At 08:22 AM 3/4/2002 -0600, you wrote: > If I read this right, this only affects people who are silly > enough to put IRC on their firewall.
I don't think so. Unless I'm mistaken, if you load the irc module for netfilter (similar to the ftp or realaudio module) then you may be vulnerable. I would think a lot of the netfilter scripts floating around do so. (For those that don't know, these modules help netfilter modify packets as they traverse the firewall. They are needed because some protocols, like ftp, embed client information (ie., IP addresses) in the data field.) I just checked and found the irc module on my RH7.2 system: /lib/modules/2.4.9-31/kernel/net/ipv4/netfilter/ip_nat_irc.o To be honest, I have played much with netfilter, and I don't know exactly what ip_nat_irc does.However, if you are using netfilter you may want to see if you have that module loaded with lsmod: # lsmod I just looked at the source: http://www.linuxhq.com/kernel/v2.4/patch/patch-2.4.14-pre7/linux/net/ipv4/netfilter/ip_nat_irc.c.html And this does indeed appear to be for clients of IRC, and not those just running servers. Regards, Dustin --- Dustin Puryear <[EMAIL PROTECTED]> Information Systems Contractor http://members.telocity.com/~dpuryear PGP Key available at http://www.us.pgp.net In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
