[IRCServices] /ns ghost exploit

Mark Hetherington mark at ctcp.net
Thu Mar 14 22:37:00 PST 2002

Previous message: [IRCServices] /ns ghost exploit
Next message: [IRCServices] 永遠の愛
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> yeah, if the user has identified, then it is an obvious ghost, if 
> the user 
> hasn, then it is prolly a mistake.. then we come across access 
> lists.. some 
> ppl dont need to identify cause their host is in them.. could this be a 
> prob?

Good point. I guess testing the NickServ level would be the ideal way since 
checking for a status of 2 would find if the nick was recognised by access 
list only with a status of 3 for identified. 

If the access list is too vague it could lead to similar problems with 
popular ISPs and there is little to stop someone adding in a whole set of  
masks so maybe it is worth ignoring anything but fully identified nicks.

Recover and release would work in any case so might not be a huge problem 
and may encourage users to identify.


-- 
Mark.

Previous message: [IRCServices] /ns ghost exploit
Next message: [IRCServices] 永遠の愛
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]