Sometimes, when idling on IRC, you may receive a DCC (file transfer) request that looks like this, with no address nor port:
-!- DCC SEND from jrandom [0.0.0.0 port 0]: startkeylogger [0 bytes] requested in channel #freenode
Or, occassionally, a half-assed attempt at one:
<jrandom> ?�DCC SEND STARTKEYLOGGER 0 0 0
Sometimes bots spam these requests across entire channels, to affect as many people as possible. They do so because this command triggers two exploits, both of which can temporarily disconnect you from IRC:
This attempts to abuse an overzealous firewall in Norton Internet Security.
Back in 2003, the Spybot worm used startkeylogger as the command to start the keylogger on the victim's machine. If you were using Norton Internet Security, and you received this word over IRC, Norton's firewall would helpfully terminate the IRC connection, even if you weren't actually infected with Spybot.
This misfeature has been fixed in newer releases of Norton Internet Security. If you are still affected, upgrade your firewall – or better yet, upgrade to a non-Norton product.
Some old Netgear and Linksys routers (Netgear 614/624, Linksys WRT54G) would crash when receiving a malformed DCC request. (The router firmware is trying to set up automatic port forwarding, to allow the DCC connection to happen.)
There appear to be two versions of this bug:
DCC SEND this-is-a-very-long-nameDCC SEND foo 0 0 0Both bugs have been reported in 2006, so the best workaround would be to upgrade your router to something from the current decade. Another 'fix' is to use a SSL connection when connecting to IRC (typically on port 6697). Some networks have alternate ports for plain connections as well.