mIRC Home    About    Download    Register    News    Help

Topic Options
#264632 - 24/12/18 03:55 AM Changing port for BNC service
dialhoang Offline
Mostly harmless

Registered: 24/12/18
Posts: 1
Loc: California
Hello everyone, I am trying to log into my BNC service on Snoonet, and I am getting this message:

[19:50] * Connecting to bnc.snoonet.org (5456)
[19:50] * Using STS secure port +6697

I need to change this so that the port is 5456. How can I do this?

#264633 - 24/12/18 07:21 AM Re: Changing port for BNC service [Re: dialhoang]
maroon Offline
Hoopy frood

Registered: 12/01/04
Posts: 1108

#264634 - 24/12/18 08:55 AM Re: Changing port for BNC service [Re: dialhoang]
Khaled Offline

Planetary brain

Registered: 04/12/02
Posts: 4375
Loc: London, UK
The STS mechanism tells a client that it should only connect to the server using SSL on a specific port and that it should refuse to connect to the server otherwise. If a server has specified an STS policy in the CAP event on connect, the client is required to use it.

You could use the Clear History feature in the Tools menu in mIRC to clear SSL/STS history and try connecting again. However, if on connecting to the server again, the client sees an STS policy listed, this specifically instructs it to disconnect and to connect directly via the specified SSL port.

Users have come across the same issue in web browsers, where a site, such as Google, requires HSTS, and the browser refuses to connect via a proxy. I have found three options, none of which seem to be usable solutions: disable the proxy (in other words, do not use the BNC), disable STS checking in the browser (a roundabout method was found to do this in Firefox but has probably been fixed by Firefox, since a user should not be able to disable it), or add the proxy's SSL certificate as a Trusted Roots Certificate (in other words, trust the proxy as a MITM for all SSL traffic from your computer, which may not be a good idea, and I am not sure if that would work in mIRC currently anyway).

#264635 - 24/12/18 02:02 PM Re: Changing port for BNC service [Re: Khaled]
Loki12583 Offline
Hoopy frood

Registered: 22/01/04
Posts: 1263
Bouncers do not attempt to act as a transparent proxy, the connection to the bouncer is unrelated to whatever it may be connected to. They should not be passing back capabilities such as STS either.