Interview with Melech DALnet IRC Operator (IRCOP)

1.Can you tell me a little bit about yourself.
Background information etc?

I am an IRC Operator on the DALnet IRC Network.
I am also a lawyer, dealing mainly with legal and
regulatory issues concerning the telecommunications
and Internet sectors.

2. What made you get interested in studying IRC Bots and Trojans?

I have seen the effect exploited hosts can have on a network.
On their own, a single exploited host isn't much of a problem.
However, a network of these bots remotely controlled by
someone with malicious intent can cause network-wide problems.

3. Can you tell me a little about your work in the
#nohack channel or exploits team?

I assist the Exploits team by liaising with ISPs, network
operators other relevant organizations.

4. How do you foresee the future for these Bots?
As in do you think the problem will escalate or die out?

There will always be a problem with exploited hosts while
users remain uneducated as to the dangers of accepting and
executing unknown code on their computers. However,
education is only one side of the equation. We must also
work with the relevant authorities and operators to ensure
the people responsible for these exploits are dealt with in
an appropriate manner.

5. How do you think the problems could be avoided and
solved for both the users and the IRC Service?

Users should NOT accept, execute and use scripts they
do not understand. Users should run a virus scan regularly
on their system. Users should ensure they are running a
personal firewall such as ZoneAlarm. From a network
perspective, an active exploit-prevention team is essential.
Good relationships with authorities and operators/service
providers is also advantageous.

6. Is there any other comments you would like to add?

The people responsible for proliferating these exploits
are criminals. They cause damage not only to the
exploited users, but also have the ability to unleash
DDoS attacks on any target on the Internet. This problem
isn't limited to IRC. It is essential for the wider Internet
community understand this point. Their machines are
attacked by the same tools as attack IRC servers.
We must learn to work together to solve this problem
in a professional manner.
   
       
    Questions? Comments?
E-mail Web master: www@lockdowncorp.com
Copyright © 2001 by LockDown Corp. All rights reserved.
Site is optimized for 800x600 resolution or greater.