Eggheads: Re: Eggheads Digest, Vol 14, Issue 1

aIwa-is-k3wl at lycos.de aIwa-is-k3wl at lycos.de
Fri Jan 7 13:16:30 CST 2005


reply to Simon Kain:
1. ok :)
2. I think you`re right.
3. There is no way to get a pass from auth. Auth hack is always the users
fault and the tricks wihch takers use are really simply to block.

reply to CyBex:
Ok, i use the hostmask fix from thomey. You`re right. It`s a nice script.
But if if only the *.user......net.
It don`t fix the addhost/banhost for bnc`s. This was reason for my
suggestion.

The Q-Account script form thomey is good too. But it`s buggy. I hope i don`t
violate your rules while posting a link here, but i think it`s on topic.
http://dev.alex.ip-am.de/ Try to use his protect.tcl. It`s good tcl. It work
perfekt, but it won`t work together with thomey`s patch. The eggdrop will
crash then.

replay too: Ronny V?rdal:
 ..More features = more bugs... :-/
right. But anyway, this will be great if them will add this.
btw: http://thommey.sonys.de/eggdrop.html - it`s not perfect, but it`s
80-90%. Maybe it`s not so hard to complete it.
´
Why you don`t use a simple forum to talk about such things? You don`t think
that this is much easlyer? I can use the "search" funktion and don`t need to
ask things about 2. for example.

Best regards



----- Original Message -----
From: <eggheads-request at eggheads.org>
To: <eggheads at eggheads.org>
Sent: Friday, January 07, 2005 7:00 PM
Subject: Eggheads Digest, Vol 14, Issue 1


Send Eggheads mailing list submissions to
eggheads at eggheads.org

To subscribe or unsubscribe via the World Wide Web, visit
http://www.eggheads.org/mailman/listinfo/eggheads
or, via email, send a message with subject or body 'help' to
eggheads-request at eggheads.org

You can reach the person managing the list at
eggheads-owner at eggheads.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Eggheads digest..."


Today's Topics:

   1. suggestion (aIwa-is-k3wl at lycos.de)
   2. Re: suggestion (Simon Kain)
   3. Re: suggestion (CyBex)
   4. Re: suggestion (Ronny V?rdal)
   5. Re: suggestion (Paul)


----------------------------------------------------------------------

Message: 1
Date: Thu, 6 Jan 2005 19:39:58 +0100
From: <aIwa-is-k3wl at lycos.de>
Subject: Eggheads: suggestion
To: <eggheads at eggheads.org>
Message-ID: <20050106183033.934C6AB201 at lmcodec02.st1.spray.net>
Content-Type: text/plain; charset="iso-8859-1"

hi

i am new in eggdrop discussion list. i want to make a suggestion:

i am using Quakenet and Undernet. For a further version of eggdrop i wish
some new features:

1..chanset flood-chan
I can change there much things, but i think it`s very bad that the bot only
kick`s them and not ban them. I think it will be useful if you add a
banflooders option.

2. hostmask fix
the standard hostmask of eggdrop ( new user add, ban user) is
*!ident@*.host.net. for dynamic ip`s that is good, but on Quake/Undernet
much people use static hosts and this hostmask is unefficient.

Suggestion, mask for bnc`s
host Head!Headd at progamer.sponsored.by.bla.com good: ban/addhost
*!Headd at progamer.sponsored.by.bla.com and not *!Headd@*sponserd.by.bla.com.

Fakehosts. (a user can register in this network and set usermode +x).
Example: tom!tommy at Tom.users.undernet.org. Ban/Addmask actual:
*!thommy@*.users.quakenet.org. Please change to *!*@Tom.users.undernet.org.

3. support for Q/X-Bot accounts
Until today, a eggdop will know users only by their host and their password.
For example: on Quake/Undernet you can register. /whois nickname
example:

aymaNt is ~Brqmz at ALagny-154-1-19-191.w83-112.abo.wanadoo.fr * Brqmz
aymaNt on #e.effect #sponsor.fr #Seek.fr #Creqtive #pRoGather.fr #seekgood
#anpe.games #clanwar.fr
aymaNt using *.quakenet.org QuakeNet IRC Server
aymaNt is authed as couillunette
aymaNt has been idle 17secs, signed on Thu Jan 06 18:05:30
aymaNt End of /WHOIS list.

His authnick (registred) wille be "couillunette". This nick can be get with
/who or /whois. I never found a working tclscript/patch which will allow to
add a user in the userlist with his authnick, instand of his host.
I think it will be much better on such a network to add them with the
authnick instand of their host. Their authnick can be always the same, it`s
uniqe and their is not way to fake/steal it if them user their head.

That are 3 things i wish for next versions. Thx for reading this and sorry
for my english.
best regards
aIwa
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://eggheads.org/pipermail/eggheads/attachments/20050106/08e90d3e/attachm
ent.htm

------------------------------

Message: 2
Date: Thu, 06 Jan 2005 18:56:30 +0000
From: Simon Kain <coolsi at crazie.co.uk>
Subject: Re: Eggheads: suggestion
To: Eggdrop Discussion List <eggheads at eggheads.org>
Message-ID: <41DD89DE.7000801 at crazie.co.uk>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Hello.

1. I quite like this idea.

2. The trouble is with this is that an eggdrop would have to be written
to do this to every IRC network. Far easier is to write a TCL ban script
which can do this, then you can have it set up to match
*.users.quakenet.org etc.

3. Using an authnick to identify users isn't as secure as using
hostmasks - if someone finds out a user's auth password and auths to
their account, then they can gain access to the eggdrop. Using a
hostmask, only someone using their connection can access the eggdrop.

- Simon Kain
coolsi at crazie.co.uk

aIwa-is-k3wl at lycos.de wrote:
> hi
>
> i am new in eggdrop discussion list. i want to make a suggestion:
>
> i am using Quakenet and Undernet. For a further version of eggdrop i
> wish some new features:
>
> 1..chanset flood-chan
> I can change there much things, but i think it`s very bad that the bot
> only kick`s them and not ban them. I think it will be useful if you add
> a banflooders option.
>
> 2. hostmask fix
> the standard hostmask of eggdrop ( new user add, ban user) is
> *!ident@*.host.net <mailto:*!ident@*.host.net>. for dynamic ip`s that is
> good, but on Quake/Undernet much people use static hosts and this
> hostmask is unefficient.
>
> Suggestion, mask for bnc`s
> host Head!
>
<mailto:Head!Headd at progamer.sponsored.by.bla.com>Headd at progamer.sponsored.by
 
> <mailto:Head!Headd at progamer.sponsored.by.>bla.com good: ban/addhost *!
> <mailto:*!Headd at progamer.sponsored.by.bla.com>Headd at progamer.sponsored.by.
> <mailto:*!Headd at progamer.sponsored.by.>bla.com and not
> *!Headd@*sponserd.by.bla.com <mailto:*!Headd@*sponserd.by.bla.com>.
>
> Fakehosts. (a user can register in this network and set usermode +x).
> Example: tom!tommy at Tom.users.undernet.org
> <mailto:tom!tommy at Tom.users.undernet.org>. Ban/Addmask actual:
> *!thommy@*.users.quakenet.org <mailto:*!thommy@*.users.quakenet.org>.
> Please change to *!*@Tom.users.undernet.org
> <mailto:*!*@Tom.users.undernet.org>
>
> 3. support for Q/X-Bot accounts
> Until today, a eggdop will know users only by their host and their
> password. For example: on Quake/Undernet you can register. /whois nickname
> example:
>
> aymaNt is ~Brqmz at ALagny-154-1-19-191.w83-112.abo.wanadoo.fr
> <mailto:~Brqmz at ALagny-154-1-19-191.w83-112.abo.wanadoo.fr> * Brqmz
> aymaNt on #e.effect #sponsor.fr #Seek.fr #Creqtive #pRoGather.fr
> #seekgood #anpe.games #clanwar.fr
> aymaNt using *.quakenet.org QuakeNet IRC Server
> aymaNt is authed as couillunette
> aymaNt has been idle 17secs, signed on Thu Jan 06 18:05:30
> aymaNt End of /WHOIS list.
>
> His authnick (registred) wille be "couillunette". This nick can be get
> with /who or /whois. I never found a working tclscript/patch which will
> allow to add a user in the userlist with his authnick, instand of his
host.
> I think it will be much better on such a network to add them with the
> authnick instand of their host. Their authnick can be always the same,
> it`s uniqe and their is not way to fake/steal it if them user their head.
>
> That are 3 things i wish for next versions. Thx for reading this and
> sorry for my english.
> best regards
> aIwa


------------------------------

Message: 3
Date: Thu, 6 Jan 2005 20:08:08 +0100
From: CyBex <from-eggheads-to at cybex.has.nolife.org>
Subject: Re: Eggheads: suggestion
To: Eggdrop Discussion List <eggheads at eggheads.org>
Message-ID: <20050106190808.GA23989 at von.b0rk.de>
Content-Type: text/plain; charset=us-ascii

Hi

On Thu, Jan 06, 2005 at 07:39:58PM +0100, aIwa-is-k3wl at lycos.de wrote:
> 1..chanset flood-chan
> I can change there much things, but i think it`s very bad that the bot
only kick`s them and not ban them. I think it will be useful if you add a
banflooders option.

Write a Tcl that bind flud and insert it yourself :)

> 2. hostmask fix
> the standard hostmask of eggdrop ( new user add, ban user) is
*!ident@*.host.net. for dynamic ip`s that is good, but on Quake/Undernet
much people use static hosts and this hostmask is unefficient.
> Suggestion, mask for bnc`s
> host Head!Headd at progamer.sponsored.by.bla.com good: ban/addhost
*!Headd at progamer.sponsored.by.bla.com and not *!Headd@*sponserd.by.bla.com.
> Fakehosts. (a user can register in this network and set usermode +x).
Example: tom!tommy at Tom.users.undernet.org. Ban/Addmask actual:
*!thommy@*.users.quakenet.org. Please change to *!*@Tom.users.undernet.org.

For fakehost look at http://thommey.sonys.de/tcl.html and you can insert
your
own maskhost-fix there.. Works with both networks..

> 3. support for Q/X-Bot accounts
> Until today, a eggdop will know users only by their host and their
password. For example: on Quake/Undernet you can register. /whois nickname
> example:

Look at http://thommey.sonys.de/eggdrop.html :)
The patch works nice with both networks.

mfG CyBex


------------------------------

Message: 4
Date: Thu, 06 Jan 2005 23:39:51 +0100
From: Ronny V?rdal <ting at runbox.no>
Subject: Re: Eggheads: suggestion
To: Eggdrop Discussion List <eggheads at eggheads.org>
Message-ID: <41DDBE37.5090209 at runbox.no>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

aIwa-is-k3wl at lycos.de skrev:
> hi

Hello

> 1..chanset flood-chan
> I can change there much things, but i think it`s very bad that the bot
only kick`s them and not ban them. I think it will be useful if you add a
banflooders option.

Configure your scripts/sentinel.tcl, it will do the work...

> 2. hostmask fix
> the standard hostmask of eggdrop ( new user add, ban user) is
*!ident@*.host.net. for dynamic ip`s that is good, but on Quake/Undernet
much people use static hosts and this hostmask is unefficient.
>
> Suggestion, mask for bnc`s
> host Head!Headd at progamer.sponsored.by.bla.com good: ban/addhost
*!Headd at progamer.sponsored.by.bla.com and not *!Headd@*sponserd.by.bla.com.
>
> Fakehosts. (a user can register in this network and set usermode +x).
Example: tom!tommy at Tom.users.undernet.org. Ban/Addmask actual:
*!thommy@*.users.quakenet.org. Please change to *!*@Tom.users.undernet.org.

You are using .adduser from partyline? Please RTFM.
 help adduser will show you a neat trick, but since you haven't checked
it out - let me explain it to you.

 adduser !nickname

What does this do, alternative to the standard ".adduser nickname" you
say? Well, guess what - FULL HOSTNAME!

If you have a person on your channel, called frodo
(frodo!magic at from.the.forest.com), .adduser !frodo will do this:

 +user frodo *!magic at from.the.forest.com
 chattr frodo $default_flags_specified_in_config (normally +hp)

Why add a feature that is there?

> 3. support for Q/X-Bot accounts
> Until today, a eggdop will know users only by their host and their
password. For example: on Quake/Undernet you can register. /whois nickname
> example:
>
> aymaNt is ~Brqmz at ALagny-154-1-19-191.w83-112.abo.wanadoo.fr * Brqmz
> aymaNt on #e.effect #sponsor.fr #Seek.fr #Creqtive #pRoGather.fr #seekgood
#anpe.games #clanwar.fr
> aymaNt using *.quakenet.org QuakeNet IRC Server
> aymaNt is authed as couillunette
> aymaNt has been idle 17secs, signed on Thu Jan 06 18:05:30
> aymaNt End of /WHOIS list.
>
> His authnick (registred) wille be "couillunette". This nick can be get wit
h /who or /whois. I never found a working tclscript/patch which will allow
to add a user in the userlist with his authnick, instand of his host.
> I think it will be much better on such a network to add them with the
authnick instand of their host. Their authnick can be always the same, it`s
uniqe and their is not way to fake/steal it if them user their head.

I understand the concept of your idea, but not sure if it's something
that the developers care to but in place. More features = more bugs, and
as far as I care (and others), the current 1.6.x branch is just
bugfixing. Adding more features (say hello to halfops), only adds problems.
Get a script for this one, but eggdrop will always need a host...

Securing eggdrop is all about what you put in to it, and how you use
it... First of all, don't use any autoop script or likewise functions.
Second of all, keep your users hosts updated. You might even wanna
disable their option of adding hosts to themselves (/msg ADDHOST and
/msg IDENT commands), so that only you and your trusted masters could
add trusted hosts to your "trusted" users. And third... Minimize the
number of fancy scripts, especially public scripts.

Now, about using the numeric 330 reply (for Undernet at least), to
authenticate a user - I was once trying (beta) for something someone
wrote me - It never really worked. The idea was to add a authenticated
flag (Think it was +O) to whomever had a matching XLOGIN set to them (as
an XTRA flag, set with editing userinfo.tcl).
Only if the person had both +o and +O for a channel, he/she could
request AND get opped on the channel. The bug we had with this one, was
to get the WHOIS reply filtered by the bot on request and/or on join..
It sometimes lost the reply.
To give you an example, the typical .whois handle would show something
like this:

23:33:44 <bot> HANDLE    PASS NOTES FLAGS           LAST
23:33:44 <bot> foonick   yes      0 hp              23:32 (#channel)
23:33:44 <bot>    #channel           lmnoOv           23:32
23:33:44 <bot>   HOSTS: *!bar at 204.31.2??.*, *!bar@*.some.domain
23:33:44 <bot>   XLOGIN: foobar

When foonick entered #channel, "bot" would send a whois to the server.
When "bot" got a reply, it would compare XLOGIN to the numeric 330. If
match, it would add +O to foonick. Now, if foonick sent a /msg bot OP
password, the bot would check for valid +o and +O before giving MODE +o
foonick on #channel. And part/quit/netsplit it would wait for TTL before
-O (in case of cycle, rejoin, change of server, netsplit, etc..). I
think TTL was 600 seconds (5 minutes).

Who made this for me btw? Souper?




--

Ronny Vårdal

NORID Handle: RV138P-NORID
Email:        ting at runbox.no
Web:          http://my.floppy.no
GPG:          0x3B12B97E

"Do not follow where the path may lead.
  Go instead where there is no path and leave a trail."
                                  (George Bernard Shaw)




------------------------------

Message: 5
Date: Thu, 6 Jan 2005 23:12:16 -0000
From: "Paul" <p.hilling at blueyonder.co.uk>
Subject: Re: Eggheads: suggestion
To: "Eggdrop Discussion List" <eggheads at eggheads.org>
Message-ID: <005001c4f445$2aae6710$a75d2252 at MainPC>

>From: <aIwa-is-k3wl at lycos.de>

>1..chanset flood-chan

Install and use the Sentinel add-on script, it covers banning flooders, and
many other useful bits (get it from www.egghelp.org)

>2. hostmask fix

Write a small script that interacts with the bots.. I use one myself to
'control' it to an extent, and you can then use mIRC's $address($$1,3) or
$address($$1,2) to change the host mask used in adding or banning someone.

If you want an example script, LMK and I'll forward you mine.

My suggestion though is this...

Ability to set bans differently to the ban in the bot..  For example..

I want to ban a user (for flooding say)..  I can ban on the nick, the ident,
the host, or any combination of the 3.  However the ban is only enforced
according to what I set..  If I set a ban on the nick it'll only ban on the
nick, if I set on the ident, it'll only ban on the ident.  etc...

What I would like to see, is the ability to set a ban on a nick (or ident),
and have the bots do a class 2 ban (*!*@host), or class 3 ban
(*!*ident@*.host) when that nick (or ident) enters the channel the nick (or
ident) is banned in, instead of having to specify multiple Class 2/3 bans..

I hope that was clear enough to get across what I mean.
--
Paul Hilling

No computer components were harmed during the creation of this e-mail,
however several billion electrons were abused to ensure its safe delivery.




End of Eggheads Digest, Vol 14, Issue 1
***************************************





More information about the Eggheads mailing list