1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Can downloads be tracked via Mirc?

Discussion in 'All other topics' started by KJM37, Jan 12, 2007.

  1. KJM37

    KJM37 Member

    Joined:
    Mar 24, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    11
    guy who lives downstairs just got a warning from ISP to stop downloading movies basically, he was using emule and direct connect which I know are traceable. While I know newsgroups are untraceable, is Mirc also? Or am I better off staying clear of it?
     
  2. Dunker

    Dunker Regular member

    Joined:
    May 8, 2006
    Messages:
    1,444
    Likes Received:
    0
    Trophy Points:
    46
    IRC (or, really, the FTP Fservs which are what you actually download from) aren't tracked at all, AFAIK, because they can use a variety of ports, and their traffic is indistinguishable from normal FTP.
     
  3. SadJoker

    SadJoker Regular member

    Joined:
    Oct 28, 2002
    Messages:
    441
    Likes Received:
    0
    Trophy Points:
    26
    Yes mIRC can be tracked. The MPAA/RIAA can get your IP by tracing connections made to the XDCC/Fserver you connected to. Since many XDCC/Fservers are hacked boxes anyway, its alot less likely to get caught but doesnt make it impossible.

    pssst, FTP traffic isnt indistinguishable : FTP traffic especially really unusually high amounts of FTP traffic tends to set off a red flag with your ISP. Since some ISP have a limit on how much you can download per month, their watching FTP,HTTP etc traffic
     
  4. Dunker

    Dunker Regular member

    Joined:
    May 8, 2006
    Messages:
    1,444
    Likes Received:
    0
    Trophy Points:
    46
    In theory anything can be tracked but the question is whether it's done or not. Relatively few people even know about IRC, let alone Fservs. And Fservs are indistinguishable from regular FTP traffic aside for (usually) using oddball port numbers. Tracking is done with automated IDS', not by people manually combing through every byte sent back and forth. Try building a Snort IDS box that can flag Fservs versus legitimate FTP: you can't. However, it's quite easy (and there are already pre-written rulesets available, some from snort.org or bleedingsnort) to flag various P2P applications.

    You're right about ISPs flagging people who use too much bandwidth, but that can happen with anything, and does not indicate the traffic types and contents. You can (and are more likely to be) flagged for overusing P2P or Usenet. Note that the latter is really the way to go though.
     
    Last edited: Jan 13, 2007
  5. SadJoker

    SadJoker Regular member

    Joined:
    Oct 28, 2002
    Messages:
    441
    Likes Received:
    0
    Trophy Points:
    26
    Dunker, you are right - anything can be traced given the right tools. I was just saying mIRC isnt impossible to trace , just more difficult. Im no expert on security,countermeasures etc, just know what I was taught in my networking class
     

Share This Page