mIRC Home    About    Download    Register    News    Help

Print Thread
Disable DDESERVER on default #83984
24/05/04 09:49 AM
24/05/04 09:49 AM
Joined: May 2004
Posts: 3
Z
ZralleZ Offline OP
Self-satisified door
ZralleZ  Offline OP
Self-satisified door
Z

Joined: May 2004
Posts: 3
I suggest to disble DDEserver on default when mIRC gets installed, due alot of exploits/vlrsues are using DDE-server to infect/spread(s)

Re: Disable DDESERVER on default #83985
24/05/04 10:19 AM
24/05/04 10:19 AM
Joined: Apr 2004
Posts: 839
The Netherlands
Sat Offline
Hoopy frood
Sat  Offline
Hoopy frood

Joined: Apr 2004
Posts: 839
The Netherlands
Are you aware of the fact that DDE is not the only way of sending commands to an already running mIRC session? If DDE were to be disabled by default, the exploit/virus coders would simply move on to another (trivial) way of sending commands.

Besides, disabling DDE is only a matter of treating symptoms, not the real problem. After all, you'd already have a rogue process running on your system.


Saturn, QuakeNet staff
Re: Disable DDESERVER on default #83986
24/05/04 11:15 AM
24/05/04 11:15 AM
Joined: May 2004
Posts: 3
Z
ZralleZ Offline OP
Self-satisified door
ZralleZ  Offline OP
Self-satisified door
Z

Joined: May 2004
Posts: 3
Your right there.

But i will still think it will make it harder for the newbies to make infections, for spreading through DDE.

Re: Disable DDESERVER on default #83987
24/05/04 11:53 AM
24/05/04 11:53 AM
Joined: Apr 2004
Posts: 839
The Netherlands
Sat Offline
Hoopy frood
Sat  Offline
Hoopy frood

Joined: Apr 2004
Posts: 839
The Netherlands
That could be, and from that perspective, turning off the DDE server by default might be a good thing.

However, (and I'm not saying this to you specifically!) there appears to be a common misconception that mIRC's DDE server is a "security risk", and that disabling it will somehow make your computer more secure. That is simply not true.


Saturn, QuakeNet staff
Re: Disable DDESERVER on default #83988
24/05/04 05:58 PM
24/05/04 05:58 PM
Joined: Feb 2003
Posts: 307
Portugal
T
tontito Offline
Fjord artisan
tontito  Offline
Fjord artisan
T

Joined: Feb 2003
Posts: 307
Portugal
Well one of the rules of security is that is better to turn off unused services since they may be a gateway.

in this case, since most of the users don't use that (i don't) i belive it is better for it to be off by default.

Re: Disable DDESERVER on default #83989
24/05/04 06:31 PM
24/05/04 06:31 PM
Joined: Apr 2004
Posts: 839
The Netherlands
Sat Offline
Hoopy frood
Sat  Offline
Hoopy frood

Joined: Apr 2004
Posts: 839
The Netherlands
Seems like I wasn't clear enough.. The point I was trying to get across in the posts above, is that that rule of security does not apply to mIRC's DDE server, because processes utilizing it already need to be running on the same system as mIRC, in which case they can also use the SendMessage way of sending commands, modify mIRC's configuration files, start their own copy of mIRC, and anything else you can possibly think of (all of these methods are being used by worms already).

In other words, mIRC is already a "gateway" anyway (with or without DDE server), and malicious code that is able to use mIRC as a "gateway", can use other methods to do whatever it wants to do (e.g. spread on IRC), without using mIRC, and without any loss of its malicious "functionality."

So, if the DDE server were to be disabled by default, it would not be because of that reason.


Saturn, QuakeNet staff
Re: Disable DDESERVER on default #83990
25/05/04 09:13 AM
25/05/04 09:13 AM
Joined: Dec 2002
Posts: 395
Ireland
M
MonoSex Offline
Fjord artisan
MonoSex  Offline
Fjord artisan
M

Joined: Dec 2002
Posts: 395
Ireland
As far as i know, the Chat Links needs DDE enabled to work.

Re: Disable DDESERVER on default #83991
25/05/04 01:58 PM
25/05/04 01:58 PM
Joined: Feb 2004
Posts: 201
Melbourne, Australia
J
Jae Offline
Fjord artisan
Jae  Offline
Fjord artisan
J

Joined: Feb 2004
Posts: 201
Melbourne, Australia
Maybe even a little facility to "see" which programs are "using" DDE Server or SendMessage.. might make it easier for novice users to know what programs are doing with their mIRC ..

Cheers!