hiding servers
hiding servers
** moderator edit: this topic was split from another topic, context: syzop was taking over 5 modules from angrywolf, not mentioning hideserver **
hi syzop
hideserver is a very nice modules too(not because you have the possibility to disable /map or /links) its because you can hide the HUB/s or not U:lined server to protect them a bit (can be a nice feature for UnrealIRCd too -hide-ulines +hide-server *g*)
The modules work well I know no bugs the only thing its not support flat-map :/ , so if you ever have time mabye you can take a look
thanks
hi syzop
hideserver is a very nice modules too(not because you have the possibility to disable /map or /links) its because you can hide the HUB/s or not U:lined server to protect them a bit (can be a nice feature for UnrealIRCd too -hide-ulines +hide-server *g*)
The modules work well I know no bugs the only thing its not support flat-map :/ , so if you ever have time mabye you can take a look
thanks
crazytoon: well, I don't like that module because it gives a false sense of security[1], so no.. I'm not going to maintain it :p.
Stealth: For the modules that I'll take over (the ones mentioned above, angrywolf gave his ok btw), I'll integrate them in the module packs (win&nix)[2], so I'll take care of that, you won't have to bother about those anymore :)
I'll do that within 1-2 weeks, I'll (try to :P) remember to notify you once I have them in the new modpack.
[1] Hubs should be protected by the DNS-technique mentioned in Docs: 8.6 Denial of Service attacks (DoS) [or: how to protect my hub], if one would simply hide /map & /links then admins are very likely to "forget" doing that, and since hiding map&links does not offer any real security you make problems worse. Basically this is the long explanation of "a false sense of security is worse than no security"
[2] Well, probably marked that they are based on Angrywolfs work, I hate not giving(/getting) proper credit ;)
Stealth: For the modules that I'll take over (the ones mentioned above, angrywolf gave his ok btw), I'll integrate them in the module packs (win&nix)[2], so I'll take care of that, you won't have to bother about those anymore :)
I'll do that within 1-2 weeks, I'll (try to :P) remember to notify you once I have them in the new modpack.
[1] Hubs should be protected by the DNS-technique mentioned in Docs: 8.6 Denial of Service attacks (DoS) [or: how to protect my hub], if one would simply hide /map & /links then admins are very likely to "forget" doing that, and since hiding map&links does not offer any real security you make problems worse. Basically this is the long explanation of "a false sense of security is worse than no security"
[2] Well, probably marked that they are based on Angrywolfs work, I hate not giving(/getting) proper credit ;)
>> crazytoon: well, I don't like that module because it gives a false sense of security[1], so no.. I'm not going to maintain it :p.
Well I can understand you :p (but as I said is NOT because admins have the possibility to disable /map or /links)...
>> [1] Hubs should be protected by the DNS-technique mentioned in Docs: 8.6 Denial of Service attacks (DoS) [or: how to protect my hub], if one would simply hide /map & /links then admins are very likely to "forget" doing that, and since hiding map&links does not offer any real security you
I know how to protect my hub
("Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*)
Well I can understand you :p (but as I said is NOT because admins have the possibility to disable /map or /links)...
>> [1] Hubs should be protected by the DNS-technique mentioned in Docs: 8.6 Denial of Service attacks (DoS) [or: how to protect my hub], if one would simply hide /map & /links then admins are very likely to "forget" doing that, and since hiding map&links does not offer any real security you
I know how to protect my hub
("Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*)
I'll take the freedom to translate that one *g*crazytoon wrote:Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*
"The point is, you can't attack what you don't see"
but I can't see a point there - since /map oder /links are not the only way to get data on the available servers, you don't remove/hide anything. you just remove the "cheapest" way to get the information - but there is still much to see and much to attack...
if a user connects - he has at least one ip and servername - that one he is on...
he may meet other users - whois them - he gets other servernames...
most irc-networks are constructed to be a public place - so there is information going around how to connect, maybe a webpage, they have round-robin-DNS - so a single resolve of "irc.thatnetwork.tld" or whatever they have opens every single server available...
solution: you have a private network with some IPs - no names, no hosts pointing to, no webpage - let's say something, noone's knowing about except the handful guys setting this up and their girl-/boyfriends - maybe you even firewall down all incoming IP-Ranges except the static-IPs of the people mentioned above (don't accept anyone with dynamic-connects!) - the firewall should be at the first possible router of your ISP - not the holy ircd-machine itself...
a really great understanding of irc and the sense of a community
have fun!
greets
/medice
/medice
The idea is to hide the dedicated hubs that clients don't connect to, not the leafs (there's little point in that). Now, you say server names can be grabbed from whois, but you could always take things to ircu's extremes: no servername/hopcount/local-channels (which aren't in unreal)/idle time (for anyone)/localoper status(?) from /whois /who anything else, but I think that's probably just asking for more trouble. The DNS trick works much better .
*edit* In fact, I wonder if the server names (in me::name, link::, etc) should be allowed to have characters not normally valid in a hostname... so as to facilitate the use of the DNS trick */edit*
*edit* In fact, I wonder if the server names (in me::name, link::, etc) should be allowed to have characters not normally valid in a hostname... so as to facilitate the use of the DNS trick */edit*
Well, AFAIK you can still get a server map, it's just that such things are less known (hence people might think they are safe, when they are in fact not).but you could always take things to ircu's extremes
Exactly.but I think that's probably just asking for more trouble. The DNS trick works much better
I don't see why this would help? You just need not to put a DNS entry in your dns servers :P. Perhaps it would even encourage subtle tricks like using ß online and s/ss in the domain name. Not to mention, the other aspects of this (compatability, etc).I wonder if the server names (in me::name, link::, etc) should be allowed to have characters not normally valid in a hostname... so as to facilitate the use of the DNS trick
I also wondered when writing the "how to protect my hub" section to say something like "or put it in DNS under a complete different name (eg: hub1.thisisprivate.mynet.net), but quickly realized how often people fail to protect against zone transfers (Tens of TLD's have ZXFR's enabled, and I even recently notified the bopm team that the whole *.opm.blitzed.org could be fetched [thus giving you a nice proxy list of thousands ips]).. It's easy stuff to misconfigure/forget [it even happens to me], and it's not always your fault (dns provider, ..).
well ... I don't see the point why other things are helpfull just for example:I don't see why this would help?
hide-ulines; <--- "false sense of security" YES! , helpfull ?
why? to protect your services ? don't think so ( just type /version services.* or /whois someserv )
flat-map; <--- "false sense of security" YES! ( a big one for lazy admins),
helpfull ? (YES! can be but not at the time) , logically NO! ( it was a feature request here to have the possibility to set a QUIT message if a server split ) (don't know the bug number now ) so with such a OPTION flat-map; can be helpfull ..
btw all this OPTIONS / features can have "false sense of security" but can be felpfull to..
so why is sooo bad to have a option like hide-server ? or set::splitmsg ?
because some admins are to lazy to read the docs ? lol
If someone BAD he will ddos / flood your know IPs / Hosts ...
I'm afraid your attitude doesn't match ours...
You think the more you hide, the more secure you are.
We think, the more you hide using a FLAWED concept, the more FALSE sense of security you will get, which is DANGEROUS.
As said, we could go into ircu extremes, and then you can still get a server map via tricks... that is NOT good.
I suppose you are the type of person who would like to block /version and then simply forgets the other super-simple way to see the version.
- You are right, hiding servers for that reason is just stupid!
On a sidenote, it seems you are contradicting yourself?
You think the more you hide, the more secure you are.
We think, the more you hide using a FLAWED concept, the more FALSE sense of security you will get, which is DANGEROUS.
As said, we could go into ircu extremes, and then you can still get a server map via tricks... that is NOT good.
I suppose you are the type of person who would like to block /version and then simply forgets the other super-simple way to see the version.
- You are wrong, hide-ulines was never there for that reason, it was to hide to which server it was linked to (it has existed for years, flat-map is a much more recent idea). Almost nobody adds services.mynet.net to DNS, so D(Dos) was never the reason.hide-ulines; <--- "false sense of security" YES! , helpfull ?
why? to protect your services ? don't think so Smile ( just type /version services.* or /whois someserv )
- You are right, hiding servers for that reason is just stupid!
On a sidenote, it seems you are contradicting yourself?
("Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*)
Of course, following this, removing all servers from whois / etc (like ircu does) isn't necessarily for protecting servers... consider that someone wants to knock a user off the server to try to take over his channel, but with cloaked hosts he can't get the real IP, so he might attack the server that user is on, but while he could probably get the name of every connectable server, he won't be able to find out which one that user is on, he'd probably have to attack at random, which may result in lots of missing and getting him glined off the net before he can even accomplish his goal...
This of course is less important with channel services, but... still a thing to think about?
This of course is less important with channel services, but... still a thing to think about?
Translation? (I don't trust babelfish )("Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*)
Why not? A simple example is if you /whois someone and (s)he is local, you will see idle time... Just to name ONE example of how to detect such things ;p. If he can go flood all servers, then I suppose it isn't too hard either to just connect to them and /whois ;).but while he could probably get the name of every connectable server, he won't be able to find out which one that user is on
That said, indeed.. this is not much of an issue on networks with chanserv etc... Which is, IMO, a real must for a real public network. (and yes, that's me saying that, even though I originally come from ircnet :P).
Also, forgive me if this will be my last post here, as you might understand one can get a bit tired of it, and I have, just like others, other nicer things to do.. the next days in particular ;).
medice translated it (correctly) a few posts up here: "The points is, you can't attack what you don't see" ;p
no syzop i'm not..I suppose you are the type of person who would like to block /version and then simply forgets the other super-simple way to see the version.
no! it was only a example for the service or Ulined server like stats irc defender or whatever ... because everyone knows 99% of the networks hiding them with hide-ulines; ...On a sidenote, it seems you are contradicting yourself?
my HUB is called H.U.B , none knows the IP (well a few admins ) , only to IPs are allowed to connect to HUB just in case something is wrong , only SSL connects on non standard port , /stats P is restricted too and you need the right password to connect which is ripemd160 (as you can see I do my best to protect my HUB) .. (don't think I don't read the UnrealIRCd docu)
NO I don't think so! and hideserver is not really a new idea is a bit modifyed version of hide-ulines then... but I don't think is bad to have such options .You think the more you hide, the more secure you are.
yes you can by using hopcount or something but you need to know the netorkmap first ...and then you can still get a server map via tricks
So just a examlpe ( because I think my english sucks really and I can't explain what I mean *g*)
flat-map on
user do /map from server 1 this look like :
server1.my.cool.net
|-H.U.B
|-server2.my.cool.net
|-server3.my.cool.net
|-H.U.B2
|-services.for.my.cool.net <-- hiden by hide-ulines
looks all nice an secure but If someserver splits you see the link
Quit (H.U.B server2.my.cool.net ) BAD ! or not ?
falt-map on
hide-server on ( let we say we have this)
set:slpitmsg ( let we say we have this)
now we can play a bit .. H.U. B ,H.U.B2 services are Hiden now ( and just to confuse the" bad" ppls i just JUPE 2 (for example but not needed))
user do /map from server 1 this look like :
server1.my.cool.net
|-H.U.B.my.cool.net <-- the host is know so I can do this(and is a fake)
|-H.U.B <-- hiden for the user
|-server2.my.cool.net
|-server3.my.cool.net
|-H.U.B2.my.cool.net
|-H.U.B2 <-- hiden for the user
|-services.for.my.cool.net <--- hiden for the user
on split we have :
Quit ( just updating ) or something ....
I think now "flat-map" has a good function or not ? and is more secure ..
is only my opinion ... but mabye I'm wrong can be
@ aquanight
Der punkt ist aber : was man nicht sieht kann man nicht angreifen *sfg*
it means :
"The point is, you can't attack what you don't see"
Last edited by crazytoon on Fri Dec 24, 2004 4:30 am, edited 2 times in total.