Eggheads: RE: Strange questions from a N00B
Will Buckner
wcc at techmonkeys.org
Mon Aug 28 13:48:54 CDT 2006
Derek Kuliński wrote:
> Hello Will,
>
> Monday, August 28, 2006, 10:18:11 AM, you wrote:
>
>> I think he's using Eggdrop to control the SDBot kind of stuff, not for the
>> actual attacking. But, yes, this kind of stuff does hurt Eggdrop. The only
>> reason that I did not say all of this myself earlier is because it is an
>> academic thing, and I don't think any harm is meant.
>
> As far as I know SDBot is fine by itself it doesn't need to be
> controlled by an Eggdrop. It can connect to IRC by itself.
>
Ah, I don't know anything about SDBot... I guess you are right then.
> As for academic thing... He might know that Eggdrop is not abuse tool,
> since we wrote that. But what about other people that will read his
> paper?
>
True. You are right.
>> If you are going to use Eggdrop for this, please do the community a favor by
>> not releasing your scripts. Derek is right though; there are probably much
>> much better suited tools for this purpose. Using a tool specifically designed
>> for DDoS / etc. would probably bring a lot more academic value to your paper
>> anyway, as it would show how the flooders are really doing things.
>
> As I think of it. Actually it's really hard to use Eggdrop as a
> malicious tool with intent to infect windows computer.
>
> The reasons are as folows:
> - it's quite big
> - requires cygwin1.dll to run
> - requires tcl library
> - in default windrop distribution it all modules comes as .dll
> libraries (although you can compile it yourself and merge tcl and
> modules into one binary file, you still will need separate
> cygwin1.dll)
> - last time I used windrop, it was leaving DOS window open while it's
> run (I belive that was because fork() most likely doesn't work on
> windows, so it cannot go into a background without rewriting code
> responsible for that.)
>
> So as you can see, it's not really convenient for that use on Windows
> computers.
>
> Perhaps Jeeves meant this:
> http://vil.nai.com/vil/content/v_100354.htm
>
> But this program has nothing common with our Eggdrop except it's name.
>
Are you sure that these antivirus packages aren't just incorrectly labeling
Eggdrop as a virus?
Will
More information about the Eggheads
mailing list