个人工具
登录
查看“UbuntuHelp:FixDCCExploit”的源代码 - Ubuntu中文
UbuntuHelp
讨论
查看源代码
历史
搜索
导航
首页
最近更改
随机页面
页面分类
帮助
编辑
编辑指南
沙盒
新闻动态
字词处理
工具
链入页面
相关更改
特殊页面
页面信息
查看“UbuntuHelp:FixDCCExploit”的源代码
来自Ubuntu中文
←
UbuntuHelp:FixDCCExploit
跳转至:
导航
,
搜索
因为以下原因,你没有权限编辑本页:
您所请求的操作仅限于该用户组的用户使用:
用户
您可以查看与复制此页面的源代码。
{{From|https://help.ubuntu.com/community/FixDCCExploit}} {{Languages|UbuntuHelp:FixDCCExploit}} == Introduction == There are two options for fixing this issue: either '''Update Firmware''' or '''Change Port'''. Then proceed to '''How to Rejoin''' in order to be allowed back into the Ubuntu channel. == Update Firmware == Most router manufacturers have provided an updated firmware for their router that fix this particular exploit. Please check with their website for upgrades and installation instructions. == Change Port == The easiest way to work around this issue is to change the port through which you connect to freenode (or other IRC networks). Most clients automatically connect to port 6667 when using an IRC server, but freenode also offers the ability to connect to port 8001. This will prevent this particular exploit from affecting you. Remember that you will have to '''close and reopen your IRC client''' for the changes to take effect (or otherwise make sure that the new connection settings are applied on reconnection). '''XChat''' users can change this by going to XChat -> Network List, selecting Ubuntu Servers, clicking Edit, and change <code><nowiki>irc.ubuntu.com</nowiki></code> to <code><nowiki>irc.ubuntu.com/8001</nowiki></code>. You may also need to change the ''Freenode'' server in the same way from <code><nowiki>irc.freenode.net</nowiki></code> to <code><nowiki>irc.freenode.net/8001</nowiki></code>. '''[[UbuntuHelp:XChat-GNOME|XChat-GNOME]]''' users can change this by going to Edit -> Preferences. Then select ''Networks'' on the side. Double-click on ''Ubuntu Servers'' on the right, click the servers tab, and then change <code><nowiki>irc.ubuntu.com</nowiki></code> to <code><nowiki>irc.ubuntu.com/8001</nowiki></code>. You may also need to change the ''Freenode'' server in the same way from <code><nowiki>irc.freenode.net</nowiki></code> to <code><nowiki>irc.freenode.net/8001</nowiki></code>. Remember to press enter before you click ''Close'' or your changes will not be saved. '''Konversation''' users can go to File -> Server list -> Edit, click on the server name (e.g. irc.ubuntu.com), click on Edit, and change the port from 6667 to 8001. '''Pidgin''' users can go to Tools -> Accounts, choose your chat.freenode.net account, -> Modify -> Show more options, and change the port from 6667 to 8001, -> Save. '''Irssi''' users can type <code><nowiki>/connect irc.freenode.net 8001</nowiki></code> every time they connect or, as a long term solution modify the port with commands <code><nowiki>/server add -network Freenode -port 8001 irc.freenode.net</nowiki></code> (to modify the settings) and <code><nowiki>/save</nowiki></code> (to make them permanent). '''weechat''' users should edit ''~/.weechat/weechat.rc'' (<code><nowiki>nano ~/.weechat.weechat.rc</nowiki></code>), and, in the <code><nowiki>[server]</nowiki></code> section, change <code><nowiki>server_port = 6667</nowiki></code> to <code><nowiki>server_port = 8001</nowiki></code> and save the changes. '''Chatzilla''' connection settings cannot be edited in a straightforward way in the GUI. When making a new connection, the port can be chosen by connecting with command <code><nowiki>/server irc.freenode.net 8001</nowiki></code> or by connecting to irc://irc.freenode.net:8001 '''Colloquy''' can be configured to connect to port 8001 by expanding the dialog to create a new connection to show details, changing the Chat Server Port from 6667 to 8001 and ticking the "Remember this connection" checkbox. The procedure for other IRC clients is similar, but the syntax is slightly different. Most other IRC clients use <code><nowiki>chat.freenode.net:8001</nowiki></code> to specify port 8001. == How to Rejoin == /!\ Upon fixing this issue you will '''NOT''' automatically be allowed to rejoin <code><nowiki>#ubuntu</nowiki></code> if you have been temporarily forwarded to #ubuntu-read-topic. You must type "'''test me'''" (without the quotes) in that channel. If you are no longer affected by the exploit then you will be allowed back into <code><nowiki>#ubuntu</nowiki></code> in a short time. If the automatic test fails, join #ubuntu-ops and, there, ask to be tested by operators. === Why you can't auto rejoin === This action is an attempt to make it less attractive for anyone to do the exploit, when it first happened there were lots of disconnections. Now it is usually less than 10 at a time. == Background == On IRC there are a small group of abusive users that find it funny to send invalid DCC commands causing certain vulnerable users to disconnect. This causes a somewhat large spamming of disconnect and reconnect messages and is generally disruptive to the chat room. If you have been sent here you are most likely vulnerable to this particular attack. You will find instructions on how to fix this issue to follow. The issue is due to a bug in certain routers. However, even when the router itself cannot be fixed, (which is, unfortunately, often the case) a workaround is available. == See Also == * Broken NAT firmware: * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1067 * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1068 * Over-zealous anti-malware: * http://www.hm2k.com/articles/startkeylogger == Cleanup Details == It was brought to the attention during a conflict resolution that this page may be a bit confusing for new users. Due to this, it would be great if someone could rethink the page, make it much cleaner and much easier to read for everyone. Screenshots never hurt! ---- [[category:CategoryCleanup]] [[category:UbuntuHelp]]
该页面使用的模板:
模板:From
(
查看源代码
)
模板:Languages
(
查看源代码
)(受保护)
模板:Languages/Lang
(
查看源代码
)(受保护)
返回至
UbuntuHelp:FixDCCExploit
。