UnrealIRCd Forums

yeah, those are not "random" enough.. or actually: it could be legit nicks/words, that's why it doesn't kill them.
Basically what antirandom checks is combination of letters that are (very) uncommon for english language (eg: qgn).
Something like 'scib', 'ufws' and 'kjax' could all be "legit" :p.
Another thing is that the "random part" of the nicks are too short to get a reasonable score I guess.
[I didn't feed them into antirandom to see what happens, but those things come to my mind -- perhaps there is room for improvement, but we are talking near-limits here]

So basically, that's a limitation of antirandom... I'm afraid it cannot do everything for you ;). Since there's a clear pattern, I guess you'll have to spamfilter w/target u ;p.

Thanks Sysop,
It's a great module and has helped me tremendously. I've been watching all the denys (and going blind), just to see the patterns and learn how this is working and what it will catch and not catch.

I appreciate all the things you and the other coders have done for me and other Unreal users all these years.

Thanks again,

Dana

Syzop wrote:Like I said, it already does *JUST THAT*.

Code: Select all

[22:28:41] -maintest.test.net- *** Notice -- [antirandom] denied access to user with score 30: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!syzop@localhost:x x

okay, yesterday i had to help out another net ... they also use antirandom ... and i got the snotice from antirandom ...

on my net i don't get them ... although, show-failed-connects is active ...

go these notices just to the local opers (on the server blocking the user) or should they go to all opers on the net?

searching the sources didn't help me out ... my c(++)-knowledge is too bad for that ...


do i need a special oper-mode / snomask to see the notices?


sorry for annoyance

Those messages go to all locally connected opers (if show-failedconnects is enabled indeed), no snomask is needed.