[Gllug] Securing IRC ICQ etc.

[Jim Bailey]

Hi all,

since rebuilding our firewall we have stopped IRC/ICQ traffic across it 
however a number of our users have requested the restoration of the 
service.

According to O'reilly's Building Internet Firewalls:

Summary of Recommendations for IRC

"Although it is theoretically possible to proxy IRC or to allow just IRC 
through filters, it is probably not a good idea because of the weakness of 
the clients.  The best way to allow IRC is to put an untrusted victim 
machine with no confidential data on a perimeter network and let users log 
onto that machine to run IRC.

It says something very similar for ICQ.

The questions I would like to ask the esteemed ladies and gentlemen of the 
list are:

1) Can any of you recommend good resources for getting more detailed 
information on carrying out the above and general ICQ/IRC security.  I 
have a P75 with 48MB of ram on which I intend to run a copy of Debian or 
OpenBSD and harden it to the best of my ability, before installing 
whatever software is necessary for ICQ/IRC.

2) Does anyone know of IRC/ICQ clients that have some sort of improved 
security.

Thanks Jim

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug