Open Proxy

If you have been K:lined (banned) from IRCWorld IRC Network and the link told you to go here then please be advised that you are possibly using an open proxy server. There are several different types of open proxy, but they all take the form of a piece of software that allows other computers to “bounce” through it to access the Internet. This can be legitimately useful in many situations, but the one you are using is configured incorrectly and allows anyone to use it. Open proxies are not permitted, and hosts using open proxies will be banned from all servers.
If you have been on IRC for any length of time, you have probably seen an attack using open proxies at least once. Hundreds of clients will enter a channel, often with random nick names, and start sending large amounts of coloured channel and CTCP messages. Commonly they will leave and join the channel rapidly in order to cause more disruption.
Without completely locking up the channel, there is no effective way to stop the flood. Even if the channel is locked up, the floods of text can be sent to individual users and will usually be enough to disconnect them. Most of these types of attacks use open proxies because open proxies are relatively easy to come by. Lists of them are readily available over the Internet. This is why IrcWorld IRC Network does not permit such hosts access to the network. If you have to use a proxy, it should be configured correctly.

If you administer your network then read on, else point the administrator at this page. Please note we cannot help you configure your specific proxy software – just give some general guidelines, usually the makers website will have more helpful instructions then ones we can give you.

Nowadays we have several types of proxies, you need to find out what sort of proxy has been detected on your host then you can follow the relevant instructions below. In nearly all cases it is a matter of changing the configuration to limit the proxy to particular IP addresses. If you aren’t sure what sort of proxy you are running then try the cyberabuse scanner which will scan your IP address for open proxies of various types.

HTTP Connect
A misconfigured HTTP proxy designed to allow SSL access via the connect command can be used to make TCP connections to any host. In some cases the default configuration might allow this type of access.

These types of proxy do not allow full TCP connections like the HTTP Connect type but they are more widespread (some well known ISPs even run open proxies of this type). Many HTTP proxies or web caches can be abused in this way if they do not have the correct permissions (or ACLs) in place.

This is a specifc package that is designed to allow telnet access via a gateway, it is just a case of setting the access controls correctly to only allow access to the people who need to use the service.

SOCKS allows access behind firewalls from IP addresses which are not accessible on the public internet, again this is a case of limiting its usage to only the IP addresses which require access to the service.

These are cisco routers with an insecure default password which allows telnet access to be gained through the router. You will need to change the password on the router to something more secure.

For more information refer to the developers documentation.


Modified for IRCWorld from Blitzed version.

Leave a reply

You must be logged in to post a comment.