[IRCServices] A discussion on the contents of the todo file
Yusuf Iskenderoglu
uhc0 at rz.uni-karlsruhe.de
Mon Mar 19 12:33:02 PST 2001
Hello;
On Mon, 19 Mar 2001, Imran Ali Rashid wrote:
> > As a rumor claims, DALnet once had a log channel for their proxy
> > scanners. It became a liability, as people would attempt to ride in on
> > netsplits. Those who managed to stay for awhile logged the proxies,
> > then made good use of them on servers that did not run the scanner (or
> > after attacking the scanner into oblivion).
>
> There are easy work arounds for this. If Services can send to the channel,
> it can control it, and hence prevent anyone being in it who isn't a services
> admin. And can prevent Services admins from joining without identifying and
> so on. I don't know how many ircds support +O but this could also be used
> to help against this kind of abuse.
>
Again, the log channel event is also something I've implemented, and I am
quite sure, that it's content, would not be easily seen by normal users.
Another of my personal modifications to Bahamut include the implementation
of IRCnet's cmode +a and +q, respectively anonymous and quiet channels.
They limited the usage of these on server owned channels, in order to
eliminate the need of tons of user modes for different kinds of notices. I
have expanded that behavior also to a channel named #services, which also
became a server owned channel (technical details are not topic of this
list). This way, the modes of #services, which are +tnspOq, are always
kept, and no non-oper can join this channel. A very samll modification to
the log(), to send everything as a NOTICE to this channel, if debug is off
was enough to have a secure log channel. Because our servers use
encryption, it is definitely not easy to sniff the content of network
communication.
Regards,
yusuf
Yusuf Iskenderoglu *** eMail uhc0 at rz.uni-karlsruhe.de