Eggheads: Feature requests
nml375 at wserv3.wineasy.se
Thu Sep 12 09:11:00 CST 2002
On Wed, 11 Sep 2002, Andri Óskarsson wrote:
> 1. Userfile caching option
> When this is enabled the bot does not save ANY users or password to the userfile even if its set to share flags. Just saves the information in memory and asks the hub bot for user information and verifies if the passwords are correct and simply caches the info. Ofcourse this offers the ability to sniff botnet traffic and get valid passwords. Wait for request feature 2.
> 2. SSL encrypted sockets.
> So all botnet connections go through SSL and therefore harder to sniff. I do realize the cpu effect in this but I still find this a good feature.
> Bottomline is that I want to be able to put bots on shells i dont trust 100% (which makes all shells except the ones i admin myself). I've been looking at eggdrop 1.7 and it looks really promising, specially the perlscript support, im looking forwards to eggdrop 1.8, keep up the good work.
> If this is possible and the dev team is willing to take a look at this then excelent. If it is possible and the dev team is not willing to look into it please tell me how it is possible, what modules must be altared/written and if changes to the core code are needed.
> Thanks for your time
> Merlin at IRCnet
> ps: dont make fun of my english, im from europe, heh
It should be fully possible, tho I havn't tracked the progress of the
userfile->module transfer for some time...
(heck, I've barely had time to track this list at all lately :/ )
One issue that has to be dealt with tho is: how should your bots react if
for some reason your hub becomes unavailable?
* Use a minor local userfile (kinda like yp/nfs)?
You'd most likely need a minor userfile for botinfo, unless you go for
100% ssl certs authentication
* Try to use cached data (too bad for whoever might not be in the cache)
* Sit there as a duck? (Waiting to be killed)
* Refuse to start
// Fredrik Löhr (aka NML_375)
More information about the Eggheads