the community. Also sometimes you dont have the luxury of high speeds while in remote w.a. Sometimes your stuck on crappy dialup trying to configure an email server remotely to impress your bosses. Downloading a windows base IRC client onto the secutary's PC is not an option, you had hard enough time convincing them you needed putty.

  2. #2
    IRC was a problem 3-5 or so years ago, when it was full of kiddies with big DDoS botnets, look at the problems caused to DalNet. Nowdays, i totaly disagree that providing IRC services can lead to DDoS, the size of these botnets has greatly reduced, with the step up on marketing of anti-virus software etc.

  3. #3
    Join Date
    Jan 2003
    Location
    Canada
    Posts
    5,073
    No one with a botnet big enough to rip down major networks lasts that long. Other kiddies will team up with companies at times to help resolve such issues.

    To be honest, i feel gameservers are just as DDOS iffy as anything else. Joe six-pack running a small website more likely than not gonna get hit.

    But, you get some kid playing on a CS server, and he get's banned for wall-hacking, suddenly he get's one of his buddies to smack the box.

    ~Francisco
    BuyVM - OpenVZ & KVM Based VPS Servers - Chat with us
    - All popular VPN methods supported
    - Affordable offloaded MySQL & DDoS protection
    - 5GB backup space, unmetered private LAN bandwidth & native IPv6 included. All with a strong serving of pony

  4. #4
    Join Date
    Jul 2005
    Location
    Australia
    Posts
    4
    well I get turned off a deal when I see written in capital letters "NO IRC CLIENTS". I just choose to take my buisness elsewhere.

  5. #5
    Join Date
    Nov 2002
    Location
    WebHostingTalk
    Posts
    8,901
    Originally posted by AussieCustomer
    well I get turned off a deal when I see written in capital letters "NO IRC CLIENTS". I just choose to take my buisness elsewhere.
    That's the great thing behind a free market place... if you dont like the policies of the host you are looking at, you simply choose another host.

    A provider can set their own policies... which some folks may not like. If they don't like it, there are many other placed to find service.

    Sirius
    I support the Human Rights Campaign!
    Moving to the Tampa, Florida area? Check out life in the suburbs in Trinity, Florida.

  6. #6
    Join Date
    Aug 2003
    Location
    PA
    Posts
    1,914
    well I get turned off a deal when I see written in capital letters "NO IRC CLIENTS". I just choose to take my buisness elsewhere.
    There is not really per say a big deal over IRC clients anymore - the real issue is the ddos to the box that can occur. The fact is most datacenters in this era are procuring ddos protections now (be it ACL, rate limiting syn and such, firewall filtering, deep packet inspection, stateful inspection, and the like... the list goes on). The issue is many places don't actively offer it for all clients and it is optional and as such they only nullroute (not even auto at a threshold in most places). In any case yes AussieCustomer many other hosts and clients no doubt feel your pain on it.

    -Justin

    Just felt the need to put in a few cents on this.

  7. #7
    Join Date
    Nov 2003
    Location
    San Francisco, CA
    Posts
    921
    We don't allow IRC because of the type of attention it brings. We like a quiet network and IRC traffic tends to be much more headache that's it's worth.

    But that's us.
    Adam - AQORN
    Official OpenStack Foundation Member, Corporate Sponsor and AI Research Team
    Our Clients: Facebook | Red Hat | Starbucks | AT&T | HPE | NVIDIA | CrowdStrike | Cisco | Juniper | SAP | Autodesk | SUSE | Ubuntu

  8. #8
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    IRC is still a very serious DDoS risk and there are only a handful of providers ready and willing to champion that risk.

  9. #9
    Join Date
    Jul 2003
    Location
    Connecticut
    Posts
    3,038
    Originally posted by BSD2
    IRC was a problem 3-5 or so years ago, when it was full of kiddies with big DDoS botnets, look at the problems caused to DalNet. Nowdays, i totaly disagree that providing IRC services can lead to DDoS, the size of these botnets has greatly reduced, with the step up on marketing of anti-virus software etc.


    I tend to agree. Now-a-days the technology has caught up to alot of the problems of the past. You don't see too many major problems like there used to be.

    On the other side of it back in the day you had "real" hackers that could do damage. Now you have little billy who downloads a script from a l33t haxor on one of the warez channels and thinks he is a hacker..

    I do agree that game serving can be a headache but if you have good people taking care of your systems and run a clean network it is as safe as anything else.

  10. #10
    Originally posted by IRCCo Jeff
    IRC is still a very serious DDoS risk and there are only a handful of providers ready and willing to champion that risk.
    Thats such bull ****, the days of someone DDoSíng someone else's BNC because they didnt like the person are gone. I hang around, due to old friendships, multiple hosting companies (5 of them), and all of them offer IRC services (BNC, etc), I run my own IRC Network, and NONE of this has ever been subject to a DDoS (talking about over 2k connections to IRC probably).

  11. #11
    Join Date
    Jul 2002
    Location
    St. Louis, MO
    Posts
    1,653
    Originally posted by BSD2
    Thats such bull ****, the days of someone DDoSíng someone else's BNC because they didnt like the person are gone. I hang around, due to old friendships, multiple hosting companies (5 of them), and all of them offer IRC services (BNC, etc), I run my own IRC Network, and NONE of this has ever been subject to a DDoS (talking about over 2k connections to IRC probably).
    LOL so this thread here where t0r0 says "The issue was related to a 5gbps DDoS attack."

    And you claim they are "smaller now"?

    BSD2
    IRC was a problem 3-5 or so years ago, when it was full of kiddies with big DDoS botnets, look at the problems caused to DalNet. Nowdays, i totaly disagree that providing IRC services can lead to DDoS, the size of these botnets has greatly reduced, with the step up on marketing of anti-virus software etc.
    I'm glad your network has never encoutered such a thing, but other networks still see it.
    Happily hosting @ Dathorn.com (Since 3/2003), Ispeeds.net (Since 2004), & Quadspeedi.net (Since 7/2005)!
    Hosted @ FDC for 9 Years

  12. #12
    Join Date
    Apr 2005
    Location
    Jacksonville, FL
    Posts
    981
    To the original poster, "are they so bad?" The answer is "not usually." There are alot of factors that go into a network's ability to handle DoS. Things like the use of real border routers with real line-rate filtering, versus vulnerable Ethernet switches at the edge. Simply put, alot of companies would rather run played out Cabletron gear with 1997 technology in favor of a more modernized Juniper, simply because of the price. Obviously one of the big factors is money; another is clientele base. Companies like Staminus and GigEservers (i think that's their name.. former Foonet) started off with a bunch of packeteer takeover kiddies who caused lots of EFNet drama. Something tells me that they didn't concoct "DoS protection" just to be cool, they probably concocted it to stay online and retain their customer base. I wouldn't necessarily look down on any company that didn't want IRC on their network. I would echo the sentiments of others, that non-IRC networks are peaceful networks. However, you're entitled to your own opinion. Thank goodness for freedom, right?

    To the guy with his head in the sand, who thinks you're less likely to get DoS'ed these days than in times past, I would emplore you not to be so naive as to rely solely on your own experiences when forming such an opinion.

  13. #13
    Join Date
    Jul 2005
    Location
    Australia
    Posts
    4
    Thanks for your responces guys. Didnt realise I was opening such a can of worms. It is a shame that there are those out there that ruin it for the rest of us. Personaly I will continue scouting around for my next dedicated server provider who is both cheap, reliable, decent bandwidth and also alows IRC clients.

    I understand where some are coming from with the no use of IRC clients, but I think its better to probly give people the benifit of the doubt. If you attract DDoS then its your fault and your provider should have the right to take your server off line as should be the case if any of your actions cause network congestion.

    Thanks again to those who posted.

  14. #14
    I'd say its more of a thing where ISP's dont even want to chance a entire router going down cus one guys irc server pissed off some script kiddie.

    Cus with the DDoS attacks its not always one server who is effected. And trust me if you have ever had to listen to people that got dedicated servers complain that the server is down cus of DDoSing its not pretty.

  15. #15
    Originally posted by tical
    To the guy with his head in the sand, who thinks you're less likely to get DoS'ed these days than in times past, I would emplore you not to be so naive as to rely solely on your own experiences when forming such an opinion.
    Provided you dont go off purposely pissing off kiddies, you are more safe nowdays. I've seen the 5 companies get hit by DDoS, but none of them, as far as we could tell, was a result of thier IRC services, due to the IP being targeted being the webserver and not the bnc/ircd server.

  16. #16
    And, the largest DDoS that's been incurred was 500mbit, which was only sustained for about 2-5 min before it was filtered away.

  17. #17
    Join Date
    Feb 2002
    Location
    South California
    Posts
    333
    Companies like Staminus and GigEservers (i think that's their name.. former Foonet) started off with a bunch of packeteer takeover kiddies who caused lots of EFNet drama. Something tells me that they didn't concoct "DoS protection" just to be cool, they probably concocted it to stay online and retain their customer base.
    Tical,
    If I misunderstand your comment then I apologize in advance.

    Thank you for assuming that Staminus and GigeServers started with a "bunch of packeteer takeover kiddies who caused lots of EFNet drama". You are a blatant liar and ignorant individual for making such a warrantless claim on a public forum. Please provide evidence substantiating your libel.

    Perhaps because of your recent arrival to the community you are unaware of how statements are to be made on a forum. If you represent your statement as fact as you did in your comment, you must provide evidence to support this. When you do not and the statement negatively portrays someone or some company, the statement is considered libel, a form of written or publicated slander.

    Of course if I assume this then I'm assuming you are unfamiliar with general demeanor and conduct in public situations. I suggest you take a hard look at yourself and define your identity more thoroughly before you make yourself look like a fool in the public eye.

    In light of your lack of evidence, I think it only fair for me to clear a few things up:

    1) Staminus was not started in the manner you spoke of. I started Staminus and I know who I am and what I have done.
    2) Staminus began providing IRC hosting out of choice, not necessity. We maintained a peaceful network until last year when we decided to start up in IRC as well.
    3) The entire point of our existence is to create security for clients who cannot in themselves. We are a "white knight" in the realm of network hosting - providing highly affordable security services to the average joe. Please do not undermine our efforts.
    4) GigeServers was started by ColoQuest which was not started in the manner you spoke of. A representative of the respective company will clear this up more thoroughly.

    Please refrain from further commenting regarding our company. It is not appreciated and definitely not well-received.
    Matt Mahvi
    Staminus, Infrastructure DDoS Protection and Appliances
    @ 200+ Gbps global ddos mitigation network. Local or Remote. Proxy, GRE, and direct cross connects.
    @ Available in Amsterdam, New York, Los Angeles and Orange County. Anycast BGP.

  18. #18
    Join Date
    Feb 2002
    Location
    South California
    Posts
    333
    I should also clear up a few issues with DDoS protection. Tical made great points regarding a few of them. Basically, it's expensive to purchase the gear necessary to protect against attacks, expensive to put the man hours into developing filters, and expenxive to maintain the large connections with higher-than-average commitments simply to ward off DDoS attacks.

    The unifying theme is of course "expensive" - why would a network provide filtering for some IRC client that wants to pay $120/month for a server but still sustains large multi-gigabit attacks? It does not make sense. It only makes sense if the host has established filters and hosts a large number of them, thus marginalizing the cost of the filtering.

    DDoS attacks today are more powerful and complex than ever. All the little viruses that get released for Windows generally contribute to this problem by creating "zombies" that then participate in the large DDOS bot networks.

    There's a problem out there and we try to provide the best solution we can
    Matt Mahvi
    Staminus, Infrastructure DDoS Protection and Appliances
    @ 200+ Gbps global ddos mitigation network. Local or Remote. Proxy, GRE, and direct cross connects.
    @ Available in Amsterdam, New York, Los Angeles and Orange County. Anycast BGP.

  19. #19
    Join Date
    Nov 2002
    Location
    Chicago IL
    Posts
    900
    In conjunction with Matt's post, i find it ridiculous that you make such statements as the ones you have. To insinuate in any shape or form that either of us have to do with these kiddies which we spend day and night trying to stop their attacks is ridiculous.

    IRC has many functional and positivel uses, like anything, it can be abused. I think it is more unlikley to be abused then on a network that allows it and is proactivly monitoring, rather then a network that doesn't, and their customers are sneaking it on doing shady stuff.


    People keep saying that ddos attacks arent as large as they were in the early 2000 late 90's.

    That is utter crap, with the influx of windows viruses, and linux based worms that exploit holes in the likes of phpbb, the size of the attacks have increased significantly and resulting in a smaller botnet needed. This is because of the growth of broadband, the explosion of dedicated servers on the market, the size of the pipes the bots have access too are significantly larger.

    Matt nor I, in any shape or form condone packeting, we live and breathe to stop it dead in its tracks.

    And yes gigeservers was only started beginning of the year, we already had an infrastructure in place as we host high risk websites which are susceptible to none irc related DDOS attacks.
    GigeNET
    Dedicated Servers + Cloud Servers + Colocation + DDOS Protection + IP Transit with FCP optimized routing
    Locations in Chicago Los Angeles and Ashburn

  20. #20
    Join Date
    Jan 2002
    Location
    UK
    Posts
    1,040
    Originally posted by BSD2
    And, the largest DDoS that's been incurred was 500mbit, which was only sustained for about 2-5 min before it was filtered away.
    Unfortenatly my experience doesnt match yours, IRC DDOS is just as bad today if not worse now more and more people are hooked up to broadband. Yes virus are killed with anti virus programs but that doesnt stop new ones popping up, attacks above 1 gig are not uncommon.

  21. #21
    Tical,

    I am a customer of Staminus' and have been witness to the strength and effectiveness of the work that they have put in on maintaining a stable network that routinely comes under attack from "packet kiddies". Matt is certainly no former or present packet kiddie, indeed his very livelihood depends on negating the childish and illegal attacks that occur against his network on a regular basis. Staminus has proven to be nothing but professional and courteous in dealing with problems that have occurred. Indeed, a recent report by the Israeli Ministry of Finance gave a perfect score to Staminus for their responsiveness in dealing with all reports of any problems originating from their network.

    Reputations are built on the long and hard work of the companies who strive to develop more effective ways to handle attacks. Reputations are destroyed in short order by those who would throw accusations and falsehoods in taking a stand on an issue that they know nothing about. Choose your words wisely and understand the facts before putting fingers to keyboard.

    Cheers,

    Mark.
    Last edited by chasingsol; 07-23-2005 at 01:27 PM.

  22. #22
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Originally posted by BSD2
    And, the largest DDoS that's been incurred was 500mbit, which was only sustained for about 2-5 min before it was filtered away.
    I have absolutely no contact with packet children, I do not talk to them nor do I acknowledge their presence when they attempt to contact me. Further, I am a member of law enforcement. If anyone on my network engages in activity that is illegal, fringe, or draws unnecessary attention from packet children I will generally have them removed.

    As you can see, I am about as clean slate as they come yet I still receive my fair share of DDoS by allowing IRC processes.

    Where is your logic?

  23. #23
    I was saying, not you persoanlly, but people who use your network, clients. A DDoS targeted because of IRC use is unlikely, only a handfull of the networks people go on pose a substancial threat, I use EFnet, Dalnet, QuakeNet, GameSurge, my own, few others now and then, and on those, unless you specifically try to mix with a certain group of people you wont get any problems (its a problem if you try to provide a server to link to those networks though). Most the kiddies you do meet, wont have the ability to launch a large scale attack, unless you are specifically looking to be around souch people (if you are perhaps trying to get your own botnet?).

    Eitherway, a alrge very popular website forum/cummunity is more likely to get a DDoS, so are you saying taro that until you decided to take up IRC hosting, you had no DDoS protection for people with popupar websites, and never sustained a DDoS attack over them?

    Majority of IRC use is fine and wont attrack attention, but thats the same of hosting websites, you always get a few bad apples that will host pirated things / scam sites etc, IRC is no different.

  24. #24
    IRC is still a risky case because of ddos attacks.

  25. #25
    Join Date
    Jan 2002
    Location
    UK
    Posts
    1,040
    BSD2 speaks some truth in that bnc's and the like tend to have more regurlar ddos then ircd's, but ddos against ircd's when it happens tends to be larger but less frequent.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •