Thread: To all rcm'rs
View Single Post
  #6   Report Post  
DoN. Nichols
 
Posts: n/a
Default
In article ,
Anthony wrote:
(DoN. Nichols) wrote in
:



I saw it, but decided not to reply.


I have always opted to never run an IRC client (let alone a
server) on any of my systems. They were not written with security in
mind, and it is too easy for Trojans to be uploaded and activated by
them.


Lets dispel this unfounded rumor right here. It is as safe as any other
program that accesses the internet, and infinately more safe than IE.

Since I never use IE for accessing the net (and don't allow any
machine which even can run Windows to access the net), this is not a
problem.

With Mozilla, Firefox, Opera, or Amaya, I have many services
intentionally disabled, and access only from unix systems.

In order for a trojan to get on your system through IRC, *YOU*, as the
Executive Keyboard Operations Manager of your computer system, would
have to either 1) accept, receive, then specifically execute a file
containing a trojan

And, in most cases, move that file to a vulnerable system, as
(for example) I *Cannot* run a .exe or .scr file on the systems which I
allow to access the net.

, or 2) open a http:// link in an unpatched, or
insecurely set up IE, to a website which contained malacious code.

I would not even allow a program which *could* access an HTTP
client directly. When I want to view a referenced web page, I sweep out
the URL with a mouse, and then past it into a command line. In the
process, I can examine the link for various signs that it is to
something undesirable, such as a difference between the "visible" link
and the *actual* link -- often hidden in HTML-enabled programs..

On
this server, the likelyhood of 1 occuring is virtually nil, as all known
trojan filetype extentions are blocked at the server from transfer
initiation.

That is a good start -- until someone comes up with a new
extension which can be exploited and uses it before you discover the new
exposure.

You wouldn't even know someone tried it, but they would, as
they would automatically have file send priviledges revoked, and it
sends a message to the administrator, who has the right to removed the
offending user from the system entirely. As for 2, in over a year of
operation, noone has posted an infected link.

I presume that you check for infection at the time that they are
posted. It is possible for a link to become infected (through improper
security on the server) at a later time -- but since this is a real-time
setup, that is probably not a problem here.

In addition, the chances
of this would likely be less than your chances of this during daily
surfing of the web with a browser

Even considering that I have things like java and JavaScript
turned off, and my browers and system *can't* do anything with Active-X
at all?


Besides -- if I understand the operation of IRC properly, it is
a real-time medium. I need to be awake and logged in at the same time
as whoever else I am chatting with (like the unix "talk" program,
which I also did not like when I used it).

I far prefer being able to hold a discussion in non-real-time,
as I keep strange hours, and there are people all over the world in
this newsgroup (and thus, presumably in your IRC channel, if it takes
off as you desire.) The real-time nature of an IRC channel would limit
who could take part in any given discussion.

Also -- this newsgroup is automatically archived, and can be
consulted months or years later (through the proper systems). Does
this apply to what you offer?


I will agree on those points. This service is not a replacement for the
newsgroup. It is just an extra venue for the users who may wish to
converse a topic in real time, vs. the hours or even days it may take
for a newsgroup post to propagate throughout the system. The users from
the other newsgroup who use the service find it a valuable asset. There
are many problem-solving things done, where you can work through a
problem in real time. i.e. You can get some ideas on what to check, or
look at. Go look or try something, come back in a few minutes and give
results...and then the process repeats until a solution is found.

For me, private e-mail works well enough for that purpose.

The folks who currently use the IRC service are all knowledgeable in a
variety of subjects related to machining, several own thier own
business, some do repair work, others have vast years of experience in
cutting just about anything. All are friendly, willing to help, and all
around good folks.

As I am far more often on the answering than the questioning
side of things, I suspect that I can live without your IRC service, and
as it is, the net takes up too much of my day as it is. I don't need to
add anything more.

Good Luck,
DoN.

--
Email: | Voice (all times): (703) 938-4564
(too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
--- Black Holes are where God is dividing by zero ---
Reply With QuoteReply With Quote