Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Code for Specific Ports #830

Closed
TuSuNaMi opened this issue Apr 13, 2014 · 9 comments
Closed

Security Code for Specific Ports #830

TuSuNaMi opened this issue Apr 13, 2014 · 9 comments

Comments

@TuSuNaMi
Copy link

Hello; I need an module for Spambots.

For each user before login to server need a give security code. It must be customisable for a specific ports ask security code example "port 6660 to 6667" exclude on flash policy ports example "7545"

Thank you
@SadieCat
Copy link
Member

If you have custom module requests you can try posting them on inspircd-extras. You might want to check out m_dnsbl or BOPM first though.

@TuSuNaMi
Copy link
Author

I try m_dnsbl and geoip filter for blocking more country's but its not effective.

I think security code more effective than m_dnsbl & geoip filter.

If anyone write security code module i will happy

@killerrabbit
Copy link

How is this different from setting a password on the connect block?

@TuSuNaMi
Copy link
Author

its different because security code random. similar with captcha

@JDowny
Copy link

JDowny commented Apr 13, 2014

So what's stopping the bot owner from requesting a security code for each bot so it can connect? Or coding this into the bot itself. This request doesn't make much sense to me, this would be a huge pain in the arse for the users for what is totally doable via dnsbl's, BOPM. and other heuristics.

If you want to authenticate each user before they can connect use SASL or SQL auth.

@killerrabbit
Copy link

Sounds similar to m_connwaitpong. Could be implemented in the same way that is.

@TuSuNaMi
Copy link
Author

I see in some irc servers (unreal based) its usable i think

@HelixSpiral
Copy link
Contributor

I remember someone requesting something similar to this on unrealircd ages ago, and it was rejected due to being fairly trivial to bypass.

Sounds similar to m_connwaitpong. Could be implemented in the same way that is.

This sounds 95% identical to m_connwaitpong.

  • On connect you get sent a ping and the server waits for you to pong back with the code.
  • On connect you get sent a random code and the server waits for you to respond with the code

The only difference would be that the first is done automatically by the client and the second would need user interaction unless clients started automating it. And if clients started automating it then we've got 2 identical features that serve the same purpose.

Also, this feature would likely interrupt BNCs if the user ever pings out and has to reconnect, unless it's automated. And if it's automated it's identical to m_connwaitpong.

So what's stopping the bot owner from requesting a security code for each bot so it can connect? Or coding this into the bot itself.

This method is a bit different than what I've seen suggested before, and I'm against having to request a security code from somewhere before being allowed to connect. If the place you're requesting the code from (Eg, the network website) goes down, then all connections to the IRC servers are stopped because nobody can get a security code.

@SadieCat
Copy link
Member

This is more or less a duplicate of #950.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@HelixSpiral @killerrabbit @SadieCat @JDowny @TuSuNaMi