New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Not sure if this still happens, but kiddies get banned from servers and ddos/attack it. A bit like with Minecraft.
Botnet hubs, IRC networks in general attract DDoS, etc...
There are also irc botnets which basically means they can send out ddos commands from a virus on your pc to its target in its thousands of pcs controlled under a irc server
http://www.kaspersky.com/images/waldecker,bernhard-_a_review_on_irc_botnet_detection_and_defence-10-98487.pdf
@StormVZ You mean IRC clients are easily controlled by the servers and put to nefarious purposes?
@AsadHaider @JTR Why do people like to DDOS IRC servers, is there something going on in IRC servers that cause people to want to DDOS them, or is just some weird underground social phenomenon that some kids enjoying doing?
The whole things seems mystifying to me. What are the DDOSes meant to accomplish anyway?
@rchurch er nope, take a look at page 2 on the link above. The diagram should explain it, victim being the user with a infected pc
So that means that the service provider is afraid the customer could be controlling a botnet, right?
Seen it way too many times.
The whole botnet excuse is pretty lame because a botnet operator would likely run it on 443/tcp, 80/tcp, or something to fly it under the radar and not 6667/tcp or any of the standard IRC ports.
Or the fact that botnets don't even have to use IRC, they could easily run under some other existing or custom protocol...
Also, not all IRC networks frequently get DDoS'd. For example, a network of around 200-250 users that I'm an admin of has been around since late 2006, (almost 6 full years) and to this day has not received a single DoS attack.
As someone who runs an IRC network DDoS or botnet attacks generally come from when someone gets butthurt because they didn't get their way, for example an admin banning them because they broke the rules.
I find that botnet attacks are far more common than ddos attacks, probably because kiddies think they are so cool with their ClonesX, which are easily thwarted.
Honestly, I'm always a bit disappointed when hosts don't allow IRCds, simply because I've been running them for a long time and have never get DDoSd. And I believe that if some hosts can offer it without problems, other hosts should be able to as well.
It's a trust thing.
It's a shame that providers have to disallow IRC usage because of this. Especially when I see that they completely disallow it; not even letting personal BNCs run on a VPS.
I don't even know why they do that. Maybe they aren't familiar with the situation and just go ahead and block everything so they have no hassle.
In short. IRC attracts skids as they like to see servers drop/delink.
Same reason as game server hosting. A mare ban turns into a DDoS as if someone violated their freedom of speech or something... skidds these days...
Generally when a provider disallows certain type of usage (IRC) there are bunch of people who start bashing this provider and the provider looses these people as potential clients.
On the other hand there are other people who then like this provider more and prefer to be with him. So you loose some clients and gain some other clients. Some providers prefer the former type of customers, some providers prefer the later. I personally prefer the second type.
Also one of the main reasons is most of us don't own our own Datacenters and the DC's tos and aup's alot of the time say that we do not allow irc over our network.
Basically IRC, like gameservers and webservers (!) attracts DDoS - but because it's not as "mainstream" as webservers they can get away with banning it.
And no, running an IRC network is not a guarantee of DDoS.
Top 5 customers who get DDoS'd:
1. gameservers
2. teamspeak servers
3. irc / ircd customers
4. vpn customers
5. torrent customers
I deal with it 12 hours a day, 6 days a week and for the past 15 months (past and current employers).
typical customer's VPS plan:
gameserver customer = $10 - 20/mo
teamspeak customer = under $7/mo
irc customer = under $5/mo
vpn customers = under $5/mo (usually a company reselling OpenVPN servers)
torrent customer = $5 - 10/mo range
That's pretty much why companies don't deal with gameservers, teamspeak and irc/ircd customers because I've been lenient in the past with customers thinking it was a one time deal and less than 24 hours, sometimes even as less than 4 hours later, another DDoS attack comes in just as bad or even worse. If you guys only knew how it feels to have a 100Gbps attack hit a $20/mo customer then everything else you had to deal with such as your data center complaining, your network technicians paranoid of what is going to happen next, IPs nullrouted and that may need to be reissued not to mention nullrouted ones on already hard to get IP addresses but all of you would change your mind if you worked for a hosting company for awhile.
I can (theoretically) understand banning irc servers, but why ban irc clients?
> op ban butthurt skid
> skid whois op and get ip
ddos, and vps node hosting the client dies
some irc network do not have host cloak
About the same amount of fun as dealing with spam/DNS BLs: IRC network owners are just as bad to deal with to get unglined on large networks. Some customers may threaten to leave your company when they cannot connect to Freenode / EFNet / wherever because of a previously abusive customer.
I must concur with @breton and have to add that at least Freenode allows host cloaks for irc clients so when properly configured the VPS address shouldn't be visible and will be unable to be DDOSed.
Anyway I've never been DDOSed despite using irc for years so the irc client DDOS excuse seems a poor one to me.