Ban version

These are old archives. They are kept for historic purposes only.
Locked
[UnDeRTaKeR]
Posts: 84
Joined: Mon Nov 21, 2005 6:15 am
Location: Cuba

Ban version

Post by [UnDeRTaKeR] » Wed Jan 04, 2006 7:50 am

in unrealdocs ban version is stated like this:
"This makes use of the clients CTCP version reply. Therefore if a client does not send out a CTCP version, the ban will not work."
is there a possibility that normal irc clients, bitchx, mirc, mesias, doesnt
reply a version??
because Id love to ask for the implementation of a ban if the client dont
respond to it,
"This feature is intended to allow you to block malicious scripts."
in fact the current malicious scripts dont respond to that...
the version reply depends on something that makes impossible to kill a
user if he dont respond??somehow ethically I mean...?
saludos

Solutech
Posts: 296
Joined: Thu Mar 18, 2004 11:38 pm

Post by Solutech » Wed Jan 04, 2006 10:08 am

The problem you face is a lot of clients allow you to turn off ctcp replys . THen your potentially banning users that have done nothing wrong . Just because a script doesnt ctcp reply doesnt make it hostile .
Yawn. So there's yet another "if the user clicks the button, they're infected" exploit. Why is this news? We already know users are idiots.

fgeek
Posts: 4
Joined: Sun May 22, 2005 11:05 am
Location: Finland, Oulu
Contact:

Post by fgeek » Wed Jan 04, 2006 5:14 pm

You shouldn't ban people who aren't showing their ctcp version. I suggest you should just check those clients if they seems to be bot and then handle them. There are maybe module for it and Anope's SecureServ works fine for 'version reply checking on connecting'.

[UnDeRTaKeR]
Posts: 84
Joined: Mon Nov 21, 2005 6:15 am
Location: Cuba

Post by [UnDeRTaKeR] » Wed Jan 04, 2006 6:35 pm

Solutech:
thats why I asked if a normal irc client could not reply a version,
hostile scripts are currently mirc addons, but they dont reply nothing though
the user who has it loaded do reply a version,
I know innocent users could get caught, but I am searching for a solution
and for a way to make the server more secure,
collateral damage is impossible to avoid..
fgeek:
most of users on mi server use mIRC, but still load addons and make
tons of clones, flood, etc... if those clons reply anithing, the task shold be
done..
but in fact they dont... :/
I think the idea of making configurable the option to kill if dont reply a
version, isnt that bad..

Syzop
UnrealIRCd head coder
Posts: 1889
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

Post by Syzop » Wed Jan 04, 2006 7:37 pm

This will not be done.
It has been brought up over 5 times, use the search for details.

I'll see if I can make this a faq item anytime soon.

[UnDeRTaKeR]: with your (proxy thing) setup, you will _always_ be in trouble and there's very little or nothing you can do about it.

Locked