Slashdot Mirror
Why Are Canadian Sympatico Users Being Banned On EFNet?
An anonymous reader asks: "After being away from IRC for over a year, changing ISPs and moving my physical self to another apartment, tonight I tried to get back on EFnet. With a brand new IP, and a brand new computer, I discovered that all over EFnet, all channels related to Linux are banning all Canadian Sympatico users, this includes high speed customers, dial up users, and business users. In fact, the ban is quite severe and bans the entire sympatico.ca domain. I've tried to message several operators in #linux, #linuxhelp, and #slackware, but nobody is responding. What's going on?"
Somebody on Sympatico was being such an ass when a ChanOp had a bad day, managed to get a different IP, so anything from Sympatico was blocked.
Hmmm... banning subnets... where have we heard that before?
The Canadian government has been working on a bill to make open source software illegal....only commercially sold and supported software will be legal as of June 1st 2003.
This all stems from the fact that the Canadian government has been in negotiations to sell British Columbia to Microsoft since 1999.
The ISP sysadmins probably have not reacted to calls for them to reign in annoying users.
... sigh ...
How about just ringing up your ISP and asking them what is happening?
But as usual, lets ask slashdot
or at least it used to be. that covers quite a few hundred thousand norwegian uses as well (adsl, isdn and modem). i also tried messaging ops to find out what was going on, and never got a response. in the end i just figured; fuck it! do i really want to be on a channel with people willing to gag half a nation (online/telenor is the biggest norwegian isp) just to shut up a few noicemakers? my advice is to find yourself a channel with less braindead operators. shouldn't be hard :-)
Acts@core.mailboks.com Acrux@core.mailboks.com Adam@core.mailboks.com Adar@core.mailboks.com Ada@core.mailboks.com
This brings up an interesting question, which is whether I can help out a friend by routing her IRC traffic or his for her/him, if I have a large server up a lot. I'm not sure I would do it open-to-the-public, but as something for a friend, why not?
2) Anyone who gets posted to slashdot and hangs out on IRC probably has enough techie friends that one of them would be willing to host such a service.
So, a better ask-slashdot might be:
How do I route around draconian ban-by-subnet IRC policies?
Philosophers ask WHY. Engineers ask HOW.
Canada is infamous for its scriptkiddies. As long as its impossible to positively ID a particular person due to IP-jumping, ident-changing and so forth, the only solution is to set an ISP-wide or country-wide ban.
Blame it on the kiddies. If it gets too noisy due to a single country/ISP, then the only logical solution is to ban that country/ISP.
In addition, EFNet#linux and other EFNet channels are infamous for beeing non-friendly and not very helpfull. You would do much better using Openprojectsnet or whatever its named right now. Much more friendly.
"Rune Kristian Viken" - http://www.nwo.no - arca
Sheila: Time's have changed
Our kids are kids are getting worse
They wont obey their parents
They just want to fart and curse!
Sharon: Should we blame the government?
Liane: Or blame society?
Dads: Or should we blame the images on TV?
Sheila: No, blame Canada
Everyone: Blame Canada
And so on.
What's funny is that on UnderNET, several channels are (or are considering) banning whole countries.
Most notably these days is Romania (.RO) - not for the DDoS kiddies, they bounce off BNC's and shell servers you know, but for the sheer idiocy of these NORMAL romanian users.
This is how IRC works. You don't like how a channel is operated? Don't BITCH you moron, start your own or find some other channel. Grow a brain please.
http://mind.riot.org/muh/
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Channel politics are flakey at the best of time, all it takes is some idiot in a country to say summat wrong to a chanop and there banned. Another widespred ban on few networks is *.aol.com, as people on technical channels dont belive that "technology wise" people could possibly use AOL. It's these generalisations that end up with domain bans due to a few users spoiling it for the rest.
As for banning ISPs, all it takes is a few "scriptkiddies" to come onto a technical channel with there MP3 scripts and l33tsp34k to annoy a few ChanOps and boom...perma-ban
For further note, i am a Chanop on various channels on the HashNet network, and yes people do get domain banned for stupid reasons. Maybe this will just give you more of a insight.
"What do you mean you have no ice? Do you expect me to drink this coffee hot?" - Random Customer, Clerks
Don't just blame draconian ops, it is more of an act of desperation. In undernet we take so much crap from kiddies that 99% of the time happen to be coming from .ro, simpatico.ca (its so bad we call them simpaticrap, go figure), .no and .mx . I have personally banned .mx and .ro temporarily a few times from #asp on undernet because once a kiddie puts his/her mind into making you miserable it will take minutes to max out the ban list. Only reason we cannot ban .no and .ca is that too many innocent people will get hit.
Pedro
----
The Insomniac Coder
I'm not a sympatico user, I'm a DALnet user and channel operator instead. While I've never set such a broad ban myself, I know of many channels which have banned sympatico. Apparrently there was an extremely major spammer on sympatico, who kept jumping IPs, simply to the point that operators were forced to ban the entire domain.
So there is a reason for it, though I do agree it is a bit severe.
Why would you want to join #linux anyway? Those who can, do. Those who can't, teach. Those who can't teach get on EFNet and ban entire domains of IP addresses from even asking questions.
Acts 17:28, "For in Him we live, and move, and have our being."
*!~*1@*.*
*!~*2@*.*
*!~*3@*.*
*!~*4@*.*
*!~*5@*.*
*!~*6@*.*
*!~*7@*.*
*!~*8@*.*
*!~*9@*.*
these bans are to stop a set of what looks like some type of automated scripts finding trojan'd and wingate type machines to join the channel and spew two lines off garbage and part.
optonline.net is the only massive ban enforced in #linuxhelp due to constant trollage.
-- botsex is {grep;touch;strip;unzip;head;mount}
People might say it's not that easy, but it really is. There are several ISPs that operate EVERYWHERE that Sympatico does, and offers their services at a SUBSTANTIALLY lower cost. I switched over to iStop (http://www.istop.com) a few months ago, and I'm loving it.
I suggest you inquire in the newsgroup can.internet.highspeed about a good ISP in your area, I'm sure Bob Carrick will point you towards his excellent ISP website.
If you're wondering why iStop doesn't offer 3.5mbit residential atm, it's because Bell raised the price for all new lines, and iStop decided they'd rather stop offering the service for new customers than charge old customers way less than what they charge new customers. Ralph Doncaster, owner of iStop, has said that he fully expects Bell Nexxia to once again offer the lower prices for 3.5mbit lines, so he'll be able to offer it again in the future.
.. Because a few idiots like to stuff things up for everyone.
It's rather amusing to see 'major yet foreign' hosts being banned from (generally large) channels because the chanop assumes: a) none of his/her friends will be affected. b) because one *ian is an idiot all *ian's must be idiots. c) the ban will actually keep the one or two idiots causing trouble out.
If you feel you must ban a whole country or one of its major ISP's to combat a few select lamers, most of whom will simply ban evade with open proxies, spam with different proxies, load floodbots from different proxies and whatnot, then perhaps you should take a break from IRC. I wouldn't feel welcome in a channel run by people in obvious and dire need of a clue-bashing anyhow.
At the end of the day, as you sit in your 'selective' channel, the only people you've kept from joining are those that couldn't care less. The kiddies are the ones getting the last laugh.
A channel I am on 24/7 on undernet has the following bans:
*.at, *.mx, *.nz, *.tw, *.nl, *.no, *.si, *.br, *.gov, *.ca, *.tr, *.au, *.ro
Wide enough bans? These bans are mostly because ppl come in and claim we took 'their' channel, when we have been there for many years. Perhaps they have their nets confused.
Lowmag.net
This isn't just a problem in IRC channels, on messageboards you'll often get a few trolls hell bent on crap flooding the forums (wait... this is Slashdot why am I saying something that's gotta be freaking obvious. Achem)
.rbl.openproxy-rbl.org or whatever on the end of the IP and sees if there's a response. If there is it drops the connection like it's carrying the plague (or Code Red as the case might be). Simple, and easy to cache seeing as you can just have a local BIND running to cache results for hosts who commonly connect.
Anyways, what I certainly think might be nice is to have an RBL-like system somewhere that scans for open proxies and automatically blacklists them. When your server recieves a connection, it just sticks
No, this is not off-topic, or a troll. That's just a grabber.
... boom, the idiot is back. Not a very powerful reinforcement of a channel/network's rules.
/ignore does wonders. Well, if you have it. I don't. That's when you need good ops or intelli-bots.
Why I ask that question is I want people to look at the rating system of Slashdot. Do valuable comments usually get modded up? I believe so. And the trolls, the annoyances get modded down.
Now, let's apply this in real time. Let's apply this to IRC. I know, it sounds flawed, so you need someone (with integrity) at the top to select the first moderators. And users of IRC would have points based on what they say. This could be run by a bot, or whatever. Insightful, and intelligent readers and posters (good grammar, non-offensive language, etc.) would get 'modded up'. Script kiddies get modded down.
Also, channels should ALWAYS be moderated. A moderation bot can demoderate the fools. I find this far more effective than bans and kicks. Usually, there's an auto-rejoin feature that I'm sure you're all aware. Kick
But, you presume guilt. You make people apply for a nick and auto-voice, and suddenly, there's a lot tighter control. One has to register to use this community. It becomes a priviledge.
As for the script kiddies... well, they're harmless. Auto
First, nothing begins if not opening
As an operator in #linux on EFNet I feel I should chime in. We do not have a ban on *sympatico.ca, the only ban we have related to sympatico is Kitchener-HSE-ppp*.sympatico.ca. It is far more likely that you attempted to join on a system account or do not have identd working. A quick search on google will find our homepage with channel rules and howto's, including why we require identd and resources on installing it. And lets not forget that #linux is not a bunch of operators who are power happy. We volunteer our time to help people with linux. We help hundreds of people every day, and our "draconian" rules are what keep the channel flowing. It is not easy to work in a channel with 125 people doing whatever they want to do, so make sure that people follow some basic rules. If we see repeated abuse from an ISP our policy is to contact that ISP and work towards a resolution that does not require the banning of a large group of people. If we cannot work something out we will ban that ISP, however, usually a few weeks of getting banned from the channel on join will discourage the most pissed off kiddie, and when that ban is no longer in use it is removed. I would also like to state that most of the people I have heard complain about our policies are those that join the channel for a bit of handholding. If you join please remember that we are not paid to help you, and demands are not appreciated. We take special care not to ban out of hand, so if you are banned you did something wrong. http://www.efnetlinux.net/rules.html
I couldn't access a few channels that I wanted to access because the entire sympatico domain was blocked. My workaround was to just go through another system, but that is quite annoying.
I have since moved and no longer use sympatico so it is no longer an issue. Although come to think of it, I don't think I've even used IRC since.
No, blame Kaneda! After all, he destroyed Tokyo. As for banning of entire nations, well fuck ops. Servers are well equipped to handle floods themselves, and people are free to /ignore anyone they wish. Unless the OP is me, then there should be no ops. =P Actually, I shouldn't have OP either.
If your using mIRC 6, you can go through a proxy to change your IP address, I know of a few proxys that Efnet, Dalnet and Quakenet don't detect. I'm not sure if Efnet and Dalnet allow it,Q uakenet doesn't allow it, but you can still do it. Here is one that Quakenet can detect, i'll give another one out to you if you email me, but if I gave it out publicly I doubt it'd be fast anymore. fll-vodsl61-cust204.mpowercom.net and use port 3128
Or at least not a major one... I was (still technically am) an Op on #anime on the UnderNet, and not only did we have norway banned ocassionally, but we also eventually had numerous other european countries, south american countries, and mexico at one time or another. :) /msg about being banned... We're sorry, but the volume of abusive users was simply too great from your area/isp/domain/country and we had to block everyone. Encourage your ISP to be tougher on abusive users, or take your business elsewhere... Eventually we'll reconsider the ban and give everyone a second chance.
Was this elitism? Hell no, one of our most beloved operators was based out of Norway and another spent half the year in Mexico... This was done simply because the channel would've been unusable to the vast majority of visitors do to the hourly (not exagerating) visits by flood bots. What other option did we have? We tried selectively banning subnets and ISPs, but it didn't work!
On Undernet one can be invited through a channel ban, so individuals who wanted to access the channel still had some options...
You still haven't answered as to what your solution would be. Instead you just whine and call the operators names and say you're better off not associating with them. Mayhaps they're better off not associating with you with an attitude like that? You remind me of the guy who cried to us in the help channel that he was banned from #Ottowa, and that obviously must be illegal since he lived in #Ottowa, so he wanted a Network Op to go remove the ban...
I'll give you the same explanation we gave users who would send us a
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
I have at times put *!*@*.sympatico.com into my IRC shitlist to prevent Sympatico users from being in any of my 10 or so channels.
It's quite simple: If your ISP doesn't stop spammers from abusing IRC, it will be klined/shitlisted/banned/prohibited. And if the ISP provides dynamic IPs, the WHOLE isp will have to be banned instead of just the offending IP(s).
-Clio
Karma: Bad (mostly from not giving a fuck)
Blog: http://clintjcl.wordpress.com
You don't act like you don't give a fuck, you spend alot of time going on about them being bad and pointless and even try to use my sig to prove your point... And yet you still avoid the question of "What other solution is there?"... I fail to see a silver lining in what you've said... Saying "my advice is to find yourself a channel with less braindead operators." doesn't help the fact that the user is unable to get the help they need because their ISP is banned... btw, my sig is more in reference to lusers responding to my calm explanation of why their ISP is banned by DoS'ing me than placing a ban to defend an IRC channel from a large amount of abusive users...
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
I am not a robot. I am a unicorn.
Baning an entire domain is the lazy way out.
A lazy but otherwise good Op is almost as bad as a regular bad Op.
Dark Nexus
"Sanity is calming, but madness is more interesting."
I think that the rise in 24 hour connected broadband access by the masses has given rise to 24 hour connected relays that script kiddies from other countries may utilize.
Judging by the large number of formmail.pl attempts that my servers get, QWest (aka USWest) gets my vote for most (infectiously) deployed proxy servers out there. .cn domains (of course they might not be remote controlled) come next, then South America, and finally Canada.
I have noticed that the spammers are trying harder to stay under the radar more lately. A few months ago, the hosts they infected with their relay software would spam thousands of targets a day. Now they seem to distriute the load a bit more, returning after a few days to a week to try to not look so obviously infected.
I haven't seen anyone mention the performance and usability impact of floods. Keep in mind that there are a finite amount of resources on an IRC server, just like any other system. If someone decided to crapflood in a channel, the server has to send that to any users in that channel, one by one. EFNet and other large networks have pretty big demands on bandwidth and processor usage. The more these resources are allocated to a crapflood, the less resources are available for legitimate traffic. Some may call this a Denial of Service attack. Personally, if I see something like this, I stop it immediately. Unfortunately, the only way a user is identified is by their nickname, and their user@host. If a flood is coming from many different hosts with some portion in common, the most efficient solution is to ban everything matching that protion. It takes less time and puts less stress on the server as it doesn't have to match 20 different hosts, only the one. This is simply a matter of server performance.
/nick floods as well. The only solution for the channel operator is the ban. Flood bots from multiple hosts and dynamic IPs make this impossible to do in a fair manner. Wide bans are sometimes needed to maintain usability of the system.
This follows as well with usability. If you have 20 clients, each spewing lines of bogus data every second, no one else can see what's going on in the channel. I'll go out on a limb and say that there is no maybe about it. This IS a DoS attack by definition. For those of you who think that making a channel +m will solve the problem, think again. I have seen join/part floods and
Let me try to give a real world example. Let's look at a large scale riot. There will be people actually doing illegal acts (damaging property, endagering public saftey, etc.) and innocent bystanders. The police will do their best to stop the rioters while leaving the bystanders alone. However, the number if rioters outnumber the number of police officers. So, the police shoot tear gas into the croud to pacify them. Do any bystanders get hit with the gas? Of course. There is just no way around this. This is how the world works.
Here is the bottom line. IRC is a priviladge, not a right. You do not own the equipment. The administrators are kind enough to allow you to use their equipment, free of charge. They donate their time to making sure everything runs smoothly. As is true in society, to have things running smoothly, some rules need to be made, and rules are useless without consequences. Break the rules, face the consequences. Yes, sometimes innocents get hit with these consequences. No one said life, in the real world or otherwise, was fair. Anyone who can solve these problems to everyone's satisfaction will have created a utopian society. That just isn't possible, given human nature (IMHO anyway).
</rant>
>I hate to burst your bubble, but most Americans do not own guns.
Yes, we do. Massachusetts is not a proper sample set of data, sorry. Americans love guns. Hell, I have four and sleep with one under my pillow.
Granted, if Americans were supposed to own guns they whoulda made a Constitutional Amendment or something guaranteeing us the right to keep and bear arms.
Glonoinha the MebiByte Slayer