I'm just trying to find out why this problem is still an issue with the latest firmware for my router, and whether there are any plans to fix it. The exploit itself is very old, probably over two years old. There is even a post on your forum about it from November 2006: http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&message.id=19280 The response brushes off the actual problem, which does exist and is NOT specific to mIRC. ***I can repro the bug on other clients as well: irssi, xchat, xircon. It is independent of the IRC client, and is wholly due to the router itself.*** When I swap my Linksys router with my older Actiontec router, the problem goes away. Unfortunately my Actiontec router has flawed wireless hardware, so I'd really like for this age-old bug in my linksys firmware to be corrected. Repro steps are as follows: Step 1. Connect to the internet with a Linksys WRT54G V5 or later. Use any IRC client to connect to an IRC network, such as irc.servercentral.net. From another IRC client, send the first client a private message, or post publically to a channel that client is on, the following string: "CHR(1)DCC SEND test 0 0 0" where CHR(1) is byte 1, usually represented as an "A" in reverse color, and usually insertable by hitting ctrl-a. Step 2. Watch your client suddenly disconnect, probably along with several other users if you posted it in a public channel. Notes: The linksys router appears to only suffer from this exploit if you are connect to the IRC server on remote port 6667. Knowing this, it would seem this is some kind of security 'feature' gone horribly wrong. IMPORTANT: Do not try to send this string to irc using the same router you're testing. This will cause the router to disconnect itself before sending anything to the actual IRC server. Implications: Any IRC user can disconnect you simply by messaging you, or everybody in a channel you are in, using the string described above. This is an extremely simple, extremely serious Denial-of-Service attack for the IRC protocol. Please forward this to the appropriate people at Linksys, I would at least like a response as to why this is a problem, and better still, any plans to fix it. I have been unable to get any help so far and will probably never buy Linksys again if this is the way things continue. Any suggestions to resolve this?
(Edited post for guideline compliance. Thanks!)
Message Edited by JOHNDOE_06 on 03-17-2008 08:55 AM
