Search found 40 matches

by HeXiLeD
Tue Jul 09, 2019 2:12 am
Forum: Modules (3rd party)
Topic: [REQUEST] User CertFP logins
Replies: 0
Views: 317

[REQUEST] User CertFP logins

Much like Oper by SSL Client certificates, some of us would like a module that allowed user connection by Client certificates FP. The idea is very much the same as the functional that exists for opers, but for regular users. The module would make use of a configuration file that would then be loaded...
by HeXiLeD
Mon Jul 08, 2019 11:54 pm
Forum: General chat
Topic: CR-LF (Carriage Return - Line Feed) pair, @ 512 bytes
Replies: 0
Views: 330

CR-LF (Carriage Return - Line Feed) pair, @ 512 bytes

So we were having a conversation in the chatroom and we ended up on https://tools.ietf.org/html/rfc1459 due to the fact that irc clients are not able to pass/input messages that are longer/bigger than 512 bytes. Section: 2.3 (still in effect in the current RFC revision at the date of this post) 2.3 ...
by HeXiLeD
Sun Jan 27, 2019 11:51 pm
Forum: Modules (3rd party)
Topic: [REQUEST] Module to enhance DNSBL against known VPN providers
Replies: 4
Views: 593

Re: [REQUEST] Module to enhance DNSBL against known VPN providers

...anything to get hands on users real ip huh... happens that I not only support proton as I pay for some services which I (and most like me and on proton), use lawfully. but also a pain to protect our networks against possible abuses I've talked to DroneBL folks and unless there's some kind of high...
by HeXiLeD
Thu Jan 10, 2019 10:49 am
Forum: Generic support
Topic: Logging who PMs who
Replies: 9
Views: 456

Re: Logging who PMs who

This is: 1: Unethical 2: Depending on the country, Illegal 3: Useless against anyone using OTR, Omemo or even the weak blowfish encryption 4: 100% ineffective if the users do DCC chat. and it is a perfect way to get an empty network very fast. as for modules used in this type of operation, they can ...
by HeXiLeD
Sun Jan 06, 2019 3:00 pm
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

Test also # nmap --script ssl-enum-ciphers -p6697 localhost As for weechat: irc.server.netname.ssl_verify = off irc.server.netname.ssl_priorities = NORMAL:-VERS-SSL3.0 SECURE256:-VERS-TLS-ALL:+VERS-TLS1.2 or SECURE256:-VERS-TLS-ALL:+VERS-TLS1.3 might be too high for your setup. Again, client side pe...
by HeXiLeD
Sun Jan 06, 2019 2:39 pm
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

There is nothing wrong with the server and ssl/tls on the server side. This is pure pebcak client side. Sometimes related to what the client is capable of handling in regards to cyphers used in effect by the server. If the server specifies only a few cyphers to use and or a specific ssl or tls versi...
by HeXiLeD
Sat Dec 29, 2018 5:32 pm
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

Here is my testing example using weechat and unrealircd 4.2.1 I created conf/authentication_block.conf which is loaded in unrealircd.conf Added a block: require authentication { mask *@127.0.0.1; reason "Too many abusers from this ip, please authenticate"; }; Created a user with netadmin permissions...
by HeXiLeD
Fri Dec 28, 2018 7:32 pm
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

Thanks for your very dedicated reply :D I will address a few points and I agree with most of what you said, except one detail and I must state that at the time, I felt I did not expressed what I suggested properly given the complexity of this matter. I take it you currently have positive experiences...
by HeXiLeD
Thu Dec 27, 2018 10:15 pm
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

I just decided to test this new feature and maybe there are a few things to consider: info: Authentication https://unrealircd.org/docs/Authentication https://unrealircd.org/docs/Require_authentication_block https://unrealircd.org/docs/Set_block#set::authentication-prompt CertFP https://unrealircd.or...
by HeXiLeD
Thu Aug 09, 2018 3:14 am
Forum: Modules (3rd party)
Topic: [REQ] M_uline
Replies: 9
Views: 1698

Re: [REQ] M_uline

Because he is d1ff3r3nt :P , wants to look c00l 8) and has no ph3ar !! :twisted:

... yah... high five! rock on dude!! :mrgreen:
by HeXiLeD
Thu Jun 07, 2018 9:29 pm
Forum: Modules (3rd party)
Topic: [REQ] Forcing the use of encrypted communication
Replies: 0
Views: 1161

[REQ] Forcing the use of encrypted communication

This is an idea that I have been pursuing for a long time. Forcing the use of encrypted communication by OTR, Omemo, PGP and even xsalsa20 or blowfish. Details are explained here: https://bugs.unrealircd.org/view.php?id=5100 Perhaps a module could be done in order to start testing this idea and then...
by HeXiLeD
Thu Dec 28, 2017 12:11 pm
Forum: Modules (3rd party)
Topic: [DONE] Looking for delaylist.c port for unreal4
Replies: 7
Views: 1764

Re: [DONE] Looking for delaylist.c port for unreal4

So far the module looks great 8) I was wondering if it would be easy to implement the possibility of customizing the replies send by the module: You have to be connected for at least 60 seconds before being able to /LIST You have to be identified with services before being able to /LIST The customiz...
by HeXiLeD
Tue Dec 26, 2017 3:43 pm
Forum: Generic support
Topic: WebIrc secure implementations and it's fails
Replies: 4
Views: 942

Re: WebIrc secure implementations and it's fails

Unacceptable since it decreases general security: So, you have three other ways to deal with it: - Use older Unreal version and wait for a needed qwebirc functionality. - Accept your secure users not having the +z umode, and wait for a needed qwebirc functionality. - Modify qwebirc yourself, to alw...
by HeXiLeD
Tue Dec 26, 2017 2:16 pm
Forum: Generic support
Topic: WebIrc secure implementations and it's fails
Replies: 4
Views: 942

WebIrc secure implementations and it's fails

Although currently unable to connect to the irc chat due to this detail , I have been updated about this problem and tested it myself. Before the flames come, lets just say that I am 100% in favor of security by default and anti clear text protocols 20 years ago. In fact why are we even allowing the...
by HeXiLeD
Sun Nov 26, 2017 3:03 pm
Forum: General chat
Topic: UnrealIrcd: Please get proper reverse DNS
Replies: 4
Views: 1266

UnrealIrcd: Please get proper reverse DNS

So, recently, while trying to connect to unrealircd support chat: Your IP address does not resolve to a host. Please get proper reverse DNS Caused by features in 4.0.16 Just happens that some of us, actually and intentionally do set an improper reverse DNS for specific reasons. Q: Does this active f...