Results 1 to 18 of 18
  1. #1

    Why is IRC deemed evil?

    Hi,

    while selecting a VPS for my new project I often see "IRC is not allowed" in the Acceptable usage policies. I wonder why? The policies rarely mention BitTorrent or other "controversial" services but IRC is in ~50% of them.

    I only seldom use IRC and if I do it's only for a regular chatting. So I don't quite get why is IRC is so evil?

    Does anyone know?

    M.

  2. #2
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    74
    IRC can often at times be a major hassle for providers, largely due to spam/DDoS/abuse. And as for denial of service attacks go, equipment costs can be insane, and still not mitigate an attack. Not allowing IRC is just the safer road for most providers. I like to call it "Specialty Hosting". Just keep your eyes and ears open, because there are a few IRC allowed providers, and these forums are an excellent place to seek/ask.

  3. #3
    Most people you IRC to make heavy attack to other servers.
    *********

  4. #4
    Join Date
    Feb 2004
    Location
    New Zealand
    Posts
    1,202
    IRC is used for botnet hubs, exchanges of illegal porn/material/information.
    DigitalGoods.info
    FREE Shared, Mega Resellers + Dedicated Servers

  5. #5

    IRC: dangerous?

    I have found this, explaining why IRC and IRC bots are not dangerous:
    llamaslayers.net/daily-llama/503/ramblings/irc-dangerous
    However have yet to find some examples why they are bad...

  6. #6
    Join Date
    Mar 2009
    Location
    Chicago, IL
    Posts
    219
    It shouldn't necessarily be said that IRCds *are* trouble, however they tend to cause more trouble than any other daemon out there. From a provider standpoint, I know there have been quite a few times when we've run down the destination of an attack and found it to be aimed at an IRCd running on a VPS and/or Dedicated server.

    For awhile I was an oper on one of the biggest IRC networks out there, and DDOSs, phishing, spamming are just part of the territory. Chance are that a big ef.net hub will garner at least one attack every day and we just accept it for what it is.

    However from a providers standpoint, it's simply not worth the time and hassle to fend off DDOSs that negatively effect the majority of your customers for a single account. It's easier to turn away the 1 out of every 300 sales that's IRCd based than it is to deal with the headaches that come with them.

    To put it another way, IRCds tend to draw people that have no problem throwing packets around over a dispute in a chatroom. The rest of our customers don't have that issue. Now I'm not saying you and/or your customers are these kinds of people, but in the eyes of most providers, it's a 'guilt by association' type of thing.

  7. #7
    IRC is used for ... exchanges of illegal porn/material/information
    Hmm, so is web, email, ftp... That's hardly a case against IRC.

    (what is an "illegal information" by the way? ;-)

  8. #8
    SA-ChrisM - I still don't get it. What do I gain by successfully breaking into or DDoSing an IRC server other than doing the same to, say, a web server? I'm not saying it's not happening, I just still fail to see what's so special about IRC? To me it's just a system for chatting so I'm probably missing something important here...

  9. #9
    Join Date
    Mar 2009
    Location
    Chicago, IL
    Posts
    219
    Quote Originally Posted by mludvig View Post
    Hmm, so is web, email, ftp... That's hardly a case against IRC.

    (what is an "illegal information" by the way? ;-)
    Credit card data, social security numbers, spamlists, etc. A lot of the bigger spambot/infected PC drones/etc use IRCds as a hub for quick and easy issuing of commands by the botowners as well.

    I've certainly noticed a bot running on a shared server via a php script many a time. When I run down the configuration file and see it's sitting on an IRC network, I join, do a /who #<channel> and you have a list of every infected machine that particular hacker/script kiddie has managed to gather.

  10. #10
    I see. Now I can understand why some hosting providers don't like IRC, thanks SA-ChrisM!

  11. #11
    Join Date
    Jan 2006
    Location
    Ontario, Canada
    Posts
    324
    IRC is a great resource. If you stay away from and/or do not link to a warez related network you should be ok in regards to getting DoS attacked.

    Servers themselves generally get DoS'd after you ban a user from your network, or something similar.
    Shared Hosting / Reseller Hosting / Email Hosting
    Dedicated Servers / Unmetered Servers / Linux & Windows VPS
    DME Hosting, LLC [http://www.dmehosting.com]

  12. #12
    Join Date
    Jun 2006
    Location
    NYC
    Posts
    1,446
    Quote Originally Posted by nexbyte View Post
    IRC is a great resource. If you stay away from and/or do not link to a warez related network you should be ok in regards to getting DoS attacked.

    Servers themselves generally get DoS'd after you ban a user from your network, or something similar.
    I agree and it's also not always used for illegal material, etc. We host several large companies' IRCd's that they use for internal support conversations, etc. One of those companies who has given us permission to use their name is Sun Microsystems. We host about 7 different IRCd servers for them which they use a jabber front-end.

    Although, as mentioned... IRC is prone to a ton of denial of service attacks and fraud but it is also an overall excellent service when used for the purpose it was designed for.
    FiberPeer.Com | | REAL DDoS Protection | Cloud Hosting | VPS | Dedicated Servers | High Bandwidth Hosting | 1Gbps-10Gbps Unmetered
    FiberPeer DDoS Mitigation | ethProxy Upgraded! | 14-Years Experience | Emergency 24/7 Support
    Visit us @ www.fiberpeer.com

  13. #13
    Join Date
    Oct 2005
    Posts
    1,634
    Let me explain how IRC is nowadays ..worse than before.

    IRC is like going to a neighboorhood you aren't supposed to be in... you say the wrong thing,act,smile,grin,wear ..whatever it is. Expect trouble. Your going to get knocked out and when your down your still going to get hit hard and harder. It doesn't need a reason you will get attacked.

  14. #14
    Join Date
    Jun 2006
    Location
    NYC
    Posts
    1,446
    I think that's only if you're in the wrong places on IRC.

  15. #15
    Join Date
    Mar 2009
    Location
    Austin Tx
    Posts
    2,001
    Ok, here's the skinny, I think the point is being missed.

    IRC is deemed worse then all the other services because of the sheer number of users on the networks vs how many want to do damage, coupled with the plethora of different ways to do that damage w /or from IRC based resources.

    IRC has been around since the first days of the 'net, and there are unimaginable numbers of ways to exploit it's capabilities with scripting, botnets, etc...a knowledgeable irc hack kiddie can do considerable damage, multiple that by the hundreds of thousands of them ON the IRC networks just waiting for an opportunity or excuse....if your network is connected to IRC in any way, it's only a matter of time before something DOES happen. It's not a matter of IF, but *when*.

    Also, with all the illegal file sharing happening over the networks...yes, you can do the same with webmail, ftp, etc., but the fact is, none of those resources COMBINED can even make a dent in what is being transferred on IRC right this second. I would venture to guess there has been more illegal crap going on in the totality of all IRC networks in the time I've typed this than there are all WEEK for all other resources combined.

    It's all in the sheer numbers and well-matured capabilities and tricks known for IRC. Dangerous stuff. Any sizealbe IRC network is "the wrong place on IRC". It doesn't matter where YOU are, it matters who's there WITH you.

    Go to wal-mart with 200 other people in the store, probably won't see any issues. Go to a sold out rock concert with 20,000 people in a mood for trouble, you are guaranteed to see some. ;o)

    After running a Dalnet peer for years, I literally was forced to pull out because of all the abuse / Dos / DDos / and hacking traffic and what it was doing to the rest of the network. It is that dangerous, and I understand fully why most providers block it outright. There are literally no legitimate ways to really market through IRC, so it's an entertainment network at best. I do not allow a toy to comprimise my unsuspecting paying customers services either.
    This is the best signature in the world....Tribute!
    (It is not the best signature in the world, no. This is just a tribute)

  16. #16
    IRC is not evil. As we can see IRC detects those botnets attacks earlier. And I wonder why IRC consider evil, ddos attracts, I think DDoS does not attracts from IRC, website that declare they are ddos protected also attracts DDoS. So... I think no matter you does not allow IRC, if an attacks is targeting you, then you will recieve ddos.

    To Mugo, Why stop peering to DALnet? I see recent botnets attack a box that I had with awknet also on DALnet.

  17. #17
    I have been using Freenode Network for years but even a single instance of server being DDOSes due to IRC. so IRC is not evil but the networks are

  18. #18
    Join Date
    Mar 2009
    Location
    Austin Tx
    Posts
    2,001
    Quote Originally Posted by mucht4r View Post
    IRC is not evil. As we can see IRC detects those botnets attacks earlier. And I wonder why IRC consider evil, ddos attracts, I think DDoS does not attracts from IRC, website that declare they are ddos protected also attracts DDoS. So... I think no matter you does not allow IRC, if an attacks is targeting you, then you will recieve ddos.

    To Mugo, Why stop peering to DALnet? I see recent botnets attack a box that I had with awknet also on DALnet.
    I've monitored IRC networks for enough years to know that certain client /servers attached to a peer do indeed draw more attention from script kiddies that call IRC home. IRC is not evil, but as in my long last post, I guess the point that by sheer numbers of users, the percentage of drawing attention is much higher. It's also unique in the way it connects, you actually have to build an irc network and it's peer servers..much different than just throwing up web-based chat or other chat rooms that use the 'net for direct communication. Having networks of peers servers supporting IRCD also adds more of a direct line in for any network hosting such (not necessarily clients). For clients, it generally depends on *who* is using IRC, whey they are doing, who they hang with, and even more so...who they upset. Just as (is very true also) that sites that advertise DDoS protection become targets, so do some clients, and most peer servers networks, given enough time. It just draws more of what you see every day...scans, brute forces, etc.

    @mucht4r, I stopped peering because I basically lost interest in doing such, and network protection was also a major motivator. The network supported dorms at UT Austin, so combine regular college student activity coupled with a large IRCD peer, we were running down bad seeds more than we were doing network maintenance. Lots of extra work + No monetary gain = Bye Bye Dalnet.
    This is the best signature in the world....Tribute!
    (It is not the best signature in the world, no. This is just a tribute)

Similar Threads

  1. How evil are you?
    By The Dude in forum Web Hosting Lounge
    Replies: 23
    Last Post: 10-26-2005, 12:42 PM
  2. Replies: 2
    Last Post: 03-15-2005, 03:01 PM
  3. Evil Mac
    By Porky in forum Web Hosting Lounge
    Replies: 17
    Last Post: 07-10-2003, 10:49 AM
  4. Am I evil?
    By Theater in forum Web Hosting Lounge
    Replies: 14
    Last Post: 09-10-2002, 03:39 PM
  5. Evil! Evil!
    By Devorius in forum Web Hosting Lounge
    Replies: 5
    Last Post: 06-02-2002, 11:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •