[Up] HowTo

IRC Anonymity Guide

This page contains hints about making your presence on IRC as anonymous as possible.

Contents

IRC Anonymity Guide

The obvious "don't"s

Don't enter/use information that can be associated with your real identity. This includes passwords, nicknames, full names, idents, etc.
Never accept a DCC request unless you know what you are doing. (See also: HowTo/DccOverI2p)
Don't follow unknown/suspicious links. Always use an anonymizing HTTP proxy when following links. Make sure you have read and understood DrWoo's Anonymously Browsing I2P
Do not connect to unknown IRC servers. The majority of IRC clients' security holes can be exploited only by the server administrators.
You shouldn't act suspicious or nosy, as this will decrease the level of trust people have in you. Don't try to send CTCP/DCC requests.

Serious notes

About mIRC

The use of mIRC is discouraged. However, in case you absolutely want to use mIRC, you should always keep the version up to date. This is because of the fact that mIRC has had a history of critical remote exploits. Also, as it's the most popular IRC client for Windows, it probably gets the most attention from hackers/crackers.
Avoid using suspicious mIRC scripts, as many of them include backdoors.

About X-Chat

X-Chat before version 2.6.x sends your hostname every time it connects to an IRC server, on UNIX-like OSs it is your username and on Windows machines it is your machine name (See uname -n for the value sent). This behavior cannot be overridden, and requires an IRC bouncer (like BNC) in order to change/hide the hostname.

CTCP/DCC

Theory (not necessary)

(You can safely skip this part and scroll down right to the Disabling CTCP/DCC section)

CTCP stands for Client To Client Protocol, it's a method for exchanging information between two IRC clients. The most common CTCP commands (requests) include ACTION, VERSION, PING, CLIENTINFO, USERINFO, etc.

CTCPs are bad, because they they can potentially reveal information about you, your IRC client, the OS you are using, etc.

Even though the most popular CTCP command, ACTION, is not harmful, it's probably the only one. CTCP ACTION will be issued with the /me command in most IRC clients. Also, the majority of IRC clients will not block CTCP ACTION when you ignore all CTCPs. (Which is good)

Most notably, CTCP VERSION can be used to get the name and version number of the IRC client you're using. For example, mIRC might reply with "mIRC v6.16 Khaled Mardam-Bey", and some IRC clients even go as far as revealing the kernel version, CPU and more ("xchat 2.0.10 Linux 2.6.8-1-686-smp [i686/2.79GHz/SMP]"). Fortunately, many IRC clients provide a way to fake the VERSION reply. However this is out of the scope of this guide. On the contrary, mIRC even includes protections that keep you from hex editing the VERSION reply.

CTCP TIME can be used to find out the timezone you live in, CLIENTINFO can be used to find out about the commands your IRC client supports, etc.

CTCP PING can be used to determine the round-trip time between two cliens, through the IRC server. This can potentially be used to find out the tunnel length of other users, but ping times through I2P are generally random enough. On the contrary, most clients send a timestamp when requesting CTCP PING, so if you ping anybody they'll probably be able to determine the timezone you're in.

DCC stands for Direct Client-to-Client, it is a protocol for establishing direct connections between two users, either for private chats or file transfers. Since these connections are direct (they don't go through the IRC server), the participants would need to know each other's IPs, which is obviously bad. (See also: HowTo/DccOverI2p)

Technically, DCC uses CTCP for the handshake, but most IRC clients won't block DCC when you tell them to ignore CTCPs.

Disabling CTCP/DCC

Irssi:
- /ignore * CTCPS (Ignores everything but ACTION and DCC)
- /ignore * DCC (Ignores all DCC commands)
mIRC:
- /ignore -wt *
- /ignore -wd *
ViRC (and ViRC 2.00): (This hack is necessary, because the built-in ignore command will also block CTCP ACTION)
1. Choose File -> 'Script editor...' from the menu.
2. Choose 'local.lib' from the drop-down box.
3. Copy-paste following lines to the header section, below the comments:
```
//Halts all CTCP requests from being processed, except ACTIONs
if [$strtrim($3)] != [ACTION]
AbortEvents
endif
```
4. Click on the 'Save & Rehash' button. That should do it.
(Thanks to DrWoo for the information about ViRC)
xchat:
- /ignore * CTCP DCC (Note: This also ignores CTCP ACTION from all users.)

Note: The irc.duck.i2p and irc.baffled.i2p IRC servers currently filter all CTCP and DCC commands except for ACTION and PING, with the +T usermode (on by default). However, this should not be relied upon for two reasons:

These filters can be bypassed by the administrators
They might not work on other I2P IRC networks.

Hostname

Many UNIX IRC clients (including irssi) send the computer's hostname to the IRC server while connecting.

Supplying a bogus hostname:

Irssi: /set hostname hidden.i2p (Sets your hostname to hidden.i2p)
XChat >= 2.6.x: The hostname is not sent

XChat < 2.6.x: The value can only be changed by hacking the source and changing the USER command sent to the server in src/common/proto-irc.c and recompiling. Example:

--- proto-irc.c 2004-10-26 04:17:09.000000000 +0000
+++ proto-irc_hacked.c  2005-03-05 17:11:37.140000000 +0000
@@ -61,7 +61,7 @@
        tcp_sendf (serv,
                                  "NICK %s\r\n"
                                  "USER %s %s %s :%s\r\n",
-                                 serv->nick, user, hostname, serv->servername, realname);
+                                 serv->nick, user, "myhost", serv->servername, realname);
 }

 static void

Irrelevant: mIRC, ViRC

Notes

Since this is a Wiki, you can edit this page yourself; contributions are welcome. See WikiContribution in case you're interested.

CategoryI2p