DCC Alliance hazardous for IRC

Remember the Debian Core Consortium DCC Alliance, that grouping of Debian derivatives that doesn’t include Ubuntu? Don’t discuss it on (Freenode) IRC…

The Ubuntu Weekly Newsletter Issue 27 states,

One other sidenote, when in one of the Ubuntu IRC channels, avoid using the word DCC as well, as it will get you automatically kicked (KLined) from the network.

This DCC refers to Direct Client to Client, an IRC-related protocol that connects two machines directly instead of via an IRC server. The context of the above quote is that there is a DCC attack which can knock vulnerable routers off the Internet.
Here is the whole paragraph from the newsletter:

If you are using IRC to connect to any of the Ubuntu IRC channels, the IRC Operator’s Team would like to inform you that to make your connection secure you should use port 8001 when connecting to any of the Freenode servers. There has been a recent surge in people exploiting vulnerable routers of IRC users. Using port 8001 will prevent you from being disconnected from one of these DCC attacks. It is also recommended that you download and install the latest firmware for your router. Do note that all these attacks do is disconnect you from the IRC server. So to avoid being banned from a channel due to join and part flooding, fix your settings now. One other sidenote, when in one of the Ubuntu IRC channels, avoid using the word DCC as well, as it will get you automatically kicked (KLined) from the network.

Moral of the story? Don’t name your organisation the same as something (useful but) which can be used as an Internet attack!

Advertisements


%d bloggers like this: