Delete me
http://www.vulnscan.org/UnrealIRCd/unre ... lnameblock
Might help with the ones using a user-agent string as their real name.
Might help with the ones using a user-agent string as their real name.
Sorry if it sounds rude pointing it out but the following is from his first post:Stealth wrote:Have you tried the antirandom module?
[09:20am] *** Notice -- [antirandom] denied access to user with score 23: cgvpgkuw![email protected]:oifsqyhv
-
- Head of Support
- Posts: 2085
- Joined: Tue Jun 15, 2004 8:50 pm
- Location: Chino Hills, CA, US
- Contact:
Sorry about that... something you should consider doing is making a script to catch those antirandom doesn't have access to (don't know why it wouldn't have access to those... perhaps they are connecting to a server antirandom isn't loaded on?)Jobe1986 wrote:[09:20am] *** Notice -- [antirandom] denied access to user with score 23: cgvpgkuw![email protected]:oifsqyhv
EDIT: nvm about that. The message "[antirandom] denied access to user with score 23:" means antirandom has detected it, and the gline follows. That message is a little misleading (looks like an error)
To stop that message, change set::antirandom::show-failedconnects to no.
No, there are letter-letter-number-letter-number-number, its random, so regex´ with letter-number-letter-number... won´t workoutz wrote:I think I could use a regex that filters 1-letter 1-number 1-letter 1-number and so on - I'm just having trouble with the actual string.outz wrote:Thanks. That was definitely helpful.
Any idea how I would block these?
*** d1j0xm10o8p ([email protected]) has joined #Offtopic
*** v4q4ur6o0a ([email protected]) has joined #Offtopic
*** y3l1ki10w3e ([email protected]) has joined #Offtopic
*** o0m3km5b1s ([email protected]) has joined #Offtopic
*** g9g10ne5x3t ([email protected]) has joined #Offtopic
Do some CTCP on them
/ctcp <nick> version
/ctcp <nick> finger
If you´ve got some special version reply you can ban it at the config with the deny-version Block.
http://www.vulnscan.org/UnrealIRCd/unre ... rsionblock
and at the same special finger reply use the Spamfilter for CTCP reply.
and may these Bots are from 1 or 2 Providers, then you can ban the whole IP Ranges of these providers.
To find out what IP Ranges were used for Spam, flood etc you could use http://www.spamhaus.org/sbl/index.lasso, there u can find out them.