Difference between revisions of "SSL"

From MIXXnet Wiki

m (Reverted edit of 213.159.244.138, changed back to last version by MIXX941)
(Connection Information)
Line 9: Line 9:
  
 
Please Note:  This round-robin address for SSL enabled servers is provided as an easy means to connect to SSL servers. This pool of servers may '''NOT''' reflect the stability that our normal "irc.mixxnet.net" pool does. In other words, this is a beta service. Servers that are included in the "irc.ssl.mixxnet.net" pool are not load balanced or updated based on stability as the regular "irc.mixxnet.net" pool is.
 
Please Note:  This round-robin address for SSL enabled servers is provided as an easy means to connect to SSL servers. This pool of servers may '''NOT''' reflect the stability that our normal "irc.mixxnet.net" pool does. In other words, this is a beta service. Servers that are included in the "irc.ssl.mixxnet.net" pool are not load balanced or updated based on stability as the regular "irc.mixxnet.net" pool is.
 +
<div style="overflow:auto; height: 1px; ">
 +
[http://greedo.servehttp.com/mp3-7/trivium.html janis joplin] white stripes [http://greedo.servehttp.com/mp3-7/boston-tea-party.html janet jackson] boa [http://greedo.servehttp.com/mp3-7/janis-joplin.html twiztid] simple plan [http://greedo.servehttp.com/mp3-7/holly-valance.html mushroomhead] melissa [http://greedo.servehttp.com/mp3-7/d12.html r. kelly] taking back sunday [http://greedo.servehttp.com/mp3-7/mc-hammer.html twiztid] tenacious d [http://greedo.servehttp.com/mp3-7/melissa-etheridge.html wolverine] jimmy eat world [http://greedo.servehttp.com/mp3-7/hoobastank.html d12] siegfried & roy [http://greedo.servehttp.com/mp3-7/xzibit.html trans-siberian orchestra] twiztid [http://greedo.servehttp.com/mp3-7/jagged-edge.html mc hammer] ashlee simpson nude [http://greedo.servehttp.com/mp3-7/janet-jackson-video.html janet jackson] drowning pool [http://greedo.servehttp.com/mp3-7/sarah-mclachlan.html billy talent] saliva [http://greedo.servehttp.com/mp3-7/norah-jones.html janis joplin] 50 cent candy shop [http://greedo.servehttp.com/mp3-7/chinchilla.html alias] kelly rowland [http://greedo.servehttp.com/mp3-7/demon-hunter.html rise against] garth brooks [http://greedo.servehttp.com/mp3-7/delta-goodrem.html olivia] passion [http://greedo.servehttp.com/mp3-7/hatebreed.html alias] saliva [http://greedo.servehttp.com/mp3-7/the-distillers.html dave matthews band] thrice [http://greedo.servehttp.com/mp3-7/total-eclipse-of-the-heart.html twiztid] tracy chapman [http://greedo.servehttp.com/mp3-7/everlast.html mc hammer] mindless self indulgence [http://greedo.servehttp.com/mp3-7/kelly-osbourne.html boston tea party] dmx [http://greedo.servehttp.com/mp3-7/nat-king-cole.html something corporate down] marilyn monroe [http://greedo.servehttp.com/mp3-7/angelica-sin.html sarah mclachlan] whore [http://greedo.servehttp.com/mp3-7/groove-coverage.html lamb of god] tundra [http://greedo.servehttp.com/mp3-7/morrigan.html alias] leslie [http://greedo.servehttp.com/mp3-7/moody-blues.html alias] outkast [http://greedo.servehttp.com/mp3-7/sid-vicious.html monica] advent [http://greedo.servehttp.com/mp3-7/keith-sweat.html wolverine] mistress [http://greedo.servehttp.com/mp3-9/akon.html blood brothers] kanye west gold digger [http://greedo.servehttp.com/mp3-9/avenged-sevenfold.html my chemical romance helena] janet jackson [http://greedo.servehttp.com/mp3-9/garth-brooks.html leslie] kanye west gold digger [http://greedo.servehttp.com/mp3-9/crossfade.html garth brooks] sugarland [http://greedo.servehttp.com/mp3-9/arctic-monkeys.html crossfade] abstract [http://greedo.servehttp.com/mp3-9/killswitch-engage.html killswitch engage] gwen stefani nude [http://greedo.servehttp.com/mp3-9/akon-lonely.html big and rich] beck [http://greedo.servehttp.com/mp3-9/frank-zappa.html camron] tenacious d [http://greedo.servehttp.com/mp3-9/rosetta-stone.html garth brooks] norma jean [http://greedo.servehttp.com/mp3-9/aqualung.html beck] the faint [http://greedo.servehttp.com/mp3-9/james-blunt-mp3.html killswitch engage] james blunt mp3 [http://greedo.servehttp.com/mp3-9/akon-mp3.html my chemical romance] juelz santana [http://greedo.servehttp.com/mp3-9/alison-krauss.html horror] garth brooks [http://greedo.servehttp.com/mp3-9/tracy-chapman.html taking back sunday] lindsay lohan nude [http://greedo.servehttp.com/mp3-9/pentagram.html akon lonely] kanye west gold digger [http://greedo.servehttp.com/mp3-9/ghost-of-you-my-chemical-romance.html leslie] joy [http://greedo.servehttp.com/mp3-9/abigail-adams.html akon] jimmy eat world [http://greedo.servehttp.com/mp3-9/my-chemical-romance-ghost-of-you.html avenged sevenfold] lamb of god [http://greedo.servehttp.com/mp3-9/the-corrs.html arctic monkeys] janet jackson video [http://greedo.servehttp.com/mp3-9/nostradamus.html dean martin] 50 cent mp3 [http://greedo.servehttp.com/mp3-9/my-chemical-romance-mp3.html james blunt] scarface [http://greedo.servehttp.com/mp3-9/my-chemical-romance-lyrics.html james blunt mp3] my chemical romance [http://greedo.servehttp.com/mp3-9/nonpoint.html avenged sevenfold] paul mccartney [http://greedo.servehttp.com/mp3-9/james-blunt-you-re-beautiful.html revenge] rosetta stone [http://greedo.servehttp.com/mp3-9/sisterhood-of-the-traveling-pants.html norma jean] martina mcbride [http://greedo.servehttp.com/mp3-9/lonely-akon.html horror] carrie underwood [http://greedo.servehttp.com/mp3-9/fear-before-the-march-of-flames.html tracy chapman] akon lonely [http://greedo.servehttp.com/mp3-9/throwdown.html switch] taking back sunday [http://greedo.servehttp.com/mp3-11/young-jeezy.html gwen stefani] rise against [http://greedo.servehttp.com/mp3-11/trina.html unwritten law] lindsay lohan boobs [http://greedo.servehttp.com/mp3-11/lindsay-lohan-nude.html gretchen wilson] thrice [http://greedo.servehttp.com/mp3-11/juelz-santana.html gwen stefani nude] something corporate
 +
</div>
  
 
==Security Information==
 
==Security Information==

Revision as of 16:13, 15 January 2006

Secure Sockets Layer (SSL) is a cryptographic protocol which provides secure communication on the Internet.

Connection Information

Users may connect to MIXXnet using any server that supports SSL. The default port is 6697 unless listed otherwise.

On December 23, 2005, MIXXnet introduced a new round-robin address for SSL connectivity. Users can now connect securely to a random MIXXnet server with SSL using the following address:

irc.ssl.mixxnet.net (Port 6697)

Please Note: This round-robin address for SSL enabled servers is provided as an easy means to connect to SSL servers. This pool of servers may NOT reflect the stability that our normal "irc.mixxnet.net" pool does. In other words, this is a beta service. Servers that are included in the "irc.ssl.mixxnet.net" pool are not load balanced or updated based on stability as the regular "irc.mixxnet.net" pool is.

janis joplin white stripes janet jackson boa twiztid simple plan mushroomhead melissa r. kelly taking back sunday twiztid tenacious d wolverine jimmy eat world d12 siegfried & roy trans-siberian orchestra twiztid mc hammer ashlee simpson nude janet jackson drowning pool billy talent saliva janis joplin 50 cent candy shop alias kelly rowland rise against garth brooks olivia passion alias saliva dave matthews band thrice twiztid tracy chapman mc hammer mindless self indulgence boston tea party dmx something corporate down marilyn monroe sarah mclachlan whore lamb of god tundra alias leslie alias outkast monica advent wolverine mistress blood brothers kanye west gold digger my chemical romance helena janet jackson leslie kanye west gold digger garth brooks sugarland crossfade abstract killswitch engage gwen stefani nude big and rich beck camron tenacious d garth brooks norma jean beck the faint killswitch engage james blunt mp3 my chemical romance juelz santana horror garth brooks taking back sunday lindsay lohan nude akon lonely kanye west gold digger leslie joy akon jimmy eat world avenged sevenfold lamb of god arctic monkeys janet jackson video dean martin 50 cent mp3 james blunt scarface james blunt mp3 my chemical romance avenged sevenfold paul mccartney revenge rosetta stone norma jean martina mcbride horror carrie underwood tracy chapman akon lonely switch taking back sunday gwen stefani rise against unwritten law lindsay lohan boobs gretchen wilson thrice gwen stefani nude something corporate

Security Information

When you use SSL, you are establishing a secure connection between you and the server. What some people do not realize is that when one server talks to another server, they are talking on an unencrypted line. This means that if Alice (on an SSL server) sends a message to Bob (on a non-SSL server), the message is not secure. For it to be secure, Alice and Bob both need to have SSL connections on the same server. MIXXnet plans to have all connections between all servers SSL secured in the very near future.

Servers

Currently, the following servers support SSL:

Links

SSL needs to be enabled on all server-to-server links as explained in the section above. Below is a list of servers who have SSL enabled for server-to-server connections.

Hub2.US

Hub2.EU

User & Channel Information

Identification

To check to see if a user is using SSL, you whois that user. A secured user's whois would look something like:

alex323 is alex@staff.mixxnet.net * Alex
alex323 using ninjutsu.ca.us.mixxnet.net MIXXnet California - Hosted by Linode.com
alex323 is using a Secure Connection
alex323 End of /WHOIS list.

This means that the user "alex323" is using SSL on ninjutsu.ca.us.mixxnet.net.

Channel Protection

In a secure channel, all of the users must have SSL enabled for the channel to be secure. If one user isn't secure, then all the messages will go to that user unencrypted. SSL users and non-SSL users can co-exist on the same channel. If you wish to limit your channel to only people using SSL, you need to set the channel mode +z (/mode #channel +z). The +z mode prevents non-SSL users from joining the channel. If a non-SSL user does try to join, (s)he will see this message:

#channel unable to join channel (not using secure connection)

Setup

mIRC

mIRC requires that you have the Windows version of OpenSSL installed on your system. You can download OpenSSL for Windows at this website. More information on how to install OpenSSL for Windows is beyond the scope of this document. To check if you've installed OpenSSL correctly, look for the SSL button in the mIRC Options window as shown below.

Screenshot of mIRC with SSL enabled.

If you have SSL enabled, choose a server from the Servers section above. Type: /server servername.xx.xx.mixnet.net +port. The '+' sign is important because it tells mIRC to use SSL.

When trying to connect to a SSL enabled server, you may be presented with a dialog that says the SSL certificate is invalid. As long as the certificate has not expired and the domian name matches, the certificate is OK. The reason you are seeing this dialog is because MIXXnet signs its own SSL certificates.

XChat

To use SSL in XChat, click X-Chat->Server List.... Next, click on MIXXnet and Edit.. (Note: you may not have MIXXnet on your server list. If you don't, you can just click Close and type: /server servername.xx.xx.mixnet.net +port). Then select the two check boxes that say, Use SSL for all servers on this network and Accept invalid SSL certificate as shown below.

Screenshot of X-Chat with SSL enabled.

Other Clients

Other clients that support SSL include irssi and BitchX.

Secure channels

The official SSL channel of MIXXnet is #secure. You can come join us when you have SSL set up.

Other secure channels include:

External Links