EGs Project for Atheme

EGs (EpicGeeks Services) is the newest Open Source Web Interface for the Atheme IRC Services Package. It was developed by Joseph Newing (synmuffin), a developer living and working on Ontario, Canada. J. Newing is currently the only developer of the EGs Project.

The requirements for running the EGs Project

EGs currently has support for the following:

ChanServ – Channel Info, Topic Changes, Kick/Ban/Akick A User, Channel Flags.
NickServ – Nick Info, Password Changes, Email Changes.
MemoServ – Read/Send/Receive/Forward Memos.
HostServ – View Available vHosts, Request New vHost.
OperServ – Global Messages, Akill, Set SuperAdmins, Load/Unload Modules, Rehash Services.

The EGs Project is currently in 3.1 Beta Version, Released on Feb. 24th, 2012. It works with the latest stable version of Atheme IRC Sevices as well as a few older versions. The project has Https support as well as New User Registration.

EGs is currently taking feature requests, as well as allowing features to be developed and sent to synmuffin to review and possibly added to the public version. If you think you deserve access to the git repo, please come talk to synmuffin on IRCMojo

More information can be found at the EGs Development Page

IRC Defender arbitrary code execution exploit

Yesterday, news broke that there is an arbitrary code execution exploit within the still popular IRC security service IRC Defender which is, according to the reporter, being actively exploited.

The flaw is said to be within the InspIRCd link module for which a patched version exists, but according to the original post to the IRC-Security mailinglist there are more flaws within the InspIRCd link module and also within the UnrealIRCd link module.

The original poster on the mailinglist suggests to get rid of IRC Defender immediately and to replace it with something else (have a look at Omega Security Services) and also to check for signs of recent intrusions which have taken place on or after 15th November. He also urges to look out for rogue entries in ~/.ssh/authorized_keys and look for suspicious processes.

So far, at least three networks seem to have been exploited due to this flaw – the highest profile victim so far seems to be the hack of the AnonOps network which also seems to have been possible due to that flaw – contrary to the rumored Anope 0-day.

Original post on the IRC-Security mailinglist is here (needs registration).

Thanks to alyx for the tip etc!

The patched inspircd12.pm link module can be obtained from here.

Mibbit has been compromised

On August 14 a cracker group claiming to be “hackers” named HTP broke into Mibbit, the popular web chat client for IRC. According to their temporarily “rescue” blog the break-in only affected their IRC network, their primary blog and their Wiki. NickServ passwords in clear text were released later the same day by the HTP, as well as personal information regarding several staff members. Both their IRC O-line passwords as well as their NickServ passwords, home addresses and phone numbers were published to the public via a range of file hosting services, and Pastebin.

Something perhaps even more concerning is that the group has revealed not only channel logs, but logs of private messages. It appears like Mibbit has been logging what people have said in PM to each other over their network. According to official statements, this was only a test. Some people have heard that Mibbit has been logging all messages going through their systems. Mibbit has never logged anything, unless a user wants to enable logging. The leaked message logs were captured by a staff member, and not by Mibbit’s system, according to official statements. While this is fully legal, the level of ethicality has been questioned.

The web IRC client that can be used to connect to almost any other network, which is what made them famous, has not been affected. It is operating normally.

All NickServ passwords were stored in plain text, and that raised a concern for those who are interested and engaged in enforcing security. According to staff member pottsi password hashing was not done because that would “means sendpass and getpass would not work”. Another staff member, Joshua, claimed that password hashing was not done because it was too much work to convert all passwords. This has however proven to be incorrect, at least if they used a plain copy of Anope. In Anope’s module database, there is a module called enc_switchover. It’s fairly easy to migrate from one encryption method, or none, to another, using that module. In addition to that, the Anope module ns_resetpass will allow users to reset their passwords despite encryption taking place.

Many people, especially IRC administrators, are now questioning Mibbit’s reliability and some are considering to block access from the web service, just like one of the largest networks, freenode, did a couple of years ago. This is mainly due to the question whether they log messages there too, which would go against many networks’ policies.

The Mibbit team is now working very hard to bring all services back up again. At the time of writing, ChanServ and NickServ on their network is down and staff members are forced to use /samode if they need to get op. They advice everyone who had a NickServ account registered in April or earlier, this year, to change password.

IRC Statistics Software Comparison

Today we shall have a look at the various possibilities available for statistics of activity on IRC, should you decide you want to have some pretty graphs detailing the happenings in a channel or on a whole network.

Most programs presented in this article parse logfiles generated by a variety of IRC clients, with the exception of phpDenora/Denora which needs to be run as a network service to gather its stats. However, both solutions can supplement one another as one may gather and display information that the other does or even can not.

All screenshots show results generated from the same logfile so you can directly compare the output of each software – only the output of phpDenora is taken from a live network and does not represent the numbers shown in the other screenshots. Also, it should be noted that all programs have been tested in their default configuration and most provide a host of options that may output even more detailed and fancier statistics so YMMV.

mIRCStats

Language: Pascal
License: Shareware (Full Version starting from 12$/€)
Type: Log-parser
Logformats: irssi, mIRC, Trillian, Eggdrop, irssi, HydraIRC, ircle, BNC, miau, Winbot, XChat
Output: HTML
Support: Forum

mIRCStats IRC Statistics

mIRCStats is one of the older and more well-known packages out there but also the only one in this comparison that is licensed as shareware. However, with paying you get access to even more advanced output and graphing options and put food on the developers table

The statistics it outputs leave nothing to be desired, not even in the shareware version. mIRCStats supports a wide variety of IRC clients it can parse logs from and adding new parsers is trivial – just edit a textfile that defines how certain events “look” in the log. There even is an option to automatically upload the generated files via FTP to a server of your choice so the statistics will always be up-to-date.

One downside of mIRCStats is that it is a Windows-only program which means you’ll need an always-on Windows machine that will parse the log and generate the stats if you plan on periodic updates of your stats.

pisg (Perl IRC Statistics Generator)

Language: Perl
License: GPL
Type: Log-parser
Logformats: XChat, mIRC, Eggdrop, BitchX, irssi, virc98, dancer, Trillian, Grufti, mbot, Winbot, zcbot, muh, Energymech, ircII, psyBNC, ircle, infobot, axur, bobot++, oer, perlbot, Vision, pircbot, KVIrc, HydraIRC, sirc, moobot, supybot, blootbot, dircproxy, Konversation
Output: HTML
Support: #pisg

pisg IRC Statistics

pisg also is a logfile parser and, as the acronym suggests, is written in Perl which makes it multiplatform / multiOS.

The statistics it generates in its default configuration are detailed but beyond that pisg is very extendable and provides many options to further customize the output and statistics parsed and graphed by it – the documentation explains most if not all possible settings in detail. If you are using a client whose logformat is not in its extensive list of supported and supplied parsers you can create your own provided you have some knowledge of regular expressions.

With pisg, the parsing of logfiles can be automated by adding the command to cron or Task Scheduler and if you want to generate statistics for multiple channels you can easily do so by configuring it via its config-file instead of passing commandline arguments to the executable.

risg (Ruby IRC Statistics Generator)

Language: Ruby
License: MIT
Type: Log-parser
Logformats: irssi
Output: HTML, XML, Console
Support: #risg

risg IRC Statistics

risg, short for “Ruby IRC Statistics Generator”, also is a multiplatform / multiOS logfile parsing statistics generator programmed in Ruby.

Currently it only parses logfiles that are in irssis’ default format however parser-support is modular and one could create his own parser based on the supplied one for irssi.

Statistics graphed by risg are a bit plain and not as detailed as they could be, but given the low version number and the fact that the software still is considered to be in an “experimental stage of development” things might as well change in the future. The lack of documentation besides a basic setup and usage guide is probably also attributable to the early stage the software is in but all in all risg has potential.

Being a commandline-driven program, risgs’ statistics generation can be automated and its output can be modified, used and mangled limited only by its users imagination.

superseriousstats

Language: PHP
License: BSD
Type: Log-parser
Logformats: Eggdrop, irssi, mIRC
Output: HTML, MySQL
Support: #sss-support

SuperSeriousStats IRC Statistics

superseriousstats is of the “logfile parsing” variety too but, to add another programming language to the mix, is written entirely in PHP. It uses a MySQL database for data storage which opens up quite a few possibilities on how and where you can use it besides the full statistics website.

The graphs and statistics sss generates aren’t overly fancy (did you expect anything else from software that calls itself “serious”?) but some customization options are provided so you can still tweak and fiddle with them. As with the previous packages, superseriousstats is to be used from the commandline and can be executed with any scheduling daemon – provided you have a recent version of PHP installed on the platform of your choice.

Extending the number of logformats / clients supported is just a matter of creating an appropiate parser for which you’d need to have at least a basic understanding of regular expressions.

Denora / phpDenora

Language: C / PHP
License: GPL
Type: Network Service
Logformats: -
Output: HTML, XML, MySQL
Support: #denora

phpDenora IRC Statistics

The combination of Denora and phpDenora is unique in that it is the only package in this comparison that must be run as a network service to gather its statistics.

The upside of this is that it can gather statistics and details the other packages can’t provide but on the flipside also means that you will need to have access to the IRC networks configuration or convince one of the admins to install it for you – otherwise you’re out of luck.

The statistics and graphs phpDenora displays are multifaceted & good-looking and due it being a network service it displays statistics for the whole network, not just one or a few channels. Denora introduces StatServ, a pseudoclient like NickServ, to the network that is able to display a selection of statistics in channel messages or notices to you.

Data parsed by Denora is available in a MySQL database or XML which makes it an ideal candidate for modeling the output your way. It should be noted that the successor for phpDenora, called MagIRC, is already in the works but is not anywhere near production-ready and therefore not suitable for most IRC nets.

Verdict:

All solutions generate useful and appealing results – one maybe a bit more than the other but in the end it’s all a matter of taste and largely depends on what you want to achieve.

If you’re looking to customize the output or scope of the graphs you should definately pick the solution that is written in the language you’re already familiar with or comfortable to learn.

What do you use to provide statistics on your network or channel?

Atheme IRC Services 5.2.0 released

The Atheme project just tagged version 5.2.0 of their IRC services package which contains quite a few interesting changes from the previous version, 5.1.1.

Atheme IRC Services Logo

Atheme 5.2.0 introduces a new database format called “OpenSEX” which is available as a technology preview in this release and will be mandatory once Atheme 6.0 is released. According to developer nenolod, the revised format was introduced to “remove legacy stuff and provide an extendable API“.

HostServ gained the OFFER command which allows opers to – surprise – offer vHosts to their users. All of ChanServ and NickServs SET commands are now seperate modules which can be loaded individually, allowing networks fine-grained choosing of which functionality they provide to their users.

When users register, NickServ can now make use of CrackLib which checks for weak passwords and either warns the user or even prevents registering when it determined the password isn’t secure.

The converter for databases from IRCServices has been improved and now is “generally more robust”. The rate-limiting feature has been expanded and now supports limiting commands to HostServ/Request, ChanServ/Register and NickServ/Register to prevent the services server from being overloaded.

The complete changelog can be found here and the download is available here.

www.IRC-Junkie.org – IRC News

All about Internet Relay Chat

Category Archives: Network Addons

EGs Project for Atheme

IRC Defender arbitrary code execution exploit

Mibbit has been compromised

IRC Statistics Software Comparison

Atheme IRC Services 5.2.0 released