IRC is an acronym for "Internet Relay Chat". IRC is a standard allowing users to communicate in real time, by passing simple text messages back and forth. The IRC client and server protocols are defined in RFC1459.
The largest chat systems on the Internet are based on the IRC protocol. Each consists of a network of servers, forming a "tree". The servers keep track of who is using the chat system at any given time, keep track of channels and deliver message to users or channels on request. IRC is currently text-based, but client extensions have added sound and even video capabilities.
A client is the program a user uses to access IRC. IRC clients are available for most, if not all, operating systems which can access the Internet.
Clients connect to servers using a single TCP connection, initiated by the client.
Due to the highly interactive nature of IRC, virtually all aspects of human nature manifest themselves online - people make friends and enemies, have fun and fight amongst themselves.
It is unfortunately rather common for arguements online to escalate until one or both parties (if they have the know-how) attempt to "attack" each other. Some people attack others without any provocation at all. Various methods are used:
Obviously, only attacks 2 and 3 can be considered entirely harmless, all others constitute security risks (6, 7, 8) or denial of service attacks for the client (1, 6, 7, 8) or the IRC network itself (1, 4, 5).
For these reasons, IRC is generally considered a security risk and is blocked at most firewalls. This is very unfortunate, as IRC can be a very useful, low bandwidth communication tool and has successfully been used for online meetings, lectures, parties, tech support and more.
Tircproxy attempts to address some of the above problems by giving the system administrator finer-grained control over how much access his users have to various IRC features and by protecting the users' privacy.
IRC clients use a special protocol, CTCP, which is implemented on top of IRC's basic messaging system to transfer "technical" information from client to client. DCC is a subset of CTCP, which allows clients to establish direct TCP connections, bypassing the IRC network itself. This is the only aspect of IRC communications requiring special attention from Tircproxy.
DCC is mostly used for private discussions (DCC CHAT) and exchanging files (DCC SEND). When user A wants to send user B a file, the clients perform the following steps:
Note that no verification of who actually connects to the listening data port is usually done, so "hijacking" a DCC connection is relatively trivial. It is also trivial to forge a DCC offer, tricking B into connecting to an arbitrary server/port on the internet.
Other DCC variants, such as DCC CHAT, DCC TSEND, DCC RESEND and more are implemented in basically the same way. The only exception is the DCC RESUME protocol, which incidentally also violates the IRC messaging protocol.
Tircproxy understands the messages involved in the above process, and rewrites them, blocks them or ignores them according to the policies defined by the administrator. It also implements a few features designed to decrease the risks discussed above.