View and vote on the article here: Anonymity on IRC
Anonymity on IRC| Category | | | Summary | | Welcome to this tutorial about anonymity on IRC. Please click "Read more" to find out more... |
| | Body | There are many ways of
hiding your true IP address in IRC and I'm going to talk about most of them
so if you ever wanted to know how to do it then just keep reading :)
### The Mode +x command ###
Mode x hides a part of your IP address or hostname. To turn it on you have
to type the following in mIRC (or your favourite IRC client): /mode nick +x
Example:
/mode gr0v +x
*** gr0v sets mode: +x
When someone does a /whois on me they will only see the last part of my
host:
gr0v@***-61691.isp.com
Notice the *-s, they represent the part of the hostname that has been hidden
(masked).
To turn off mode x I just have to type /mode nick -x
Example:
/mode gr0v -x
*** gr0v sets mode: -x
Now when someone does a /whois on me again they will see my full host name:
gr0v@h229fls31o873.isp.com
However this command is only half-useful and prevents possible attackers
from getting to know your real IP/host (as long as you don't DCC with them),
but they still might get a lot of information looking at the last part of
your hostname, it also doesn't hide your IP from the IRC server so don't go
taking over any channels just yet :P
This command should be supported by most of the IRC servers out there.
### Sub7 Port Redirecting ###
Sub7 is a well known trojan and it has a nice feature called port
redirecting. If you have successfully infected someone (lets say that someone
is Lamer) with that trojan then it's possible to connect to any IRC server
through his computer. Just open up Sub7 and look for the port redirection
option and click add port. Now you have to fill in 3 fields: input port,
output IP or host and output port.
Example:
Input port: 12645
(This is the port that the trojan will open for you to connect to on Lamer's
machine)
Output IP or host: delfi.ircworld.org
(type the name of the IRC server you want to connect to here)
Output port: 6667
(IRC port, they are usually 6667, 6668 or something like that. You should
find the port on the IRC servers website)
And that's it, now open up mIRC (I'm using mIRC for all these examples, but
this works with other IRC clients too).
In mIRC type the following:
/server targetsIP:targetsport
Where targetsIP is the IP of the person (Lamer) who you have infected with
sub7 and targetsport is the port number which you used in the input field
(12645 in this example).
Now you should be connected to the IRC server, try a /whois on yourself and
you will see that the server thinks you are Lamer :) You can also connect
through many different computers that you have infected with sub7 if you are
really paranoid, that makes tracing you very hard or even impossible. But
the downside is that it takes a long time for packets to travel through many
computers and your chatting might become very slow.
### Connecting through a firewall ###
Let's open up mIRC connection options - firewall. Tick the use Firewall
checkbox and after that fill in the Hostname of the proxy/socks server. In
most cases you don't have to type anything in the userID/password fields.
The port number is usually 1080 for socks servers and 8080, 3128, 81 or 80
for proxy servers. A list of public proxies is available here
When connecting through a socks/proxy server the IRC server will think
you are the proxy/socks server (nice sentence, eh :P) But most servers keep
logs so it's not a good idea to piss off IRCops or stuff like that because
they might mail the owner of the proxy and still find out who you are. Still
it should keep most users from discovering your true identity.
Most IRC servers also check for socks/proxy servers and if they find one
they won't let you in, they just check if everyone trying to connect for well known proxy ports (listed above) and if they find you are using one they will abort your connection
attempt.
Another firewall you can use is WinGate/SyGate. Wingate allows people to
share an outgoing connection and a lot of them are badly configured so that
they accept connections from anywhere (not just from the people they are
supposed to). Connecting through a Wingate is the same as connecting through
a proxy/socks server, but working Wingates are harder to find
and if you do find one it will propably not last longer then a few weeks,
eventually the sysadmin of the wingate finds that the server has been badly
configured and fixes it. You can search for "wingate lists" or "proxy
lists" from google. It is also possible to use a wingate scanner to scan for
open wingates yourself. There are many different scanners out there just do
a search.
### Connecting through a bouncer ###
There are many *nix bouncers like ezbounce or bnc and even one for windows,
winBNC. They are made just for IRC-ing and work as IRC-proxies. To set up a
bouncer you will have to get a shell account that allows background
processes and outgoing connections, but most free shell providers don't
allow that, good luck looking though :P
If you find a provider then connecting through a bouncer is similar to
connecting through a sub7 trojan.
Example:
I have a bouncer running on www.isp.com port 13465
All I have to do is open up mIRC and type the following:
/server www.isp.com:13465
Now the bouncer asks for identification (can be turned off also, but that's
a bad idea unless you don't want everyone to be able to connect through your
bouncer)
/quote pass password
That should do the trick (replace password with your pass of course :D)
After showing the MOTD (message of the day) the bouncer wants to know which
IRC server to connect to, just type /quote conn server port
Example:
/quote conn delfi.ircworld.org 6667
Also when your shell account has vhost support it's possible to change your
hostname to something nice like bill.gates.zw or loves.you.ee. (However the last part of the hostname must actually exist, in my example *.ee stands for Estonia and *.zw for Zimbabwe) Type /quote help
to see your bouncers help and the syntax for assigning a vhost, it might be
different in different bouncers.
As you propably remembered I said that there's a windows version of bouncer
also. You can ask a friend to install it and connect through it the same
way.
In case you are wondering if there are any public bouncers out there, the
answer is: a few.
In fact because of heavy abuse they are very rare. Here's one :
irc.polarhome.com:8080
If you have been paying attention you should know how to connect through it
:P
### Getting a vhost from IRCop-s ###
This is also one way of hiding your identidy, but I'm not sure if all IRC
servers give their users vhosts. It's not a problem getting one in
irc.cyberarmy.com, just join #vhosts and ask :)
But if you are chatting on some other IRC server it might not be so easy. Go
to their homepage and look for info on vhosts (usually just type the name of the server as URL in your browser). Some servers
have a request form you have to fill out, on some servers you have to have a
static IP to get a vhost. You also have to give a good reason, something
like you are trying to protect yourself from hackers who are constantly
scanning your IP when you are IRC-ing might be a good enough reason. Also
you can try talking to an IRCop and ask him to set up a vhost for you, again
give a good reason.
### Conclusion ###
Hope you enjoyed reading this as much as I did writing it. You should be
able to hide your real IP in IRC now. If someone notices any mistakes I
might have made then please report them (I've been writing this for 2 hrs
and there's no way I'm gonna read it over again :P)
Btw, this is the first tutorial I have ever written so all comments and
suggestions are welcome.
|
|
This article was imported from zZine. (original author: gr0v)
There are no replies to this post yet.
|