EFNet on the Rocks Again

Dragonsbane writes: "Things just keep getting better and better on EFNet. Already down to 30-something servers, the network has been hit with a huge denial of service attack, one which seems to have targeted the major hubs and open servers on the network. Information regarding the losses (six servers have been shut down in two days, one of which will not be returning) can be found at the network's news page. Having used EFNet for the last 5 years, I held on for dear life during the last bumpy ride, but I find myself wondering if the oldest IRC network can pull out of this type of situation a second time?"

are you kidding

[joq]

Many people still use IRC for many things trading coding tips in C++, developing OS's (#freebsd, #openbsd, etc.), assisting newer users of the OS (#linuxhelp, #freebsdhelp). Many friends also use it as a means to communicate, and it's sad you do have some shitty channels but you shouldn't generalize everyone on IRC as being warez kiddies.

Stopping DoS attacks

[joq]

I noticed most of these attacks happening in the summer time which can be attributed to kids being out of school and having too much time on their hands. I've written a paper on stopping DoS attacks which can be found here, which deals with network based (router level), firewall, and kernel tweaks, to minimize a DoS attack.

Some of these idiots should check into a local clinic for psychiatric assistance, and stop ruining things for people who just want to chat.

Efnet

[Retalin]

I usually refrain from posting opinions but I feel on this one I must.

EFNet has been my sole IRC network for years now, its plagued by many things that draw the wrong crowds. However this doesnt make it a bad place, its just not one where you can go telling off some 13 year old that has as they say "500 b0x3n". I dont understand the mentality of attacking a non-profit irc network for any reason.

You lost your channel? So what, go make a new one.
You lost your nick? So what use a deviation.
They wont let you be an oper? So what start your own network.

I mean come on.. this is rediculous.. So what if your upset with efnet, there are so many other alternatives out there that you cant begin to list them. Use one of them.

As far as the attack that efnet is facing, its not just the DDoS, its also the attack of its users. Just like this post on slashdot about efnet... "but I find myself wondering if the oldest IRC network can pull out of this type of situation a second time?" If youve used a network for 5 plus years, and its been through this before, then odds are it will make it though it again, dont show a lack of faith or support like that. You are giving this kids or immature adults exactly what they want. The truth is this, we are giving them exactly what they want, thus they wont quit. If we quit complaining, then what they are doing isnt working any more, or they are not going to get their desired results, thus they will probably quit attacking efnet.

One of the most redundant things you will see on the efnet.org forums is the posts regarding the problems efnet is facing where people are whining and complaining about not being able to get on efnet. Instead of that, shut up and move on. So what if you cant get on efnet for a few days, its not like theres not 100 other irc networks that you can use until EFNet gets back up, heck have your buddy on a cable modem load up ircd to support your friends until efnet is back online.

In short, stop making a big deal out of it. In the end your forgetting the people who are really suffering and whining about stuff that dont matter, imagine how much these attacks are costing the hosts of the servers we love, they are doing this for free, and paying out the rear end to keep this thing going. Thats where we come to the poing of loosing efnet, is when it hits the sponsors (servers) in the pocket.

Regards,

Ret

IRC warrioring out of hand.

[treat]

I used to be a fearsome IRC warrior, in the days of nuke and flash. Not winnuke, mind you. Nobody on IRC used Windows then. Nobody at all.

I never did anything to harm an IRC server. Nobody did. #warez learned to fear my army of clonebots, and in fact clonebots were the only thing I ever did that upset IRCops.

Now, people don't care about IRC when they are involved in their IRC wars. Just like using nuclear/biological/chemical weapons in real-life wars, DoS attacks against servers harm innocent noncombatants. This is unconscionable.

DoS attacks against servers is destroying, and will ultimately destroy, EFNet. These people surely know this. They just don't care.

I have never been so disgusted with mankind.

Possible Solutions

[Greyfox]

A couple of possible solutions present themselves to DOS attacks:

1) Mandate that ISPs filter outgoing traffic from outside their address range. A lot of these attacks won't work or won't work as well due to address forgeries.

1a) Hold ISPs responsible for damages stemming from attacks originating from inside their IP ranges. Allow them to recoup those costs from the users whose hosts are involved in the attack.

A lot of people are gearing up to flame at this point going "But but but you can't hold a user responsible for the security of his machine!" Bullshit. If you want to connect to a public network, you should damn well make sure your system is secure. And security would improve, because someone's money would be directly involved and therefore law enforcement would be much more inclined to pay attention.

2) Give a government organization draconian powers over the net and passwords to all the routers irrespective of what company owns them. "Oh... That DOS is originating from foo.net. Lets just turn down their router until they sort it out." That'd damn well get attention real fast.

Here is what i don't understand...

[JoeShmoe]

This is a crime. Where is law enforcement?

No monetary losses? How about bandwidth cost? How about admin time to repair/fix hacked IRC servers?

What I fail to understand is how some Canadian teen ping floods Yahoo! and has the entire wrath of the FBI, NSA, CIA, DIA and Canadian Monties on his ass...meanwhile EFNet servers are subjected to coordinated 3Gbps attacks and the only solutions seems to be give up?

What the hell kind of logic is that? Okay, give up because it is easier. If you ask me, every EFNet server should lodge a formal complain, claiming $10million in monetary losses. If we learned anything from Mitnick, it's that companies can claim any bogus amount of losses and get results.

Or maybe the FBI/CIA should just host an EFNet server themselves. We all know they are caching the whole damn thing anyway to run through Echelon. If EFNet goes down then were are news organizations going to go for their pithy quotes?

- JoeShmoe

BAH!

[jbarnett]

First a DOS on their irc network, now a slashdot on their web server....

We should ALL send out our support though LOADS of email to let me know we care... err wait

There are no face.

[Mekanix]

I run a chat for people with depression and similar disorders.

We find great comfort in chatting with eachother and are happy that the various IRC-networks gives us this upportunity.

But when this kind of childish behavior sets in, it's not just the various networkoperators and sponsors who pays.

There are real people behind all those nicks. People who have come to depend on it. And suddenly find themselves alone, again. Alone to deal with their pain.

Once we have relocated to yet a new network, next step is at get contact to all the users. Mostly impossible, few trust others to get close enough to give out personal datas (like email).

Third step is to get people to change their client. Almost as impossible, many of the users aren't your run-of-the-mill powerusers.

Bottom line is that every time this pre-teen-kidz feel an urge to show off their l337-status, *real* people with *real* life and *real* problem.

But those script-kiddies doesn't care, to them we are just faceless nicks.

My wish is, that once those kids grow up they will learn of the harm they had done. Know that when they trashed a network, someone was left alone... crying in the dark...

... and know *they* are to blame for nonexistance of IRC and free chats.

Bjarne

What it will take to save EFNet

[bl968]

It will take a number of the following measures to limit and reduce the number of attacks EFNet faces.

Hostmask mirroringthat would at the irc server level protect you from hostile users out there, making it virtually impossible for them to gain your IP address via IRC.

Nickserv/Chanserv allows you to reserve your own nickname and reserve your own channels for personal use.

Invisible hub servers, these invisble hubs means it is possible for one or two servers to be taken down but it will be individual servers on instead of entire branches

By implementing these features you will see the irc wars lessen and eventually die out for the most part. The nick and channel services would protect the channels reguardless of the warbots and denial of service attacks. The masked ip's would mean you could not attack other users of the network unless they did something stupid like accept a dcc connection. EFNet may have the invisible hubs already however the rest of the possible solutions they do not have and seriously need to consider.


--
When I'm good I'm very good, when I'm bad I'm better, But when I'm evil you better run :P

What's the point?

[Traicovn]

What is the point of attacking an IRC network with a DOS attack anyway?

It's not going to give you ops, your not going to achieve anything besides slowing down the network.

I have to wonder what the script kiddies problem is with EFNET, what's their beef with them? I'd like to see that posted here, or are they just doing it because they can.

I've seen some severs disappear off efnet and go private or join other networks too. People don't want to be associated with the unstable network, and they can't pay the bandwidth bills of a DOS atack. Remember, DOS sends a whole lot of information, which translates to bandwidth, which on servers, costs a pretty penny. And unless you own a telecom, that's money that your never going to see.

Whoever is doing this, just quit it. Attacking an IRC network (Which is free for people to connect to and use by the way) is just lame and stupid.

[Something witty and intelligent should have appeared here.]

Bullying.

[Kasreyn]

Why do schoolyard bullies put a nerd's head in the toilet? They don't get anything for it. It doesn't make them any money, it can't improve their lot in life, it teaches them nothing so it's not even a learning experience.

Frankly, they do it because they ENJOY DOING IT. They get a cruel (I would say sick but sick is a hard word to apply to something practised by the vast majority of the human race), a cruel thrill off of beating up someone weaker than they. And then the tortured nerd goes home. And then he either torments pets, or he goes on the net and DDoS's some perfectly cool site. Because he has learned to be a bully, by example and by reaction to his own treatment.

Why not DDoS Microshaft or whatever, while he's at it? Because he does not have any sort of economic or political goal for this attack. He's not doing it for that reason. He's doing it to piss off as MANY people as possible. DDoS'ing Microsoft pleases too many people, so he could care less about doing it. What better way to piss off a whole bunch of netters than attacking their community where it hurts?

-Kasreyn

news page already ./ed

[thopo]

it took me 5 minutes to get on there. take some load off their shoulders and read it here instead:

madmax @ 2001/07/11 21.16 irc.ins.net.uk / dianora
Just incase the rumours are true and somebody's attacked all the servers dianora opers on, can I point out that Diane hasnt been opered on irc.ins.net.uk for about a week... If you're going to DOS servers because you dont like their opers, at least /stats o first ;P

hardy @ 2001/07/11 16.05 ircd.solidstreaming.net / irc.solidstreaming.net
SolidStreaming's irc client and hub servers have been null routed at the moment due to a massive core router flood. Currently, there is no ETA for return.

madmax @ 2001/07/11 12.44 irc.ins.net.uk / irc.hub.uk
C&W INS has been under such a large attack that they have now null routed the irc servers. We do not know at this stage if or when they'll be returning.

madmax @ 2001/07/11 09.31 Efnet's broken
You heard it here first. To those concerned, quit with the attacks, learn not to shit where you sleep. You know who you are.

madmax @ 2001/07/11 09.25 irc.lightning.net
Lightning is disconnecting from efnet for the immediate future due to DOS attacks. They will look at the situation again as soon as possible and hopefully make a comeback.

hardy @ 2001/07/10 21.49 irc.emory.edu
irc.emory.edu has officially de-linked from EFNet as of today due to excessive Denial of Service Attacks for unknown (but most likely IRC-Related) reasons. It's a great loss for the EFNet community as Emory University's IRC server has for 5 years been a very stable, reliable, and open one. We would like to thank the irc.emory.edu staff for their time and dedication to EFNet, you will be missed.

and more DOS

[manifested2]

Poor EFnet, first the IRC DOS attack... ...now their www server getting the slashdot effect...

More of the same really

[q-soe]

I read this with sadness but very little surprise. I used to be a EFNET user but left in disgust after the channell takeovers by the l33t kiddies and haxors got to the point where it was no longer worth it.

I moved to Austnet (as im an aussie) and all was fine but in the end i bailed from there - as an op and channell owner i spent the last 5 months of my online life in constant flame battles and fights to prevent channel takeovers.

We had numerous DOS attacks and hack attempts which succeeded in downing our service on more than one occasion and wiping out host servers, not to mention mail bombing attacks on channell mailboxes and racist bullshit on broadcasts (yes you white power fuckers know who you are).

I checked the other night when i was rebuilding my PC at home to find the logs of my last session - 2 hours online and over 100 bans - so i just hung up my gunbelt and keyboard and decided it was not worth it.

Im sorry to see this happen - IRC used to be a great place to go with intelligent talk and good fun, now all it is is lame losers and 'i owns joo' crap in many cases. Another piece of web history gone