UnrealIRCd Forums

Welcome to the UnrealIRCd Forums!
https://forums.unrealircd.org/

Action = none??

https://forums.unrealircd.org/viewtopic.php?t=3450

Page 1 of 1

Action = none??

Posted: Fri Jun 23, 2006 4:41 am
by Jenny74TS
Is it possible for the following to work?

Code: Select all

spamfilter {
	regex "*cs identify*; *chanserv identify*";
	target {private; channel; private-notice; channel-notice; part; quit; dcc; away; topic; user; };
	action none;
	reason "Notice of channel identifying for possible channel stealing.";
};
Basically I'm wanting to set up a spam filter so if someone is trying to identify for a channel, if it can alert if the non-founder tries to hack a channel. It doesn't need an action, just a notice seen by the netadmins in their logs.

Posted: Fri Jun 23, 2006 11:54 am
by Syzop
We don't have this because it would allow easy spying.

You can use action warn, but this will send a message to the sender that a spamfilter got trigged... for precisely the reason I just mentioned above :P

Posted: Fri Jun 23, 2006 2:03 pm
by Jenny74TS
Understandable, if it's a possible filter, I'd be adding the specific channel cause one guy has had someone nail his channel already and he's wanting to figure out who so I would set it up to the specific channel to try and catch whoever is hacking into users channels. I can see who's listed as channel owner and successor so if whoever isn't one of those two, he's caught. How could I set up the channel without the ircd looking at the # as a comment out? or does it matter?

regex "*cs identify #channel*; *chanserv identify #channel*";

would that still work?

Posted: Fri Jun 23, 2006 2:51 pm
by Jobe
To be honest in my opinion it is the Channel Founder/Owner's responsibility to keep his/her channel secure and not that of the IRCops. If his/her channel has been hacked/cracked (i doubt hacked) then he/she obviously cant be using that strong a password in the first place and should perhaps try a stronger password.

An example of a stronger password would be one containing letters, numbers and/or puntuation with a mixture of upper and lower case.

The other point is this person should also be very careful who he/she trusts or maybe even to not trust anyone enough to give them +o in the channel.

Posted: Fri Jun 23, 2006 3:50 pm
by aquanight
You can't set a spamfilter specifically for a single target, and by default, /cs and /chanserv are excluded from spamfilter checking anyway.

If you have anope, you could just switch on the logchannel option, which will cause anope to log everything to a channel of your choice (usually you want to pick a channel restricted to ircops or something). Including IDENTIFYs to ChanServ (both failed and not). Or, if your version is recent enough, remove cs_identify from the core modules to disable /cs identify altogether (I have to ask, what the bloody heck is the point in that thing?!).

Posted: Fri Jun 23, 2006 4:13 pm
by Jobe
The alias block has an option as to whether it is affected by the spamfilter. Not sure if this includes filters added by /spamfilter but im pretty sure it includes spamfilter blockas as well.

If you was to add spamfilter blocks to accept /cs and /chanserv for example you would also make sure they are affected by the spamfilter.

Posted: Fri Jun 23, 2006 4:18 pm
by Jason
To find out who stole the channel before, read your services logs.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited