I read the docs and searched for forums, so please forgive me if this is an easy answer to find.
I would like to log all IRC commands users issue. Our server is low traffic so log file size isn't really an issue. Is the possible, either through server config or a module (if one exists)?
Can UnRealIRCD log all user commands?
-
codemastr
- Former UnrealIRCd head coder
- Posts: 811
- Joined: Sat Mar 06, 2004 8:47 pm
- Location: United States
- Contact:
Re: Can UnRealIRCD log all user commands?
Of course not. This would be spying on the users, and that is not something we support or condone. In some countries it may even be illegal.
-- codemastr
-
MrBugSir
- Posts: 29
- Joined: Fri Feb 25, 2005 9:19 pm
- Location: Seattle, Washington, USA, Earth
- Contact:
Why would that be spying? Corporations monitor all network traffic, they even claim to own the email on their servers, and go out of their way not to use the word "private" in any published materials. I don't see how logging what commands users have issued is spying. Logging personal conversations would obviously be spying, but we're not interested in that for many reasons, such as it would be spying. We don't want to spy on any one, we do want to know if some one is poking around and we do have the right to perform a threat analysis based on the commands users issue.
Anyway, I got my answer. Thanks for responding.
Anyway, I got my answer. Thanks for responding.
Try this module Commandsno This will let you choose what commands you have sent to ircops . I use it as a precaution so that I know when people are probing . Just add the commands you want to see being used . I have stuff like /stats flagged and /map . Its not a logfile per-se more a visual heads up. Gives the admins and ircops that little bit more of a warning that someone is up to something . The log every command idea is a bit extreme . Just put the commands you feel are abusable in there .
Yawn. So there's yet another "if the user clicks the button, they're infected" exploit. Why is this news? We already know users are idiots.
Stuff that would probably be useful to check on,
/stats
/map [personally, i use it to get other servers to connect to, but it CAN be abused]
/links [same]
/os
/operserv
/oper [but does it send passwords? never used cmdsno]
/gline
/kline
etc etc.
/stats
/map [personally, i use it to get other servers to connect to, but it CAN be abused]
/links [same]
/os
/operserv
/oper [but does it send passwords? never used cmdsno]
/gline
/kline
etc etc.
-ChatSpike IRC Network [http://www.chatspike.net]
-Denora Stats [http://denora.nomadirc.net]
-Omerta [http://www.barafranca.com]
-Denora Stats [http://denora.nomadirc.net]
-Omerta [http://www.barafranca.com]
Code: Select all
[06:16] -irc.Our-chat.tk- Solutech ([email protected]) used command STATS (params: g)Yawn. So there's yet another "if the user clicks the button, they're infected" exploit. Why is this news? We already know users are idiots.
Just btw, go the sig solutech 
So it probably wouldn't be a good idea to place a commandsno on oper :p
So it probably wouldn't be a good idea to place a commandsno on oper :p
-ChatSpike IRC Network [http://www.chatspike.net]
-Denora Stats [http://denora.nomadirc.net]
-Omerta [http://www.barafranca.com]
-Denora Stats [http://denora.nomadirc.net]
-Omerta [http://www.barafranca.com]
I would say that using it on /oper would be akin to abuse . I get visitors that have scripts set to auto /oper . So it giving you the password would be rather unethical .
As for the sig I pilfered it from another forum lol . Made me laugh
As for the sig I pilfered it from another forum lol . Made me laugh
Yawn. So there's yet another "if the user clicks the button, they're infected" exploit. Why is this news? We already know users are idiots.
There are modules available that will give you more information in regards to /oper. Personaly, for server logging, I have all the standard server logs outputed into an SQL server. I'm not worried about users abusing commands that are part of unreal that don't already generate notices. But I do want to keep track of Override usage, kills, glines and other administrative commands. My IRCop's know I log this information and even have access to it themselves.
For users?
stats usage get's broadcasted
oper get's broadcasted (Only if the oper matches an existing O block)
glines - Those get posted on my webpage, so i don't care if they look them up on the server or not.
Angrywolf however has a module that will allow the logging of failed oper username/passwords. I've considered installing it for it's kill mechanism on too many failed attempts. I would never enable the snomask, cause in all honesty, i don't want to see my oper's passwords.
For users?
stats usage get's broadcasted
oper get's broadcasted (Only if the oper matches an existing O block)
glines - Those get posted on my webpage, so i don't care if they look them up on the server or not.
Angrywolf however has a module that will allow the logging of failed oper username/passwords. I've considered installing it for it's kill mechanism on too many failed attempts. I would never enable the snomask, cause in all honesty, i don't want to see my oper's passwords.
I'm more concerned with services getting broken into. hence why i use the logchannels and routinly look in the log file for "oditites"Snomask +O: lets you see login names and passwords used in failed OPER attempts. It also has a feature that kills users after a specified number of failed oper-ups.
Pretty hard not to see the passwords when you have to set the oper block for them . I think the killing of bad oper attempts could be a good thing and would be nice to see it as a feature maybe .
. I think the killing of bad oper attempts could be a good thing and would be nice to see it as a feature maybe .Yawn. So there's yet another "if the user clicks the button, they're infected" exploit. Why is this news? We already know users are idiots.
md5 encryption.Solutech wrote:Pretty hard not to see the passwords when you have to set the oper block for them
I get my opers to encrypt it,and i put the encrypted password into the file. I never see the pass