July 2013 - DALnet-src - nomad.dal.net

Unicode UTF-8 chars in channel names
by Krzysztof Staniorowski 15 Apr '14

15 Apr '14

Hello, due to various reasons I discovered a weird bug. The #plock name comes from polish small city's name: Płock. I created #plock, then someone created #płock (yup, with Unicode "ł" letter) and this may lead to potential user theft (or even phishing!). Is it usual that Bahamut IRCd allows Unicode chars in channel names? Yours sincerely, ksx4system -- Krzysztof Staniorowski WWW: ksx4system.net GSM: +48 785 793 053

2 1

User hostmasking
by Holbrook Bunting 19 Jul '13

19 Jul '13

(If any of you got this twice, apologies, sent it from the wrong address the first go) So, the idea of user hostmasking was brought up on the dalnet-src@ mailing list a few weeks ago and since we already have the ability in bahamut (via SVSHOST) to have services change a users hostname at anytime, I am thinking why not do this on a global scale? efnet (and others using the same ircd) have the ability to give specific users their own custom host, on a server level, like handing out I:lines. We already have infrastructure setup for management of things in different areas via services (nickname/channel ownership, akill, etc). On a small network I had running, I built into my services a way to allow users to set a "custom" hostname into NickServ done on the nick level, which worked a little like the /ns set url - command. To create a new host for nick xyz (whilst using that nick), I would use; /ns set host some.random.hostname. To turn off that option: /ns set host - To minimise potential abuse, a list of hostmasks would say no you can't set your hostname to have the word "dalnet" or "staff" or "*.dal.net" in it. If the user tried to set their host to be the same as another users host or ip, it would deny the request. Finally, once a hostname was set, services would not allow them to change the hostname for that nick again for 1 week (unless it was to turn it off). For any other potential abuse problems that someone might cause, there was a kill switch which a CSOp could use to disallow the user from setting a custom host (kinda like freeze), remove any existing host already set. This automated system looked beneficial in that any user could create their own unique hostname without having a bureaucratic system of having a specific team of opers having to grant or deny any request on a one-by-one basis. So, with my system, when does services issue the SVSHOST command (aside from when using /ns set host)? The answer is it would happen when they /identify to their nickname (or another nickname that they aren't currently using) with a separate NOHOST option at the end for if they don't want the host applied at that time. Does a system like this sound of interest to anyone? Does anyone think something like that would be too open for potential abuse? Does anyone have any differing views on how to best setup a user hostmasking system for the network? Thanks, Holbrook aka zort aka srd

6 12

User hostmasking
by Holbrook Bunting 19 Jul '13

19 Jul '13

So, the idea of user hostmasking was brought up on the dalnet-src@ mailing list a few weeks ago and since we already have the ability in bahamut (via SVSHOST) to have services change a users hostname at anytime, I am thinking why not do this on a global scale? efnet (and others using the same ircd) have the ability to give specific users their own custom host, on a server level, like handing out I:lines. We already have infrastructure setup for management of things in different areas via services (nickname/channel ownership, akill, etc). On a small network I had running, I built into my services a way to allow users to set a "custom" hostname into NickServ done on the nick level, which worked a little like the /ns set url - command. To create a new host for nick xyz (whilst using that nick), I would use; /ns set host some.random.hostname. To turn off that option: /ns set host - To minimise potential abuse, a list of hostmasks would say no you can't set your hostname to have the word "dalnet" or "staff" or "*.dal.net" in it. If the user tried to set their host to be the same as another users host or ip, it would deny the request. Finally, once a hostname was set, services would not allow them to change the hostname for that nick again for 1 week (unless it was to turn it off). For any other potential abuse problems that someone might cause, there was a kill switch which a CSOp could use to disallow the user from setting a custom host (kinda like freeze), remove any existing host already set. This automated system looked beneficial in that any user could create their own unique hostname without having a bureaucratic system of having a specific team of opers having to grant or deny any request on a one-by-one basis. So, with my system, when does services issue the SVSHOST command (aside from when using /ns set host)? The answer is it would happen when they /identify to their nickname (or another nickname that they aren't currently using) with a separate NOHOST option at the end for if they don't want the host applied at that time. Does a system like this sound of interest to anyone? Does anyone think something like that would be too open for potential abuse? Does anyone have any differing views on how to best setup a user hostmasking system for the network? Thanks, Holbrook aka zort aka srd

1 0