[TriLUG] IRC question
jonc at nc.rr.com
Sun Sep 14 23:25:52 EDT 2003
On Sun, 2003-09-14 at 20:25, Steve Kuekes wrote:
> I'm new to IRC chatting the am attempting to connect to the trilug irc
> system with a /server irc.trilug.org
> I get the following messages
> Connecting to irc.trilug.org via irc.trilug.org:6667, attempt 1 of 5...
> === *** Looking up your hostname...
> === *** Found your hostname, welcome back
> === *** Checking ident
> === *** No identd (auth) response
> === *** Banned: proxyscan; Open proxy found on your host. Please check
> with staff at freenode.net for more information.
> I am using a mozilla chat on a windoze system behind my linux firewall.
> Do I need to change something on the firewall?
Sounds like the firewall has some open ports that the IRC server doesn't
like. A quick google turned this up:
1.11 IRC servers are probing me.
One of the most popular applications is "chat", like IRC. One
feature of chat programs is that they reveal the IP address of
the people you are chatting with. One problem with chatrooms is
that people enter the rooms "anonymously" and play around,
either by disrupting conversations with offtopic comments and
flamebait, or by "flooding" the servers or other clients in an
attempt to kicked them off.
Therefore, both servers and clients are implementing measures to
stop "anonymous" use of chatrooms. In particular, they check
people entering chatrooms in order to see if they are "proxying"
through some other connection. The most popular of such probes
is SOCKS. The assumption is that if the IP address of where you
are coming from supports SOCKS, then it is possible that you
have a completely separate machine and are only going through
the indicated machine in order to hide your true identity.
Undernet's policy on this can be found at
At the same time, crackers/hackers will scan people's machines
in order to determine if they are running some sort of server
that can be bounced through. Again, by checking for SOCKS, the
attacker hopes to find somebody that has left SOCKS open, such
as a home user implementing connection sharing using SOCKS, but
accidentally configured it so that anybody on the Internet has
access to it.
More information about the TriLUG