UnrealIRCd Forums

Welcome to the UnrealIRCd Forums!
https://forums.unrealircd.org/

forum integration / IP monitoring

https://forums.unrealircd.org/viewtopic.php?t=5437

Page 1 of 1

forum integration / IP monitoring

Posted: Sun May 04, 2008 7:16 am
by marx
Hi there,

I am hositng my first IRCD and having a great time of it.

Anyway, instnat bad news - someone who hates me (to the point of threatening to murder me) is impersonating my forum members.

I use a java applet to allow my board members to enter the ircd automatically using their board names to make life easier for them (most are computer illiterate) and so the vast majority don't konw what 'nickserv' or such is. However, this 'claimed' hacker is impersonating board members in efforts to be able to stay on the ircd. Every time i realise it's him, i kill him and keep his proxy'd ip in the kline list - hopefully, he'll start running short of proxies soon.

So, I ahve asked one of the heaviest users of the irc room to help with monitoring and checking whehter this user is really from the board or just an impersonator.

My current method to check is to check the IP address as each person joins. Then, I go to the board, find a recent post of theirs and see if the IP/host matches up. If they're completely different - I assume it's the hacker. If they match, I know they're legit.

However, the person I've asked to help is agreeable, but can't see behind the masked IP's - he doesn't have any special access.

Is there a way for me to allow him to see full IP addresses once he's identified to nickserv?

Cheers

Re: forum integration / IP monitoring

Posted: Sun May 04, 2008 10:24 am
by Casper
What you're looking for is BOPM, a proxyscanner which scans any new connection to the IRCd. Download it here and read it's documentation (Unreal needs some special settings) here

Re: forum integration / IP monitoring

Posted: Thu May 08, 2008 7:33 pm
by marx
Although I am investigating the BOPM situation, could I not add him as an OPER (IRCOP) and limit his flags to be able to see IP address and kill users (and /sajoin/sapart)?

Re: forum integration / IP monitoring

Posted: Thu May 08, 2008 8:20 pm
by Jobe
marx wrote:Although I am investigating the BOPM situation, could I not add him as an OPER (IRCOP) and limit his flags to be able to see IP address and kill users (and /sajoin/sapart)?
Well for him to get /sajoin and /sapart, you need to give him at least services-admin which gives him a whole host of other privileges by default.

Re: forum integration / IP monitoring

Posted: Thu May 08, 2008 9:04 pm
by marx
Thanks for the prompt reply, can I just confirm I udnerstand correctly. To add my chosen member as an IRCOP able to read IP's and /sajoin/sapart, I would edit my opers.conf to read:

Code: Select all

oper  berty-basset {
        class           opers;
        from {
                userhost *@XX.XX.XX.XX;
        };
        password "XXXXXXXXX";
        flags
        {
                local;
                services-admin;
                helpop;
                get_host;
        };
        swhois "Administrator";
        snomask frebWqFv;
};
?

Re: forum integration / IP monitoring

Posted: Thu May 08, 2008 9:39 pm
by Jobe
Well because you added "services-admin" the local flag is effectively useless and ignored, also helpop is assumed with any of "local", "global", "co-admin", "admin", "services-admin" or "netadmin"
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited