IRC-Junkie.org – IRC News

All about Internet Relay Chat

Happy 15th Birthday, freenode!

christel of the freenode network writes in a posting on the staffblog about the beginning of freenode, which started 15 years ago.

15 years ago, on January 29th 1994 Rob (lilo) Levin first joined the channel #linuxneo on the EFNet IRC network. This date has since been referred to as the conceptual moment, the foundation, the cornerstone which later led to the network you now know as freenode.

She continues to tell how freenode became a network of its own, which happened after the channel has been through several moves over various networks to finally become irc.linpeople.org in 1995 – and “a few name-changes later and we’re freenode.”

Freenode nowadays mostly consists of channels for the F/OSS community – “from the Wikimedia Foundation to various Linux distributions (Fedora, Gentoo, Redhat, Suse to name but a few) to the Free Software Foundation to .. the list goes on and on and on.. and is currently peaking at “just over 52,000 daily users, spread across FOSS and other peer-directed communities.”

Closing the posting she writes:

So, to each and every one of you, to each and every project on the network, to Free and Open Source Software, to the exchange of ideas and information, to the memory of lilo — A very happy 15th birthday to freenode!

And to each and every user and to all the volunteers, past and present — thank you for making this possible!

Happy Birthday freenode from here too – may there be at least another 15 years to follow! :)

freenode testing a new IRCd

freenode, the network hosting the channels for many free / opensource projects – who just recently announced that they have surpassed the 50,000 users mark – do have big news again.

Existing since 1995 as a stand-alone network, it’s gone through a few IRCds already – from ircu to dancer-ircu then dancer-hybrid and hyperion now.

Being in use since August 2005 now, hyperion could see it’s end-of-life on freenode pretty soon as this blog post, asking for users to get aboard the freenode testnet, might indicate.

ircd-seven is the name the new IRCd is called, which is based on charybdis which in turn is based on ircd-ratbox. This should prove as being a very stable codebase as ratbox is the main IRCd used on EFNet and therefore is used on a large scale for quite some time now.

Since “neither ratbox nor Charybdis implements freenode’s more unique features, such as ban-forwarding or hidden IRC operators” a small team of developers started modifying the code, consisting of only one main dev, a few upstream contributors and the occasional contribution by volunteers. Today, according to christel of freenode, the project is “fairly close to completion, it needs a few tweaks to some staff-only functionality, but most of it’s there”. Asked about an anticipated release date, christel replied that they’re “looking at early next year if everything is going after plan”.

A few of the new features already have been publicized, amongst them are SSL-support for both servers and clients where hyperion only did S2S compression and haven’t had any encryption neither for users nor servers so that’s a big leap forward to the 21st century. Also the channel ban system has been reworked and the username prefixes (i= and n=) are gone for good ;) and ~ is used to indicate a non-identd username instead as most other IRCds do too.

The way you can identify on connect also has been changed and you can now sign in to an account without having to use a nickname that is linked to it by specifying it in the form of accountname:password in the server-password field. You can also do that using SASL provided your client supports it – only irssi and Conspire do that as of now.

Being asked if there are even more features coming up or if the features in the posting are complete, christel replied “Oh, theres definitely a few more surprises in store!”.

To check out the new IRCd yourself, connect to testnet.freenode.net on port 9002 for normal connections or 9003 for SSL encryption. The ircd-seven bugtracker is located here – you can also download the IRCds sourcecode there.

Thanks to TheXception for the tip & thanks to christel for the interview! :)

How to protect an IRC network from spam

Dealing with spam is something every IRC network had to do in the past, present or even maybe in the future.

If it is somebody that is trying to give your network a bad name, a trojan horse that tries to infect your users or just someone that tries to annoy you and your users doesn’t quite matter, spam probably has been an issue as long as IRC has existed.

Luckily, there are quite a few methods and ways to counter-act on it.

First thing should be educating your users to not click on anything that has been sent to them unsolicited – or performing any commands that promise them to “get free ops” and what else is going to be tempting to some – or they also might unwillingly and unknowingly join the spammers.

There are many (semi-) automated means to combat spam, mostly depending on what software you use – or are willing to use – on your network.

Some IRCd’s, such as Unreal or InspIRCd, already have built-in functionality to filter spam in any part that is visible to other IRCers – those however require that someone notices the spam and adds a regular expression to block and act upon it.

Completely automated ways to combat drones and malicious users include setting up a proxy scanner using DNS blacklists, or DNSBLs for short. There are extensive lists of various blacklists available on the internet but only some of them are meant to be used exclusively for IRC so choose wisely.

But what if the IRCd of your choice doesn’t support spamfilters and you don’t want to use DNS-based blacklists? IRCDefender is a software that could provide you with such functionality by adding a “pseudo-server” to your network which sole purpose would be checking for spam and everything else you configure it to do.

Neostats is another service that can help you combat malicious activity – it might even already be installed so you only would need to add the SecureServ module to it to have an additional layer of protection available.

So, since preventing spam also somewhat pertains to security, the same rules apply to it: you rather have a few layers to prevent something bad from happening than depend on a single line of defense.

Please share your tips what you do about spam on your network as well as stuff i might have missed :)

  Copyright secured by Digiprove

EFNet IRC net and Website get hacked

irc-junkie.org tried to get in touch with EFNet to comment on the happenings to no avail but got instead contacted by the hackers themselves.

The hackers, identifying themselves as “2l8″, allegedly killed off the IRCd on efnet.nl and relinked with their “ircd with a custom-made patch iHaq wrote just for the occasion. Amongst other nifty features it had kill protection, automatic opering, hardcoded spoof (incase anyone got in and looked at hte config files) for us (root@your.servers) and a more dynamic, yet coded in spoof that gave every connected user a host like OWNED-#.MASSIVE.2l8.OWNAGE”.

When asked about their motives they replied “The current situation of morons running alot of the network … is unacceptable. It’s no wonder kids resort to DDoSing IRC-servers. We felt it was time to send a clear message: We Own You. We will always own you … Being on IRC is no different from being in a large crowd, there is no reason for you to act like you are 12 and a bitch.”

They however stated that they themselves are EFNet regulars “Some of us have been on EFnet for 12 years, so that would be a yes. With the current state of affairs tho, we might just pound it into the stone age and go hang-out on freenode or something were people actually behave like regurlar human beings …”

Asked about the techniques behind the hack they replied “This attack has concsisted of using privately developed Linux and FreeBSD remote kernel bugs, as well as certain daemon bugs(apache,openssh,bind,etc) as well as webapp bugs, and sniffing. However the technique so far has been to rely on people’s totally predictable egos. Most of these folks have an ego the seize of the Great wall of China.”

Talking about the hacked webpage http://www.efnet.org, which displayed gayporn titled “oper convention” for two days, they told “The EFnet admins (and opers + groupies) thought we played with DNS cache poisoning for days to get their website to show gay porn, however, we never even attempted that, as we owned their nameservers:)”

Closing the email they wrote “The 2l8 team, want to take his opurtunity to tell everyone that a little love and respect goes a long way. Admins, opers or users, you are all still just human, us included.

- It’s never 2l8 to start being nice.

- The 2l8 team: iHaq, iRoot, iPwn, iSniff.”

Of course, any comments from the EFNet side are more than welcome and if need be will be handled strictly confidential.

ChatSpike Migrates to Atheme IRC Services

ChatSpike is migrating to Atheme IRC Services (from ircservices 5 which we have been using since we started, 6 years ago)” Brain said to IRC-Junkie.

W00t explains why IRC Services no longer serves the network. “IRC services was and is a big influence on the IRC landscape, to me. It was one of the first packages to be OSS’d, it was actively developed over a long timeframe, and incorporated user feedback. It supported a wide range of IRC daemons, and was also one of the earliest packages to get modules support”

Its age was showing in the flexibility however, w00t, who is also a developer of Atheme IRC services explains: “some features have taken us hundreds of lines of code to write, including database handling and other horrific and repetitive code. Atheme has a more streamlined design that lets us tackle this in a RAD style, meaning new toys take a lot less time to get from the ideas stage to the point where our users can play with them.”

Additionally the maintainer of IRCservices Andy Church will be leaving the project soon making future updates too unsure for Chatspike’s needs.

Another reason to switch to Atheme is its better integration with the networks IRCd, InspIRCd. “In atheme [...] we can add and customize things specifically *for* ChatSpike a few light years quicker than we could in the past, new commands, new website integration features, anything becomes feasible instead of a pain in the ass.”