On Fri, 12 Mar 1999, fractalg wrote: >Hello, >I've just found a big hole in services provided by IRC networks. The >services in question are Chanserv, Nickserv, Memoserv. >I've found them at Portuguese IRC Network aka PTNET but I think these can be >applied to other IRC networks that are based around DALNET code since PTNET >is a modified version of Dalnet code. If this doesn't work in other IRC >networks at least can be a good example of very bad programming in areas >related to security and networking. Not true. DALnet never released their services code. These are all CLONES. >So it came the new version of the servers this time with a nice feature ! >You didnt need to identify the nick when the servers rejoined from the >split ! The first time I saw this I tought about how would the services >recognize me as the true nick before the split... I never had the chance to >test this theory until some days ago. Well, DALnet uses IDs and the like, and is most probably not susceptible to this. I really wish people would do more research before putting out junk like this. I doubt that this person even informed PTNET that their services had a bug. Taral
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:55 PDT