The MIRC Workshop
Tutorials, Scripts and Help Files for mIRC

  IRC Warfare  

Nukes and Newking Attacks

Nukes (aka Newks if you are Kewl d00dz) are attacks that are not generally IRC specific. In other words you can be nuked outside of IRC as easily as you can in it. The 'Click' Nuke is an exception since it works by convincing an IRC server that it has lost contact with the target client, or vice versa.

These are the most technical attacks apart from hacking and cracking. However any moron can download a dozen programs that send nukes, so although the attack may be more advanced its probably the same stoopid d00d using it as started out with lame floods and non-tech abuse.

In fact one of the greatest bits of poetic justice on the net was when lots of IRC warriors and 'kewl d00dz' downloaded a nuke program called 'ICQ Killer' which worked effectively but also installed a trojan on the users machine whenever it was used to attack.

A nasty little few lines of code in a nuke program turn it into a nifty little server for backdoor entry to the user's system, as it sends the ip and connection details to its scriptor the moment its used. The Kewl d00dz were caught Kold by that one.

There are basically two types of nukes. The first type exploits bugs in windows and 'blue screens' the victim. When windows crashes users usually see the dreaded blue screen that warns them that windows has suffered a 'fatal exception' instead of just saying "whoops, Billy's boys left another hole in this!".

The cure for exploit nukes of this first category is to install the bug fixes for windows or whatever software is being exploited. The ease of 'patching' the system varies a little, but applying the patches is a must!

If you are a mIRC user then you are a windows user. MIRC is not and has no plans to be available for any other O/S. Therefore your main source of fixes and patches is MicroSoft itself. It is vital that you ensure you are patched and protected as much as possible.

A real hero of the internet for IRC users is Puppet who provides a patching guide and security tips, along with two useful little programs. Nukenabber is a nifty way of catching the attempts of some idiots who try to nuke you. It doesnt block the nukes, you need the patches, but it does provide a log you can use as the basis of a complaint to the nukers ISP company to have their account suspended or closed.

The Second type exploit weaknesses that are not bugs. There are certain things that are like fail-safes in the protocols and the second type of nukes generally act on those. These can't be blocked by anything except a top-notch firewall, and generally that will need to be a hardware firewall rather than the software kind.

Software firewalls are useful to a degree, especially against the kewl d00dz, but won't stop a determined cracker if he has any real skill. Still, that means that it will help against 99% of IRC warriors doesn't it.

The best software firewall for me is Conseal from Signal9 since it is quite effective, available for free trial (30 days) and is highly configurable. However, I have to say that there is now a free alternative that is better for most users. The ZoneAlarm free personal protection software is a piece of cake to use. There are no deeply technical settings to confuse. There is protection from trojans connecting out, as well as from outside programs connecting in. It even keeps a wary eye on your mail. All for free and in my own exhaustive tests it is just as strong and effective as the Conseal firewall. Give ZoneAlarm a try and you'll be delighted that you did.

There is also a special FREE firewall availabe as a mIRC script in the downloads area. However, it only works once you are connected to a chat server while most firewalls also protect your browser and e-mail since they monitor ALL remote traffic on your dial-up connection.

There is nothing too clever about nuking. Even writing the nuke apps isn't too bright now, since most are just copies and adaptations of the source code of the other nuker apps around. The only clever part was the guys who discovered the loopholes and weaknesses that the nukes exploit.

Those guys were the hackers, they explored the protocols and systems and found the weak-points. Next, the crackers exploited the bugs and weaknesses to hell until MS fixed its bugs due to the sheer weight of customer complaints. Also, servers started to install flood preventions and other similar notions and as a result security improved.

The final part in the saga is the 'Kewl d00dz' who are the lame-brained morons still trying to use OOB (Out Of Bounds) Nukes despite the fact that most users are immune, and all they are likely to acheive is to give their intended victim a nice log file of attempted illegal connections. Wow that is Kewl isn't it!

Not all IRC Warriors are stupid kids - its a generalization not a law of the Universe. However 95% plus of the trouble makers are barely computer literate and learned all they know 'parrot-fashion' i.e. they repeat what they were shown without any actual understanding of the protocols and principles involved.

The other 3-5% are still not hackers. 1 or 2% are Crackers, they know how to use a variety of tools and apps to get into systems. See the Hacking Page for more information on hackers and crackers.

  Nukes and Nuking are not IRC  

Nukes and nuking are not a part of IRC. The nukes dont connect through the IRC servers. Don't complain to the ops and sysops (IRCops) about nukes or nukers. Its simply outside the jurisdiction of the server staff or ops and since it doesn't go through the servers they have no logs or records to support your claims.

Report all nuke attacks with time-stamped logs and details if available to the ISP of the person who attacked you. The ISP can be found in their hostmask quite often.

Example: You get an item on your firewall or nukenabber that reveals an attack. It will give you the ip of the originator of that attack. In mIRC type:
/dns
e.g. /dns 123.456.54.321
This should give you a named host for the ip, the last part of which is the ISP. The results of a dns lookup are usually displayed in the status window.

If a dns will not resolve then it may be that its come through a bouncer or a shell account. You'll need to trace the route tho get the last resolvable hop, closest to the one you cant resolve.

The DOS command tracert is quite adequate for this purpose, but there are plenty of free windows based tracer programs too. Try Cyberkit for instance which provides a whole range of tools such as ping, traceroute and a dns lookup.

If you were hoping to find hacking or nuking tools and trojan programs here, I'm sorry that you have been disappointed. However, this needn't be a waste of your time because what I can do is show you a genuine way to make money online - which is a far better use of your bandwidth than nuking and irc warfare anyway.

These sites will actually pay you to write your opinions. You can write about anything from software to cities, bars to relationships, and they really do pay you. You can even write about IRC and review client software if you like. Not only do you get to earn money, but its actually fun to do as well.

Epinions.com is the one if you are a resident or citizen of the USA (they don't yet have a method to pay other nationalities), while DooYoo is the one for all us Europeans etc. These are both totally genuine. There is no stupid banner server to download. There is no maximum earnings limit. I personally write opinions in both programs, such as this review on the schemes that make you money online.