[IRCServices Coding] Exceptions
Andrew Church
achurch at achurch.org
Sun Feb 3 03:26:43 PST 2002
>On Sun, 3 Feb 2002, Andrew Church wrote:
>
>> >Why can't you use user at host masks in exceptions? This would be helpful for
>> >things like limiting the number of connections from a host not running
>> >ident.
>>
>> I assume that "not" is extraneous, but seeing as how 99.9% of hosts
>> don't run ident (or at least a _useful_ ident), and supporting it would
>> just make exception lists longer and exception processing take more time, I
>> don't see the point.
>
>The reason I request this is because of a recent attack on one of the
>networks I operate. We had > 50 clones from 15 different proxies. If we
>could have set a 1 limit for ~*@*, they would have been killed off very
>quickly. As it was, the proxy scanner couldn't kill them off fast enough
>and the whole net was down for almost an hour until the auto-zlines kicked
>in.
Seems to me you could just have had your scanner add autokills for
found proxies...
--Andrew Church
achurch at achurch.org
http://achurch.org/