/whois username

These are old archives. They are kept for historic purposes only.
Post Reply
malphas
Posts: 41
Joined: Thu Jan 15, 2009 4:07 pm

/whois username

Post by malphas »

Hey not sure how to fix this when myself or another admin do a whois on someone the server sends a message to us saying that the user we have done a whois on is doing a whois on us is their anyway to stop this without turning this feature off
Bunkerwaiss
Posts: 36
Joined: Thu Dec 27, 2007 8:48 am

Re: /whois username

Post by Bunkerwaiss »

Find in your config file the string modes-on-oper and remove the +W mode or turn it into -W
Like this

Code: Select all

set {
      modes-on-oper	 "+wgstxvTqpJ-W";
};
otherwise
if you are an oper with no shell access:

Code: Select all

/mode yourNick -W
Uppercase W mode

That's all I can think of, maybe some users use some remote that detects when someone do a whois on them.
katsklaw
Posts: 1124
Joined: Sun Apr 18, 2004 5:06 pm
Contact:

Re: /whois username

Post by katsklaw »

Bunkerwaiss wrote: That's all I can think of, maybe some users use some remote that detects when someone do a whois on them.
Thats not possible with the current code base. only the ircd the user doing the /whois on knows of the /whois request unless a remote whois is requested, then only ircds know about the requests. The /whois notification is specificlly written into the source code to send a notice to the whois target. There is no way for a user to otherwise know.

Local:
user send /whois <nick>
server local to user sends targets info back to user

Remote:
user sends /whois <nick> <nick>
server retrieves login data from targets local server and sends it along with the other info the server already knows to the user.

In both cases if the user is +W the ircd local to the requesting user sends a notice to the target informing them they were /whois'd, without this notice, no one, not even the Uber Godlike Net Admins will ever know they were /whois'd.

Contrary to popular believe, the whois info is stored server side and not requested from the target, so the target can not be victimised by multiple /whois's unless the attacker knows they are +W and does it to fill their screen with notices. This "attack" for lack of better terms will flood the attacker off long before it does anything to the target.

Morale of the story? There is no practical need for +W on 99.995% of IRC networks in existance.
Post Reply