Background

A router vulnerability allows an invalid DCC command to disconnect a user from IRC. If you have been sent here you are likely vulnerable to this attack. Instructions to fix this vulnerability follow.

Introduction

There are two options for fixing this issue: either Update Firmware or Change Port. The first describes a fix to the router, the second a software workaround that can be used if the router is not accessible.

Then proceed to How to Rejoin in order to be allowed back into the Ubuntu channel.

Update Firmware

Most router manufacturers have provided an updated firmware for their router that fix this particular exploit. Please check with their website for upgrades and installation instructions.

Change Port

The easiest way to work around this issue is to change the port through which you connect to freenode (or other IRC networks). Most clients automatically connect to port 6667 when using an IRC server, but freenode also offers the ability to connect to port 8001. This will prevent this particular exploit from affecting you.

Remember that you will have to close and reopen your IRC client for the changes to take effect (or otherwise make sure that the new connection settings are applied on reconnection).

XChat users can change this by going to XChat -> Network List, selecting Ubuntu Servers, clicking Edit, and change irc.ubuntu.com to irc.ubuntu.com/8001. You may also need to change the Freenode server in the same way from irc.freenode.net to irc.freenode.net/8001.

XChat-GNOME users can change this by going to Edit -> Preferences. Then select Networks on the side. Double-click on Ubuntu Servers on the right, click the servers tab, and then change irc.ubuntu.com to irc.ubuntu.com/8001. You may also need to change the Freenode server in the same way from irc.freenode.net to irc.freenode.net/8001. Remember to press enter before you click Close or your changes will not be saved.

Konversation users can go to File -> Server list -> Edit, click on the server name (e.g. irc.ubuntu.com), click on Edit, and change the port from 6667 to 8001.

Pidgin users can go to Tools -> Accounts, choose your chat.freenode.net account, -> Modify -> Show more options, and change the port from 6667 to 8001, -> Save.

Irssi users can type /connect irc.freenode.net 8001 every time they connect or, as a long term solution modify the port with commands /server add -network Freenode -port 8001 irc.freenode.net (to modify the settings) and /save (to make them permanent).

weechat users should edit ~/.weechat/weechat.rc (nano ~/.weechat.weechat.rc), and, in the [server] section, change server_port = 6667 to server_port = 8001 and save the changes.

Chatzilla connection settings cannot be edited in a straightforward way in the GUI. When making a new connection, the port can be chosen by connecting with command /server irc.freenode.net 8001 or by connecting to irc://irc.freenode.net:8001

Colloquy can be configured to connect to port 8001 by expanding the dialog to create a new connection to show details, changing the Chat Server Port from 6667 to 8001 and ticking the "Remember this connection" checkbox.

The procedure for other IRC clients is similar, but the syntax is slightly different. Most other IRC clients use chat.freenode.net:8001 to specify port 8001.

How to Rejoin

Warning /!\ Upon fixing this issue you will NOT automatically be allowed to rejoin #ubuntu if you have been temporarily forwarded to #ubuntu-read-topic. You must type "test me" (without the quotes) in that channel. If you are no longer affected by the exploit then you will be allowed back into #ubuntu in a short time.

If the automatic test fails, join #ubuntu-ops and, there, ask to be tested by operators.

Why you can't auto rejoin

This action is an attempt to make it less attractive for anyone to do the exploit, when it first happened there were lots of disconnections. Now it is usually less than 10 at a time.

See Also

Cleanup Details

It was brought to the attention during a conflict resolution that this page may be a bit confusing for new users. Due to this, it would be great if someone could rethink the page, make it much cleaner and much easier to read for everyone. Screenshots never hurt!


CategoryInternet

FixDCCExploit (last edited 2011-04-08 15:31:04 by k.dejong)