[IRCServices] Network Policies..

Craig Edwards brain at brainbox.winbot.co.uk
Mon Nov 18 20:09:01 PST 2002


If that one server is compromised, yes. But in the end, the
ircservices box should be under control of the netadmins, who
have final juristiction over what does and doesnt happen on their
network in most cases. The whole idea is keeping the network run
how the admins want it to be run, and not how individual server admins
want to do things their own ways. Some irc networks such as efnet
operate this way though, where each admin has their own policies,
and such services wouldnt be forced to load such a module. On a side
note, im thinking of expanding this to a larger project, called (working title)
"AbuseServ" which would also do such things as network-wide scanning of
proxies (this is something else that should be centralised, if one admin accidentally
unloads their proxy scanning module from their ircd, it creates a "weak link"
where abusive clients may connect, rendering the whole system useless).
Any ideas on this whole idea, please mail me off the mailing list, as this is
starting to become interesting with all the ideas im being given (Thanks MrBOFH!)
and i will certainly start work on this as an optional addition for ircservices :)

>From: "Craig Edwards" <brain at brainbox.winbot.co.uk>
>
>> Sometimes this is not possible - lets take for example a
>hypothetical situation where server may be compromised by crackers.
>You'd trust the admins running the server, but someone would be in
>control of the server secretly who you probably dont know, and
>certainly dont trust. In this case their first action may be to set up
>an oper with reasonably high privilages and "play around" with it.
>This system would prevent such a situation by immediately de-opering
>any such abusers as soon as it saw them, unless the policy actually
>said they could oper up.
>
>
>So, one person (who host services) would have TOTAL control of a
>network and it's Admins?
>I don't think this is a good idea.
>
>> server may be compromised by crackers
>
>As well as services' server...
>
>> but someone would be in control of the server secretly who you
>probably dont know, and certainly dont trust.
>
>What if someone gain access to services then?
>
>
>-----------------------------------------------------------------------
>Z kraju i ze swiata, minuta po minucie >>> http://link.interia.pl/f1676
>
>
>------------------------------------------------------------------
>To unsubscribe or change your subscription options, visit:
>http://www.ircservices.za.net/mailman/listinfo/ircservices