Page 1 of 1

BOPM Configuration issue with http ports

Posted: Sun May 01, 2005 11:01 am
by Michael
Hello,

I'm new to running IRCD's but have successfully configured Unreal and IRCServices for my IRC Server. Things have been running well but I've been doing some research regarding the use of bopm and I have some questions.

I've been reviewing the config file and have a bopm running on my server but I have some questions concerning the portion of the config file that relates to the http ports in particular. I am also running a webserver from this same server (actual server machine) and would like to know if the configuration of the bopm can or will have an effect on this webserver as it is currently configured (the defaults). The area in question is as follows:

Code: Select all

 * HTTP CONNECT - very common proxy protocol supported by widely known
	 * software such as Squid and Apache.  The most common sort of
	 * insecure proxy and found on a multitude of weird ports too.  Offers
	 * transparent two way TCP connections.
	 */
	protocol = HTTP:80;
	protocol = HTTP:8080;
	protocol = HTTP:3128;
	protocol = HTTP:6588;

	/*
	 * SOCKS4/5 - well known proxy protocols, probably the second most
	 * common for insecure proxies, also offers transparent two way TCP
	 * connections.  Fortunately largely confined to port 1080.
	 */
	protocol = SOCKS4:1080;
	protocol = SOCKS5:1080;

	/*
	 * Cisco routers with a default password (yes, it really does happen).
	 * Also pretty much anything else that will let you telnet to anywhere
	 * else on the internet.  Fortunately these are always on port 23.
	 */
	protocol = ROUTER:23;

	/*
	 * WinGate is commercial windows proxy software which is now not so
	 * common, but still to be found, and helpfully presents an interface
	 * that can be used to telnet out, on port 23.
	 */
	protocol = WINGATE:23;

	/*
	 * The HTTP POST protocol, often dismissed when writing the access
	 * controls for proxies, but sadly can still be used to abused.
	 * Offers only the opportunity to send a single block of data, but
	 * enough of them at once can still make for a devastating flood.
	 * Found on the same ports that HTTP CONNECT proxies inhabit.
	 *
	 * Note that if your ircd has "ping cookies" then clients from HTTP
	 * POST proxies cannot actually ever get onto your network anyway.  If
	 * you leave the checks in then you'll still find some (because some
	 * people IRC from boxes that run them), but if you use BOPM purely as
	 * a protective measure and you have ping cookies, you need not scan
	 * for HTTP POST.
	 */
	protocol = HTTPPOST:80;
Can someone explain what this particular area of the config does and also indicate whether or not this portion of the config will impact my webserver in any way? Does Unreal have ping cookies as described in the last portion of the config shown here?

Any and all comments are welcome.

Posted: Sun May 01, 2005 1:57 pm
by w00t
All bopm does is detect clients with open proxies. The http stuff it's talking about there are types of proxies :).

Posted: Mon May 02, 2005 9:08 am
by Michael
Thanks for the reply w00t, it's much appreciated.

Forgive my ignorance, but how is an http proxy going to affect my Unreal server? I guess my problem is I don't understand how a proxy, on those ports is going to affect me when the ports for the server is on completely different ports.

Is it even possible for a user to use an http proxy on let's say port 80 and get on my Unreal server?

If you have a link which explains this or if you could elaborate on how this would affect my server, I'd appreciate it.

Thanks,

Posted: Mon May 02, 2005 1:04 pm
by Matridom
Michael wrote:Thanks for the reply w00t, it's much appreciated.

Forgive my ignorance, but how is an http proxy going to affect my Unreal server? I guess my problem is I don't understand how a proxy, on those ports is going to affect me when the ports for the server is on completely different ports.

Is it even possible for a user to use an http proxy on let's say port 80 and get on my Unreal server?

If you have a link which explains this or if you could elaborate on how this would affect my server, I'd appreciate it.

Thanks,
It's to detect people who are going through a proxy server to connect to your chat. It cut's down on IP spoofing and gives a greater chance of getting accurate IP's of connecting users. As a result, bans tend to work better.

Posted: Mon May 02, 2005 2:39 pm
by Michael
Matridom,

You misunderstood my questions. I know why we use a bopm and how it does it, my question is related to the http ports and why I would need those ports within the bopm config enabled when those ports are closed on my IRCD.

Thanks,

Posted: Mon May 02, 2005 3:51 pm
by aquanight
It's not going to scan your server for proxies. When a user connects, BOPM scans the IP of that user for open proxies. If it finds any, it drops in a nice K/G-Line for that user on the network. An unsecured HTTP proxy is one of the proxies BOPM will check for, meaning BOPM will check the connectiong user's system for those ports, not yours.

Posted: Mon May 02, 2005 7:54 pm
by Winbots
HTTP Connect proxy can connect to IRC just as well as a socks proxy or any other proxy....
[<snip>@Alaska <snip>]$ telnet 200.103.141.81 6588
Trying 200.103.141.81...
Connected to 200.103.141.81.
Escape character is '^]'.
CONNECT alaska.winbots.org:6667 HTTP/1.1
<enter>
HTTP/1.1 200 Connection established

:Alaska.winbots.net NOTICE AUTH :*** Looking up your hostname...
:Alaska.winbots.net NOTICE AUTH :*** Checking ident...
:Alaska.winbots.net NOTICE AUTH :*** No ident response; username prefixed with ~
:Alaska.winbots.net NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead
USER Cobi 1 1 :test
NICK Test1
:Alaska.winbots.net NOTICE Test1 :*** If you are having problems connecting due to ping timeouts, please type /quote pong 685DCCDE or /raw pong 685DCCDE now.
PING :685DCCDE
PONG :685DCCDE
:IRC![email protected] PRIVMSG Test1 :VERSION
:Alaska.winbots.net 001 Test1 :Welcome to the Winbots IRC Network [email protected]
:Alaska.winbots.net 002 Test1 :Your host is Alaska.winbots.net, running version Unreal3.2.3
:Alaska.winbots.net 003 Test1 :This server was created Sun Mar 13 2005 at 18:49:22 EST
:Alaska.winbots.net 004 Test1 Alaska.winbots.net Unreal3.2.3 iowghraAsORTVSxNCWqBzvdHtGp lvhopsmntikrRcaqOALQbSeIKVfMCuzNTGj
:Alaska.winbots.net 005 Test1 CMDS=KNOCK,MAP,DCCALLOW,USERIP SAFELIST HCN MAXCHANNELS=20 CHANLIMIT=#:20 MAXLIST=b:60,e:60,I:60 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 MAXTARGETS=20 WALLCHOPS :are supported by this server
:Alaska.winbots.net 005 Test1 WATCH=128 SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=beI,kfL,lj,psmntirRcOAQKVGCuzNSMTG NETWORK=Winbots CASEMAPPING=ascii EXTBAN=~,cqnr ELIST=MNUCT STATUSMSG=~&@%+ EXCEPTS INVEX :are supported by this server
:Alaska.winbots.net 251 Test1 :There are 68 users and 29 invisible on 10 servers
:Alaska.winbots.net 252 Test1 14 :operator(s) online
:Alaska.winbots.net 254 Test1 43 :channels formed
:Alaska.winbots.net 255 Test1 :I have 9 clients and 9 servers
:Alaska.winbots.net 265 Test1 :Current Local Users: 9 Max: 203
:Alaska.winbots.net 266 Test1 :Current Global Users: 97 Max: 841
:Alaska.winbots.net 375 Test1 :- Alaska.winbots.net Message of the Day -
:Alaska.winbots.net 372 Test1 :- 13/3/2005 23:00
:Alaska.winbots.net 372 Test1 :- Welcome to Winbots!
:Alaska.winbots.net 372 Test1 :- You are on Alaska.
<snip>
:Alaska.winbots.net 372 Test1 :- No bottler clients please.
:Alaska.winbots.net 376 Test1 :End of /MOTD command.
:Alaska.winbots.net NOTICE Test1 :Quote: Canadian DOS: "Yer sure, eh?" [y/n]
:Test1 MODE Test1 :+iwx
:Defender![email protected] PRIVMSG Test1 :VERSION
:Arizona.winbots.net 372 Test1 :***** Services Info *****
:Arizona.winbots.net 372 Test1 :Welcome to Winbots IRC IRC Network
:Arizona.winbots.net 372 Test1 :Arizona.winbots.net Running KickServices0.58( unstable)compiled Feb 27 2005 08:43:09
:GameServ![email protected] NOTICE Test1 :Hello, Test1! This network utilizes a services package called GameServ. For info on how to play the game, type /msg GameServ help.
:Arizona.winbots.net 372 Test1 :Services On-Line 2 days, 17:05:20
:Arizona.winbots.net 372 Test1 :Type /MOTD Arizona.winbots.net for info about the Services Admin.
:Arizona.winbots.net 372 Test1 :Type /Msg HelpServ CREDITS for Credits peoples
:Arizona.winbots.net 372 Test1 :***** End Services Info *****
:Global![email protected] NOTICE Test1 :Welcome to Winbots IRC, Test1! Your nick is unregistered. Here on Winbots IRC, we provide our users with services that allow you to own your own nicks and channels. For more information, type: /msg NickServ help or /msg ChanServ help.
:Global![email protected] NOTICE Test1 :12Logon4News: [LOGON NEWS - July 24, 2004] Warez Is STRICTLY Forbidden
:Global![email protected] NOTICE Test1 :12Logon4News: [LOGON NEWS - July 24, 2004] By Connecting to this network you Agree that you will be held responsible for your actions
:SecureServ![email protected] NOTICE Test1 :Your IRC client is being checked for Trojans. Please dis-regard VERSION messages from SecureServ
:SecureServ![email protected] PRIVMSG Test1 :VERSION
:Alaska.winbots.net NOTICE Test1 :*** You are banned from Winbots (Detected an insecure proxy on your host.)
ERROR :Closing Link: Test1[200.103.141.81] (User has been banned from Winbots (Detected an insecure proxy on your host.))
Connection closed by foreign host.

Posted: Mon May 02, 2005 8:31 pm
by Michael
Great !!

Thanks a lot you guys!