Page 1 of 2

Users via proxy, how to stop the clons.

Posted: Wed Nov 02, 2005 6:17 am
by JIVXor
Here goes my problem :

The users who connect to my server they do it by a proxy, and arrive at the server with the same IP all, the one of proxy, then they have been dedicated to connect clons with scripts, is there some form to stop that? Some module? Style of ircxpro that asks before connect or some quarantine channel, iptables's rules of connect limitations of an IP through proxy?

I use unrealIRCD 3.2.3 *NIX and Anope 1.6.4 Stable


PD : I was thinking about the module of user_auth but I do not know if it will work.

Thanks beforehand.

JIv
Thanks

Posted: Wed Nov 02, 2005 7:11 am
by Dukat
  1. Use a proxy Scanner! (bopm)
  2. Set the maxperip value in the allow block(s)

No no

Posted: Wed Nov 02, 2005 5:44 pm
by JIVXor
Dukat, thanks for your fast help. I do have OPSB from Neostats package. But .. . The only way to get internet of that users is via proxy, this is the configuration of the network. Then, if I kline or drop one simple IP, I'm droping the ip of the proxy, so . . . . the IRC is empty. I know in other networks nobody have this problem, cause all IPs are one to one to the client, but here in my country the networks are very diferent. You connect to a PPP server, assign to you an IP for the intranet, but, if you want to access to internet, you MUST go via proxy.

Thanks

Posted: Wed Nov 02, 2005 9:36 pm
by Stealth
Then there is nothing you can do. Any proxy that can be abused will be abused. It is the fact of proxies.

Posted: Thu Nov 03, 2005 11:49 am
by Dukat
The only possibility is to use some sort of authentication like userauth or SQLAuth... BUT all your users would have to register on some webpage/whereever - you would probably lose a LOT of users :(

Can you use the remaining tools like spamfilter, flood protection or badwords to stop the clones?


Another way (but I don't know if that's possible - probably not) would be to move the server to the intranet - the users would have different IPs there, I guess...

..

Posted: Fri Nov 04, 2005 3:57 am
by JIVXor
Thanks a lot Stealth. But .. .
it must exist something, some rule of iptables that goes through proxy and obtains the IP of the LAN. The Web browsers take with itself an information so, when they log in a WebServer, this WebServer can know of that information, the IP of the LAN, with IRC will not be equal? Pardon if I am speaking things without sense, but I am desperate already, perhaps some linux kernel has his iptables reshaped.

Dukat :

I'm from Cuba, I don't think that INFOMED'S ISP accept my advice about the move of the DNS for intranet :P And yes, I do have flood protections, spamfilters but . . . the bandwith is the most important thing in this case && is begin to decrease with another and another clon. Thanks anyway.

I'm working on m_courtroom of AngryWolf, lets see, by the way, does anybody here knows about unreal3.2 beta RC2 for *NIX ? I can't find it. I'ts the first requeriment of the m_courtroom module. If anybody knows about one on 3.2.3, please let me know.


PD : Sorry about my english :S
Thanks.

Posted: Fri Nov 04, 2005 5:10 am
by Stealth
There is no such information that passes through proxies. If such information passed through proxies, they would be useless. The purpose of a proxy is to hide someones real IP, and in this case, enable them to connect to the internet.

......

Posted: Fri Nov 04, 2005 8:28 am
by JIVXor
Could Syzop or Codemastr find unreal3.2BetaRC2? Any version of courtroom for 3.2.3?



Thanks.

Moderator: Email removed.

Posted: Fri Nov 04, 2005 8:39 am
by Dukat
Old versions are not released.

You have to fix the module to work with the current version.

Posted: Fri Nov 04, 2005 9:58 am
by Solutech
I use courtroom on my system and I stayed at 3.2.2b which it still works on . I may have the nix distri of that version here somewhere but as stated its not supported anymore.

*edit* yup I have it still if you want it pm me your email addy*edit*

Posted: Fri Nov 04, 2005 4:18 pm
by Syzop
Isn't courtroom basically just the spamfilter viruschan thing?
Would adding a /viruschan <nick> be sufficient?

Or is it absolutely necessary to have different channels per-user, because I don't think that would be implemented in core unreal (the difference in terms of memory usage per-user is 1 bit vs storing a pointer at minimum (4 or 8 bytes) and the channelname (<length of name>+1+[4|8]) at maximum.

(Oh yeah, sure, the module aproach is also possible :P)

Posted: Fri Nov 04, 2005 5:45 pm
by JIVXor
Syzop :

My idea is to maintain in quarantine all the users who connect to the server, I put a countdown, if users does not respond to a question [randomize ], there comes the kill. Obviously, scripts of clones does not have the option to enter by keyboard some string.

Here's the error [on 3.2.3]:

14[132:1438] 11,12 server 14,14! unrealircd.conf:13: loadmodule src/modules/courtroom.c: failed to load: tmp/E8DA9B66.courtroom.c: invalid ELF header.

ELF header?

How can I do to fix this problem?

Thanks.

Posted: Fri Nov 04, 2005 5:51 pm
by Dukat
You have to COMPILE the module first.

Read the documentation of the module.

Posted: Fri Nov 04, 2005 6:00 pm
by JIVXor
Dukat,

you mean : make custommodule MODULEFILE=courtroom

??

Oh yes, I'm compiling the module, when I rehash :

src/modules/courtroom.c: failed to load: tmp/E8DA9B66.courtroom.c: invalid ELF header.

Am I missing something?

Thanks.

Posted: Fri Nov 04, 2005 6:59 pm
by Dukat
The .c is the source file, the compiled module is .so.