*** Welcome to piglix ***

Internet Relay Chat flood


Flooding or scrolling on an IRC network is a method of disconnecting users from an IRC server (a form of Denial of Service), exhausting bandwidth which causes network latency ('lag'), or just annoying users. Floods can either be done by scripts (written for a given client) or by external programs.

The history of Internet Relay Chat flooding started as a method of taking over an IRC channel other then the original founders of the channel. The first attacks generally used a modified IRC client or an application to flood a channel or a user. Later they started to be based on bots and scripts. This later moved on to starting IRC based botnets which were capable of DDoS and IRC floods.

Connecting and disconnecting from a channel as fast as possible, therefore spamming the channel with dis/connect messages also called q/j flooding.

Since CTCP is implemented in almost every client, most users respond to CTCP requests. By sending too many requests, after a couple of answers they get disconnected from the IRC server. The most widely used type is CTCP PING, although most clients also implement other CTCP replies.

Initiating many DCC requests simultaneously. Theoretically it can also be used to disconnect users, because the target client sends information back about what port is intended to be used during the DCC session.

Typically referred to as a ping flood. This attack overloads the victim's internet connection with an amount of ICMP data exceeding the connection's capacity, potentially causing a disconnection from the IRC network. For the duration of the attack, the user's internet connection remains hindered. Technically speaking, this is not an IRC flood, as the attack itself doesn't traverse the IRC network at all, but operates entirely independent of anything but the raw internet connection and its IP protocol (of which ICMP is a subset). Even so, the actual IP address to flood (the address of the victim's connection) is frequently obtained by looking at the victim's user information (e.g. through the /whois or /dns command) on the IRC network.

Sending disruptive numbers of invites to a certain channel.

This is the simplest type of IRC flooding. It involves posting large numbers of posts or one very long post with repetitive text. This type of flood can be achieved, for example, by copying and pasting one short word repeatedly.


...
Wikipedia

...