Slashdot Mirror

Yeah, as long as your entire transaction consists of a single packet being sent to the server. It's not reliable after that.

Non-sense. DALnet has been using it now for years and the TCP connections to their anycast IRC servers appear to be perfectly reliable.

I've been working on my open source project for about ten years now, and it has played a major role in every single job that I've held.

I got my present job through someone I worked on the project with. I've been there 4.5 years.

I also got involved in a local unix users group by way of hearing about it from some friends of the open source project. The connections I made at that users group have gotten me the job I will be starting in one month.

My open source project, however idle it has been for the last several years, has contributed significantly and directly to my career.

And I've been looking for a job for over 5 months now, and mainly in tech support and system administration because really, no one wants to hire me for a coding job.

Get used to it. Unless you want to crank out business rules written in Java, systems administration/engineering/architecture is the place to be, IMHO. In those teams you can actually do work in C, mess around inside the kernel, and actually make use of all your skills. "Programmers" these days actually seem pretty boring unless you're working for a tech company that has an exceptional software engineering department doing something interesting.

Look a bit more closely at the nick of the person you're responding to...
http://www.dal.net/admin/teams.php3?teamid=6
Not saying it's not someone else just impersonating epiphani on /. of course... but...

Now, don't quote me on this as I may be wrong, but I'm pretty sure IRC still exists.

Say it with me... "mIRC is not a network."

IRC = Internet Relay Chat

mIRC = A particular program used to access IRC servers. See also X-Chat, Lirc, and many others.

Get an IRC server linked to DALnet. The DDoS attacks ought to max out that bandwidth.

Yes, to elaborate further in the comment in the story, the best way to establish this kind of 'identity' scheme is to make use of a set of services. Andy Church makes a very good IRC Services package which is available at http://www.ircservices.za.net which is more than capable for performing the task at hand.

You'll need an IRC daemon which is also able to be tightly integrated with services, and for that task, I recommend using Bahamut (available at http://bahamut.dal.net. As the URL implies, it's the same IRCd that DALnet uses. In particular, you're looking for a channel mode which restricts channel access to registered clients only. In Bahamut, this is the +R channel mode (which is different from +r.)

Services has a channel option known as 'RESTRICTED' which will only allow people who are on that channel's access list into the channel. Everyone else will be kicked and banned automatically by services. Thus, you can have reasonable assurance that everyone who's in the channel has A) identified to their registered nick with services, and B) is supposed to be in the channel, since they're on that channel's access list. Furthermore, the status of someone's identity can be checked by doing '/MSG NickServ STATUS ', where is the nickname you want to know the status of. NickServ will then tell you if the nickname is identified to properly (i.e. via a password.)

Some of the more advanced IRC options include replacing the ancient 'ident' system with something more modern. On IRC, anyone who isn't 'identified' has a tilde (~) prefixed to their username. However, since almost anyone can put anything in the ident reply these days, this has become practically useless (it used to be that you could tell, with reasonable assurance, what user was coming from what Unix box with ident -- not so anymore.) Instead, it's possible to setup an authorization scheme that makes use of IRC's 'PASS' command to also 'identify' to a unique username.

My Synchronet IRCd (http://www.synchro.net/docs/ircd.txt) makes use of this scheme by letting users be 'identified' whenever they provide the correct password and username that corresponds to the local BBS account (Synchronet is a very nice piece of BBS software for Linux/Win32/BSD/etc.) That way, a user coming online from a certain BBS without a tilde in their username is an indicator that they've identified correctly to their local BBS account. That's just one of the ways ident can be replaced to provide something more useful.

* Horny4u picks up the bra and looks at it
Horny4u: mind if I keep this to show my buddies later?
* nubile-f unzips Horny4u's jeans and slides her hand in, rubbing him gently
Horny4u: I need to pee now, brb
* Horny4u returns wiping his hands on his jeans
Horny4u: so ready to get it on baby?
yes...take me now..please take me
* Horny4u gets excited and pulls off nubile-f's panties
Horny4u: whoa baby! you really need to shave a bit you know? I'm going to need a safari suit to go in there
* nubile-f leans her burnished body back on the bed, spreading her long legs a little ...invitingly
* Horny4u pokes around a bit between nubile-f's legs with one finger
* nubile-f arches her back and sighs in ecstasy
Horny4u: ewwwww what's that?
what?
Horny4u: that little thing sorta sticking out
* nubile-f looks at Horny4u a little incredulously before pulling him down on top of her
* Horny4u leans in to kiss nubile-f and sneezes
urrrghhh
Horny4u: oops, sorry - let me just wipe that off your face
look, don't worry about it - let's just get on with it
* nubile-f starts to pull down Horny4u's jeans, her mind on one thing only
* Horny4u finds he can't get erect
what??????
Horny4u: I don't know, could have been those 2 6-packs I drank before I got here
* nubile-f pushes Horny4u off her and gets up, starting to put her ruined clothes back on
Horny4u: oooo baby wait, i'll be ok if I just think about some hot chick for awhile!
get out
* Horny4u pulls his clothes back on in a huff
* nubile-f taps her foot, waiting for Horny4u to leave
* Horny4u snorts
Horny4u: I bet you don't even like men
*** Quits: Horny4u (Quit: Gone)

Source: Typical Dalnet :)

There's more. Anyone who keeps up with IRC news knows that other networks such as IRC-Chat were very recently contacted by the MPAA, who asked them to take an active role in stopping file distribution. At this very same time, DALnet announces a nearly identical policy out of the blue, while claiming that it did so purely voluntarily.

If nothing else, that seems a little odd.

As a former DALnet operator / administrator and a rather long time user I can say that DALnet is simply continuing to shoot at an already bloody and bullet-riddled foot.

Way back in the day there was a lot of talk about banning child pornography (which is something that everyone can actually agree is morally wrong, as well as illegal). It was decided not to, on what I think was good advice, because the second you become a moderator of content you open yourself up to legal trouble if you fail to properly moderate that content.

Now some might say that DALnet isn't actually moderating any content, because it's worded in such a way that it simply disallows the channels. However, to disallow these channels DALnet must explicitly moderate content. It must find this 'abusive' content and put an end to it, thereby making it a moderator.

It is, in fact, the official position of DALnet staff (or so I hear) that this is the belief on the network. That the way this clause in their AUP is written prevents them from being considered a moderator. I think this is a big mistake on their part, and will ultimately come back to haunt them.

That said, DALnet has a long history of being utterly incapable of enforcing their own policies, and this is just one more of them that will probably not ever see any real enforcement. For example, DALnet was (when people could get on it) the haven of mass advertising, not to mention a breeding ground for drones and IRC worms. Despite some futile attempts to stop these activities, DALnet has been basically completely incapable of doing any serious work on these fronts.

To add to this, DALnet and its sponsors have been beleaguered by kiddies with a massive array of DDoS weaponry. They have utterly failed to address the issues which have, in large part, led to their current troubles. The main issue is that DALnet harbors a group of extremely absuive operators who basically take enjoyment out of pissing off the kiddies because they feel "invulnerable." Instead of actually just removing these destructive individuals, DALnet has kept them on and "told them not to do it anymore." Basically tantamount to saying "we don't care, keep DDoSing us."

I don't think that the few people left on DALnet right now need to worry too much about this policy, it won't likely be enforced much, if at all.

You can submit information to Dalnet via this URL.

-myndzi

Q: Why don't you talk to Steve Gibson of GRC.COM, he knows all about this stuff?

We already have many people working with us who are intimately familiar with DDoS attacks and how to deal with them.

It is a sad fact that it has been somewhat difficult to connect to DALnet for some time. There are several reasons for this, including ongoing attacks and a loss of servers. This weekend, these problems have increased. DALnet has been under an unusually strong, unusually persistent attack. These attacks are directed at all DALnet client servers, rather than just a few. The DALnet administration is working with service providers and with law enforcement to stop these attacks, but this is not an easy task. We apologize for the disruption, and ask that you bear with us through these difficult times.

Please visit website for more information.

Why am I mentioning this? BEcause this is probably the biggest DOS attack against such a major network that has been going on for, hold your breath, over 48 hours. If slashdot was attacked similarly, we wouldn't be reading it. I even doubt a massive service like livejournal can take such an attack.

According to their homepage, DALnet boasts 140,000 concurrent users. I'm not sure how each of these networks are measuring their numbers, but maybe this isn't quite a world record...

Pay for Windows? I thought it was free. Microsoft has posted their .iso files all over their public servers.

You have what I would call a superiority complex. I would say that is completely normal for a technically inclined or computer competant person. One thing you dont have, which is quite evident in your last statement, is a simple respect for your peers.

Now, I may not directly consider you a peer, for the simple fact that we differ on a number of simple comparitive issues. You are stuck in the past. Since you will most definitely ask for some type of proof of this, allow me to explain.

In your responce to the question regarding the recode of a fortran program, you responded:

First of all, yes, you should hold onto a program in FORTRAN "just because it works." Don't even talk to me about spending money replacing something that works.

Of course, your responce will be well, programs dont degrade with time. I say they do. Allow me to elaborate once again.

I've worked on a number of programming projects. One of which works perfectly, but we are still planning a complete rewrite of. For a matter of context, I'll involve the name. The Bahamut IRCd happens to be presently supporting over 130,000 simultanious connections between about 30 servers. It will probably be quite good until well over 200,000 connections. But we're rewriting it anyway. Because we've learned one thing the hard way. Dont wait for problems to come to you. Just because your software works fine with 10,000 users, doesnt mean its going to scale to 11,000 users.

Programming in *any* arena is not cut and dry. Programs are *never* "perfect", as you as a software developer should know. If you've worked on any project of any reasonable size, then you realize that there is a point where picking through old code to improve software isnt worth your time, and you can simply rewrite the whole damn thing to do what you want and accually have spent less time doing it.

no no no,

see, people have either used a local smtp server OR used spaces. This is obviously the work of a professional. No script kiddie could be THAT good. This guy probably has an AMD

Pat

(link is to a funny article)

Well, what was the agency that educated Bin Laden called again? Was it CIA? Its very convenient there are no 100% clear infringement laws on "infiltrating" in warez happenings. But how does fbi justify the horde of mad hackers that will emerge from sheer madness of not beiing able to leech from the "busted" site (still up?) while the siteops and fbi still leech all kinds of crappy warez for all we know? Ppl are so naive when they think FBI wants to stop criminal activities, they just dont want to miss out on anything. They were in fact after the power the siteops or those illegal warez sites. This project has been running for over a year? Yeah by then it probably got boring or something. An article like this maybe is good brainwash education material for FBI? adequacy.org This world is so full of hyprocrits. :/ Beiing cynical selfrighteous fuck as i am i could be seen as one as well tho i'm afraid. People just dont give a fuck anymore... Hell some even started praying to... (hmm god is so passe...) aliens to get abducted by.... erm aliens to do horrible things to them to make up for all the sins they commited. Hell you're commiting a crime with everything you do. Even by just living. Since the alien paranoia hype was obviously not having much of an effect maybe the FBI should start some waco cult again and give ppl some education in mass suicide? That would be helpful. Of course some sacrifices would have to be made , examples set but all for the greater good... USA tried to ban alcohol in the past, then drugs, now they try to ban zeroes ones. This is brave new world gone awry. You need to provide the masses with drugs on demand, not try to deprive them of it. Hmm am i complimenting the FBI now? If anything, if there is something positive that can be said about this busts its that the FBI is sincerely trying to educate some people or get their morals straight. But at what price? On a sidenote i would like to add i have only 1 DVD at the moment, Conspiracy Theory. And that i was in no way inspired to buy this because of this fbi bust, but have been the proud owner of this piece for over 6 months. I have Warez to thank for that, wouldnt have known about it otherwise maybe "Getting high on nuclear waste" now flame my self-righteous post.

• QuakeNet
• Undernet
• DALnet
• OpenProjects

Can anyone tell me what they're up to in the 'real' ones? I want to start watching those but I don't know where exactly they're at (Season 3 somewhere?)

Latest ep shown is 3.18 "Fractures". Final four episodes of the season coming in 2002.

Cheapest Farscape DVD's are to my knowledge at Black Star.

For the monetarilly challenged, eps can most easily be DL-ed via eDonkey2000 or IRC - channel #farscape-central on DALnet.

Yan

Check:
http://www.dal.net/wtc/
It has news (comfirmed and uncomfirmed) from the attacts..

You can find anything on IRC--legal, illegal, bizarre, cool--just do a /list on DALnet and you'll be set.

--
Aaron J. Shaver
http://aaronshaver.com/

I always have the urge to photograph my fridge when it's full. Something about all those vivid colors, or the satisfaction of knowing where your dinner is coming from (at least for a week), just gets my cortical node all squishy.

I think I even did once. See?

Not to mention Dalnet's 1080 probing. Every single time I connect, it has to probe my WinGate. Here's what they say:

This server runs an open proxy/wingate detection monitor. If you see a port 1080 or port 23 connection from [somewhere].monitor.dal.net please disregard it, as it is the detector in action. For more information please see http://kline.dal.net/proxy/wingate.htm

You think they're onto something?
---

Dalnet's updated their webpage explaining the joke for those who didn't get it . . .

See DALnet news: AOL Banned and AOL ban lifted

See DALnet news: AOL Banned and AOL ban lifted

See here

You can apply to have your server be on DALNet, and how can AOL buy that??
--

I suggest that we boycott UUNet immediately.

Maybe they should try this?

One of the main reasons that EFNET is unused is because it has no chanserv/nickserv features and is therefore unusable, as it is far too easy to hack around with

Contrast this to DALnet, which has teams of volunteers patrolling it and features allowing reliable and secure operation of room and servers. Just because EFNET was there first doesn't mean it should be revered. DALnet is still very much run by the geeks (hence dal.net not dalnet.com, iyswim.

Like it or not, the web is a much bigger place than it used to be. This kind of harking back to "the good old days" won't help preserve the distributed, open and hackable (in the good sense) nature of this beast we created. If a service, site or protocol is unreliable and not very viable for its intended purpose, it will die, nostalgia or not. We can only hope this is totally true and MS doesn't prove the exception with SQL et al.

I've been involved with IRC in one way or another for about 7 years now. It's reasons like this that I do NOT run an IRC server anymore.

Around 5 years ago, I ran toast.ne.us.dal.net, part of the DALnet IRC network (obviously). The bandwidth for it was generously donated by a local ISP, in exchange for borrowing some of my expertise from time to time. We only had a frame relay T1, but easily held more than 1000 users at a time.(Which was a record, for a short period) With popularity, attacks started coming.

The first thing that hit was SYN floods. Linux added the TCP cookies feature, which helped a bit. Then raw ICMP echo request floods, which caused us to get icmp blocked at our uplink, which hurt our customers, but was deemed worth while. Then when ICMP didn't work, people flooded the crap out of us with UDP. Then the Smurf attacks started. It came to a point that more often than not, during the evening, I was spending my time on the phone with our increasingly annoyed uplink getting things filtered and blocked.

In 1996, I moved to Illinois, and took the server with me. I started my own ISP on two T1's, and pretty immediately decided to pull the DALnet server, when the period of time that we're getting flooded exceeded the time we weren't. I then moved my IRC server to a much smaller network called NewNet. While the floods were much worse, it still was a perpetual annoyance that some brat in Israel decided he didn't like us, and would reguarly flood us from hacked .jp servers, who we could never get the admins to fix. I'd also get people attacking my router directly, affecting thousands of customers, all over a silly IRC matter...

Then one day, the "script kiddies" discovered Wingate. Wingate is a highly useful Windows proxy system, that was unfortunately shipped for quite a long time in a highly insecure state. They had a telnet and SOCKS4 proxy sitting wide open, with no passwords necessary. One script out there would go scanning through cable modem and DSL netblocks, gather a list of a few thousand insecure wingates, and connecting them ALL to our network, using them to flood the crap out of us. No longer could we even ban naughty users, because they had thousands of hosts they could choose from.

One VERY frustrating day, I ended up writing a little tool to scan EVERY user who connected to our network, to see if they were actually connecting from an insecure proxy server. Worked wonders, but we had thousands of nasty e-mails from people asking why we were trying to hack them (by connecting to port 1080 then immediately disconnecting?). Much education was required, and many notices of "You're about to be scanned, disconnect if you don't want this to happen" were necessary to prevent some idiots with a firewall they didn't understand from flooding abuse@dragondata.com with nonsensical complaints about hack attempts.

Today, floods are much more sophisticated than the ones we saw 5 years ago. Current floods are completely legitimate TCP/IP packets, that look real. Not floods of SYN's, but real looking data, that you can't just slap a simple filter in to get rid of. Now, unless you're using a stateful firewall that can detect this sort of thing, you're pretty much screwed. (FreeBSD's ipfw system is now stateful, and works quite well for this sort of thing.)

Really, here are the major problems.

1) Network administrators don't secure their networks. They may secure their machines, but they let their routers blindly pass off spoofed packets, when it would be pretty easy in 99% of the cases to block packets with source addresses coming from a port that they don't belong in.

2) Any complaint to any abuse@ address that involves IRC seems to go into /dev/null. A wonderful discussion has gone on on the NANOG(North American Network Operators Group) mailing list, the past few weeks about this very problem. "IRC is stupid, don't make yourself a target" is something heard all too often. If people would just secure things now, when someone's attacking a web server, or something else of yours, you won't have that problem either. What if someone decided to DoS one of the major political party's web pages today, with the same types of floods? It's the same problem, but somehow this is worth investigating, but not if it's IRC? Yes, IRC isn't as philosophically important, but it's a very popular service, none the less...

3) It's nearly impossible to prosecute the people who do this. I've talked at great lengths with the FBI and other law enforcement agencies. While they sympathize, unless they have a huge dollar amount in damages they can show, there's little they can do.

4) The same companies and universities get hacked over and over again. I'd like to see someone sue one of them for negligance one of these times.

5) Stupid battles like this are really putting a drain on the IRC community. IRCD server software has pretty much gone untouched over the last few years, because any technically competant coders are busy coming up with proxy detectors and fighting floods, than writing code. There are things with IRC that could be done that would blow people away. But, I'm burned out. 7 years of fighting with people who need psychological help, because they do things like take down a huge network, instead of dealing with their issues in a constructive ways....

6) People take IRC too seriously. It's just for fun, people.

Kevin Day

Yeah, and we all know how reliable IRC can be. Some IRC networks, particularly the more popular ones, make AOL look stable.

Bush declares US a christian state?

SHUDDER

That is fucking scary dude. I think bush being advised by Anti-porn.

I also found another intresting news story about george and antiporns friendship at http://www.stileproject.com/june17.html



Kris
botboy60@hotmail.com
Nerdnetwork.net

I think khairan.dal.net should not be linked to DALnet because: 1. Dual admin.. especially the bs co-admin who just owns the machine 2. Single T1 3. Machine runs linux

"To summarize, my only real problem with this machine is that it is running Linux and our own experience has proved to us that Linux is not stable enough to handle a large client load, and we are not the only ones who have experienced this same problem."

"Although I would like to add that the fact they have and use Linux for the server worries me. ;)"

I think khairan.dal.net should not be linked to DALnet because: 1. Dual admin.. especially the bs co-admin who just owns the machine 2. Single T1 3. Machine runs linux

"To summarize, my only real problem with this machine is that it is running Linux and our own experience has proved to us that Linux is not stable enough to handle a large client load, and we are not the only ones who have experienced this same problem."

"Although I would like to add that the fact they have and use Linux for the server worries me. ;)"

I think khairan.dal.net should not be linked to DALnet because: 1. Dual admin.. especially the bs co-admin who just owns the machine 2. Single T1 3. Machine runs linux

"To summarize, my only real problem with this machine is that it is running Linux and our own experience has proved to us that Linux is not stable enough to handle a large client load, and we are not the only ones who have experienced this same problem."

"Although I would like to add that the fact they have and use Linux for the server worries me. ;)"

Some anonymous coward wrote:

IRC does not scale

Doesn't scale? Actually, in some ways I'd say IRC scales better...if the traffic gets excessive, people start new servers on the network which are closer. (I'd say it scales approximately as well as large FTP sites like Simtel or Freshmeat; Freshmeat in particular is actually mirrored on a large number of sites and one is routed to a server semi-local to one.)

IRC does not have a user registration system

Depends on the network, actually. The largest IRC network admittedly has no facilities for nick registration (then again, the largest IRC network is next to useless for many reasons). Second- and third-generation IRC networks, such as DALnet and SorceryNet have NickServ programs that allow registration of nicks...if someone else tries to logon with your nick, they have to give your password within 30 seconds or their nick gets autochanged. (You can also specify hosts that don't have to give a password.)

IRC does not have offline messaging

Again, this varies with IRC network and server. IRC servers on DALnet, SorceryNet, and other networks that use the DALnet server software do have offline messaging capability as long as your nick has been registered. The tool is called MsgServ, and when someone logs on they'll get a message to the effect "x messages are waiting for you. Type /msg MsgServ read 1 to start reading".

IRC servers periodically split off because of the massive amount of traffic since IRC as a protocol forwards every single message, not just the ones the people on the other server are interested in seeing

I've got some news for you...so does AIM. So does ICQ. The servers by definition carry every message on them, not just the ones one is interested in seeing! You just see the ones you're interested in seeing because you're in a chatroom (the exact equivalent of a room on IRC) or you are in private chat with a person on your Buddy list (the exact equivalent of either private chat (/msg) or DCC chat in IRC).

The real reason IRC tends to lag is because of network conditions in GENERAL on modern IRC networks (like Undernet and DALnet and SorceryNet). They often have to cross country and worse...AOL actually uses multiple servers for AIM (and I expect for ICQ as well) but they're located in two or three places. I'll also note that IRC networks with two or three servers almost never experience lag problems; I've not yet run into serious lag on SorceryNet, for instance.

As a minor aside...I have run into problems with network lag with ICQ (at times I honestly wish you could select the server you connect to; sometimes ICQ is so slow as to be unusable) and I know folks who've run into it with AIM too. The problem isn't exclusive to IRC. Just three problems, I can easily give you a hundred more if you like.

Most of the problems I've seen with IRC versus "chat clients" such as AIM or ICQ mostly occur on EFnet (a first-generation IRC network which is mostly plagued by script kiddies). Modern servers such as DALnet and SorceryNet (and networks and private IRC servers using the DALnet ircii server) generally do not have the problems with script-kiddies and people on kick-frenzies, and have security for nicks and channels as well as less problems with netsplits. (And yes, I've seen the equivalent of netsplits on other chat clients; with ICQ "netsplits" you generally are unable to talk to the person even though they are still online.)

In fact, I'll even go so far as to note that there are problems with AIM and ICQ that do not exist on third-generation IRC systems. Firstly, it is well known that the name registration in both AIM and ICQ are insecure and it is possible to spoof nicks (BUGTRAQ has good info on vulnerabilities in the clients). Secondly, it is more difficult to secure non-private chatrooms in AIM (ICQ's chats are, essentially, the equivalent of invite-only IRC rooms; third- and even second-gen IRC servers allow one to set a room's mode automatically to only allow certain people in, or only allow certain people to post, and keep those configurations fairly permanently set even when one is not on IRC). Thirdly, you're relying on protocols which are largely proprietary and (as is being shown by the entire AIM debacle) permission for clones to operate can be revoked at a moment's notice leaving you to either buy a client from a proprietary vendor (if you use Windoze or maybe MacOS) or leaving you essentially SOL (if you use Linux or any other OS, or if you don't like giving AOL your dime so they can keep sending coasters, er, "try out AOL free for thirty days" CDs). It is rather difficult to start one's own ICQ server, and probably impossible to start one's own AIM server, if you don't like AOL's policies.

Other chat clients are even worse. Ichat, a common "web chat" util, pretty much has equivalent function to IRC but with none of the security features of even first-generation IRC servers...I personally have seen script-kiddies spoof nicks, do kicks of entire channels, effectively take over entire servers, commit DoS attacks on users...and there is no way to set operator status on a channel (it's only server-wide, the equivalent of an IRCOp) and no way to protect users or channels from this sort of sillybuggers (not even bots to guard a channel).

With IRC, on the other hand...third-gen clients allow all of the features of ICQ or AIM, with more security. IRC is an open protocol; clients are available for damn near every system under the sun (including DOS boxen as low as 8086's and old Amigas), most IRC servers are open-source (the complete source for the DALnet server, the base for most third-gen IRC servers, is available from their website; it's basically a version of the regular EPIC ircii server with extra features), and if you don't like the policies a server or network is doing you can get with friends and start your own server (this is exactly how SorceryNet started, btw; they thought DALnet's admins were being right bastards, so they took their toys and started their own network).

The only problem is there are several IRC networks. I do know that at least some folks are working on various ways of letting them talk to each other, though...this includes gateways (I knew a person working on an experimental DALnet/ SorceryNet gateway, for instance) and clients that allow people even on different services to talk to each other (in essence the clients act as IRC/AIM/ICQ/whatever gateways).