mIRC Home    About    Download    Register    News    Help

Print Thread
Changing port for BNC service #264632
24/12/18 03:55 AM
24/12/18 03:55 AM
Joined: Dec 2018
Posts: 1
California
D
dialhoang Offline OP
Mostly harmless
dialhoang  Offline OP
Mostly harmless
D

Joined: Dec 2018
Posts: 1
California
Hello everyone, I am trying to log into my BNC service on Snoonet, and I am getting this message:

[19:50] * Connecting to bnc.snoonet.org (5456)
-
[19:50] * Using STS secure port +6697

I need to change this so that the port is 5456. How can I do this?

Re: Changing port for BNC service [Re: dialhoang] #264633
24/12/18 07:21 AM
24/12/18 07:21 AM
Joined: Jan 2004
Posts: 1,158
maroon Offline
Hoopy frood
maroon  Offline
Hoopy frood

Joined: Jan 2004
Posts: 1,158

Re: Changing port for BNC service [Re: dialhoang] #264634
24/12/18 08:55 AM
24/12/18 08:55 AM
Joined: Dec 2002
Posts: 4,449
London, UK
Khaled Offline

Planetary brain
Khaled  Offline

Planetary brain

Joined: Dec 2002
Posts: 4,449
London, UK
The STS mechanism tells a client that it should only connect to the server using SSL on a specific port and that it should refuse to connect to the server otherwise. If a server has specified an STS policy in the CAP event on connect, the client is required to use it.

You could use the Clear History feature in the Tools menu in mIRC to clear SSL/STS history and try connecting again. However, if on connecting to the server again, the client sees an STS policy listed, this specifically instructs it to disconnect and to connect directly via the specified SSL port.

Users have come across the same issue in web browsers, where a site, such as Google, requires HSTS, and the browser refuses to connect via a proxy. I have found three options, none of which seem to be usable solutions: disable the proxy (in other words, do not use the BNC), disable STS checking in the browser (a roundabout method was found to do this in Firefox but has probably been fixed by Firefox, since a user should not be able to disable it), or add the proxy's SSL certificate as a Trusted Roots Certificate (in other words, trust the proxy as a MITM for all SSL traffic from your computer, which may not be a good idea, and I am not sure if that would work in mIRC currently anyway).

Re: Changing port for BNC service [Re: Khaled] #264635
24/12/18 02:02 PM
24/12/18 02:02 PM
Joined: Jan 2004
Posts: 1,271
L
Loki12583 Offline
Hoopy frood
Loki12583  Offline
Hoopy frood
L

Joined: Jan 2004
Posts: 1,271
Bouncers do not attempt to act as a transparent proxy, the connection to the bouncer is unrelated to whatever it may be connected to. They should not be passing back capabilities such as STS either.