Posted: Fri Oct 10, 2003 1:34 pm
users machines generally don't get hacked because they IRC. probably >95% of the hacked machines on EFnet are on computers that were never on IRC before the drones were installed.
they get hacked by mass scanning tools, and often the same machine will be hacked 2-5 times by different groups. most of the time the drones are used for xdcc bots, but thats not always the case. anyone with a little bit of time and a scanner can get 100 drones by picking a couple of random cable/dsl netblocks. 100*1.5Mbit will take out most any user on EFnet (or server, for that matter). add to this the fact that many of them do spoofed syn/icmp attacks, and it can be quite difficult to block them without upstream cooperation.
they get hacked by mass scanning tools, and often the same machine will be hacked 2-5 times by different groups. most of the time the drones are used for xdcc bots, but thats not always the case. anyone with a little bit of time and a scanner can get 100 drones by picking a couple of random cable/dsl netblocks. 100*1.5Mbit will take out most any user on EFnet (or server, for that matter). add to this the fact that many of them do spoofed syn/icmp attacks, and it can be quite difficult to block them without upstream cooperation.