Announcement

Collapse
No announcement yet.

Encrypted Chat

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Shatter
    replied
    Originally posted by Chris
    Another drawback is that 3/4 of the people in there couldn't spell encryption...let alone use it.

    Most think that d00d/leet/hax0r-speak is crypto.

    Leave a comment:


  • Chris
    replied
    Originally posted by TwinVega
    This might be a good thing to try out on #dc-forums...the drawback would be that a good percentage of the people don't use mIRC and some of their clients wouldn't work, but something to the equivilent might be good.
    Another drawback is that 3/4 of the people in there couldn't spell encryption...let alone use it.

    Leave a comment:


  • TwinVega
    replied
    Originally posted by Shatter
    Justabill and I have played around with a PGP irc client that plugs into mirc. It works REALLY damn good with Private keys for personal chat as well as channel keys. When you launch, you enter your master phrase than then you're live with the channel.

    Key updates, exchanges and such are all done with crypto. If you arn't key'd, you get a ton of garbage onscreen (yes, I know, hard to distinguish between that and normal Irc speak). Channel topics can also be crypto'd as well.

    I think if you google for PGP mirc you'll find the module. Just need to get some compatable plug ins for other clients and OS's.
    This might be a good thing to try out on #dc-forums...the drawback would be that a good percentage of the people don't use mIRC and some of their clients wouldn't work, but something to the equivilent might be good.

    Leave a comment:


  • Shatter
    replied
    Irc

    Justabill and I have played around with a PGP irc client that plugs into mirc. It works REALLY damn good with Private keys for personal chat as well as channel keys. When you launch, you enter your master phrase than then you're live with the channel.

    Key updates, exchanges and such are all done with crypto. If you arn't key'd, you get a ton of garbage onscreen (yes, I know, hard to distinguish between that and normal Irc speak). Channel topics can also be crypto'd as well.

    I think if you google for PGP mirc you'll find the module. Just need to get some compatable plug ins for other clients and OS's.

    Leave a comment:


  • Astral
    replied
    fixed link and new secureIM with encryption is uploaded.

    Leave a comment:


  • blackwave
    replied
    just an FYI Astral,
    http://people.txucom.net/richie/progs/mysniffer.zip is currently offline.

    thanks for the update and info :)

    Leave a comment:


  • Astral
    replied
    Well after reviewing some hit stats that returned me to this page, i went ahead and signed up. Im the owner of leetgeek.net and i have a secure tool for chatting/IM. It works through randomizing ICMP packets, but after reading some of the requests on this forum, i will be adding a new version by tomarrow that will have 128Bit blowfish encryption to the data inside of the random ICMP packets. This type of communication looks very normal and is not very suspicious to network admins. Just normal ICMP data right?? Plus its almost ALWAYS allowed outside of firewalls to outbound, but the problem is heading internal. Some of the packets used may be blocked. Im currently working on an option to resolve this. Let me know what you think about the new one, any options i should add, and about my other work, especially my new ARP MitM tool. just like a graphical ettercap minus host ident, and connection killing. Also sniffs port based and not just general traffic, so if you select a victom and a router, you will not get anything because no actuall connection is made, just data is being forwarded. But new versions will be avail soon to fix this.
    Thanks
    -Astral

    Leave a comment:


  • blackwave
    replied
    [secure im apps]
    http://www.vonnieda.org/SecureIM/
    http://sourceforge.net/projects/drmsecureim/
    http://people.txucom.net/richie/programs.html

    Trillian Instant Messenger Software (attacks)
    http://dshield.org/pipermail/list/20...ber/006055.php

    Leave a comment:


  • darknecron
    replied
    thanks for the info. Im now useing trillian with the encrypted tunnel. I sniffed the chat with ethral (sp?) and when it connected it sent a 4 digit code to the other person and he sent one to me back automaticly. Is this the encryption key?

    Leave a comment:


  • blackwave
    replied
    Originally posted by audit
    Secure Tunneling SSH by Anonymizer

    http://www.anonymizer.com/software_contacts.shtml

    audit
    certainly my favorite anonymizer bundle, although does not offer end to end encryption... once it hits the irc server it is in the clear.

    Leave a comment:


  • audit
    replied
    Secure Tunneling SSH by Anonymizer

    http://www.anonymizer.com/software_contacts.shtml

    audit

    Leave a comment:


  • kallahar
    replied
    Blackwave's right, most people are concerned with their company sniffing their traffic. Personally I have an SSH2 connection to my web host (dreamhost.com, using SecureCRT) and then I have mapped ports. So my IRC connection is encrypted between my desk and my host, but from there out is plaintext. Similarly my Jabber (AIM/ICQ/Yahoo) connection goes out encrypted. I also set up a Squid proxy there so if I want to browse ... questionable ... sites I can do that over an encrypted link as well.

    If the government wants to sniff me then it's pretty trivial, they can just tap my host, but I'm more concerned with my employer doing it and firing me for doing things like posting this comment.

    Leave a comment:


  • Chris
    replied
    Surely you jest! If an application developer says it is secure then it must indeed be secure!

    This goes hand in hand with my hard and fast theory. If it is stated on the internet; it must be fact.

    Leave a comment:


  • blackwave
    replied
    it takes at least two to encrypt - so both clients must support whatever encryption at the same time... as to "truly secure" that may be another thing... most of the time people just want to be able to chat without being sniffed by the local MIS/IT dept which will work most of the time if it isn't already blocked.

    There are a few more IM chat packages out there that use encryption, but they require the server piece as well as the clients to use it... you can also find encrypted/obfuscated IRC programs/plugins... it all really depends on what you want to do and whom you wish to talk to... if you are really paranoid chances are you will be sniffed far before you even get to use the client, even then it is a great chance that the implementation is flawed in the client in one way or another... ah, now that is just depressing.

    Leave a comment:


  • darknecron
    replied
    Ive had trillian for quite a while. I have the encrypted tunnel turned on too but I don't know if its truly secure. Would you recomend me just useing that?

    Leave a comment:

Working...
X