mIRC Home    About    Download    Register    News    Help

Print Thread
#83984 24/05/04 09:49 AM
Joined: May 2004
Posts: 3
Z
ZralleZ Offline OP
Self-satisified door
OP Offline
Self-satisified door
Z
Joined: May 2004
Posts: 3
I suggest to disble DDEserver on default when mIRC gets installed, due alot of exploits/vlrsues are using DDE-server to infect/spread(s)

Joined: Apr 2004
Posts: 867
Sat Offline
Hoopy frood
Offline
Hoopy frood
Joined: Apr 2004
Posts: 867
Are you aware of the fact that DDE is not the only way of sending commands to an already running mIRC session? If DDE were to be disabled by default, the exploit/virus coders would simply move on to another (trivial) way of sending commands.

Besides, disabling DDE is only a matter of treating symptoms, not the real problem. After all, you'd already have a rogue process running on your system.


Saturn, QuakeNet staff
Joined: May 2004
Posts: 3
Z
ZralleZ Offline OP
Self-satisified door
OP Offline
Self-satisified door
Z
Joined: May 2004
Posts: 3
Your right there.

But i will still think it will make it harder for the newbies to make infections, for spreading through DDE.

Joined: Apr 2004
Posts: 867
Sat Offline
Hoopy frood
Offline
Hoopy frood
Joined: Apr 2004
Posts: 867
That could be, and from that perspective, turning off the DDE server by default might be a good thing.

However, (and I'm not saying this to you specifically!) there appears to be a common misconception that mIRC's DDE server is a "security risk", and that disabling it will somehow make your computer more secure. That is simply not true.


Saturn, QuakeNet staff
Joined: Feb 2003
Posts: 307
T
Fjord artisan
Offline
Fjord artisan
T
Joined: Feb 2003
Posts: 307
Well one of the rules of security is that is better to turn off unused services since they may be a gateway.

in this case, since most of the users don't use that (i don't) i belive it is better for it to be off by default.

Joined: Apr 2004
Posts: 867
Sat Offline
Hoopy frood
Offline
Hoopy frood
Joined: Apr 2004
Posts: 867
Seems like I wasn't clear enough.. The point I was trying to get across in the posts above, is that that rule of security does not apply to mIRC's DDE server, because processes utilizing it already need to be running on the same system as mIRC, in which case they can also use the SendMessage way of sending commands, modify mIRC's configuration files, start their own copy of mIRC, and anything else you can possibly think of (all of these methods are being used by worms already).

In other words, mIRC is already a "gateway" anyway (with or without DDE server), and malicious code that is able to use mIRC as a "gateway", can use other methods to do whatever it wants to do (e.g. spread on IRC), without using mIRC, and without any loss of its malicious "functionality."

So, if the DDE server were to be disabled by default, it would not be because of that reason.


Saturn, QuakeNet staff
Joined: Dec 2002
Posts: 395
M
Fjord artisan
Offline
Fjord artisan
M
Joined: Dec 2002
Posts: 395
As far as i know, the Chat Links needs DDE enabled to work.

Joined: Feb 2004
Posts: 201
J
Jae Offline
Fjord artisan
Offline
Fjord artisan
J
Joined: Feb 2004
Posts: 201
Maybe even a little facility to "see" which programs are "using" DDE Server or SendMessage.. might make it easier for novice users to know what programs are doing with their mIRC ..

Cheers!


Link Copied to Clipboard