UnrealIRCd Forums

Does anyone know how to make a port java only? To where no other mIRC clients, etc, can connect? I am have been having some problems with clone floods abusing my java port and they use proxies.

You can't make a port java only.

You could use a password protected allow block and put the password in the java applet... but of course this can still be found out...

What would I put in the applet to make it have a password?

And what would I change in the .conf file?

That depends on your applet. Read it's documentation.

In unrealircd.conf, you have to modify the allow block.
Read the documentation about allow blocks:
http://www.vulnscan.org/UnrealIRCd/unre ... allowblock

Unreal doesn't know the difference between mIRC and Java. mIRC and Java are both clients, connect as cliends, and act like clients.

The only way to make Unreal know the difference would be to modify java client so the java client sends something to Unreal when it connects.

You would also need to modify Unreal (because I dont think modules have the ability to do this) to check for the extra thing the java sends, and disconnect the user is it is not sent.

However mIRC can be easily scripted to do something similar and still be able to connect on the same port.

Aye other servers like chatspace for instance can do this but again anyone with some experience can still spoof their way in on mirc.

Best bet for proxies is bopm that will give em a head ache lol .

Anything put into the java applet ie specific idents etc are easy enough to figure out . If you dont want ppl in on mirc then you can always not disclose the port number and use something other than 6667 . Set your unreal clone limit so they cant clone . use countermeasures like security scripts. Some java clients will allow a version to be programmed . So you could always get the server to kill anything without the version in the java applet but again all you need to do is examine the java applet to discover it .

I found with clones if you find the spawner and gzline that it tends to stop the rest . Get your opers to watch out for the original connect and stop that first . most cloners will change their nick to match the clones nicks or appear similar so if nick Bob1 changes to lam3er5 and the clones are all lam3r or similar gzline that one first . then kill out the clones 1 by 1 .

But Bopm is worth a shot . It stopped my clone problem in its tracks .

That way the proxies are glined or whatever you set it to on connect so dont get into the server at all .

If you dont want ppl in on mirc then you can always not disclose the port number and use something other than 6667

This is very easy to figure out. Your machine keeps a list of all connections it has open. All you have to do is type netstat -a and you will see the port that it is using.

I use the IRCD's ban version on my java server and just ban all known IRC clients, so when you connect:


Closing Link: |StealtH|[207-255-*-dhcp.aoo.pa.atlanticbb.net] (IRC clients are not allowed on the java server. Use irc.******.us or irc.**********.com)
°
* Disconnected

I use the IRCD's ban version on my java server and just ban all known IRC clients, so when you connect:

Most clients let you change the version reply. mIRC is one of the few clients that doesn't. So basically, all I'd have to do is change it to an unknown version and I could connect. And actually, I generally have CTCP VERSION disabled on my client.

most java only servers are CR and the java applet sends NICK <nickname> <website address>
then cr can check the website address, but it is easily spoofed with mirc...

The simplest solution is this: put a password on all of your allow blocks, and code the password into the java client (hardcode it if you can? else you'd have to probably put it in the <PARAM> whatever thing which would be bad if someone knows how to view source >_> ).

aquanight wrote:The simplest solution is this: put a password on all of your allow blocks, and code the password into the java client (hardcode it if you can? else you'd have to probably put it in the <PARAM> whatever thing which would be bad if someone knows how to view source >_> ).

ngrep .*PASS.*

And that would show me the exact line the java chat is sending.