It is currently Wed May 24, 2017 10:54 am

All times are UTC [ DST ]




 Page 1 of 5 [ 64 posts ]  Go to page 1, 2, 3, 4, 5  Next
Author Message
 Post subject: Annyoing "security" policy
PostPosted: Sun Jul 11, 2010 1:47 pm 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
I would like to know about the reasons for Undernets security policy, if you can call it that.

I'm using IRC a lot (different networks actually) and it surprises me that Undernet decided to ban all Tor exits. I'm on Tor a lot for privacy reasons and the other networks I use have no problem with that. But on Undernet, I only get the (incorrect, using Linux) Moosoft Trojan alert or the forbidden message. However, Undernet hosts lots of C&C channels and floods and spambots are very common, so it can't be really about security. Also it seems staff doesn't care (saw a thread here about reported C&C channels, and nobody really did anything about them).

Tor+SSL are a great way to keep your things private when you use public wireless networks a lot like I do.

So what's the reason for the Tor ban? The botnets don't use it. And please no replies like "do not want" or "deal with it": I expect a serious reply to a serious question.


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Tue Jul 13, 2010 6:11 pm 
User avatar

Joined: Fri Dec 16, 2005 8:13 pm
Posts: 15
Location: Romania
The "Moosoft Trojan alert or the forbidden message" you are talking about it is a gline reason, a gline is a ban on all undernet servers. If you scanned your computer for malware/worms/viruses and nothing was found mail abuse@undernet.org with your ip address and reason of gline, ask for further clarification and removal of gline. As for abusive bots/botnets you can mail abuse-exploits@underent.org with precise info as: ips/hosts, channels mentioned in the message body text, not files attached.



_________________
Image
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Wed Jul 14, 2010 1:10 pm 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
I don't know if you bothered to read my posting in detail.

First: I'm running Linux, your Moosoft tool is Windows only. Given that over the past 15 years I never had a virus or trojan on
one of my Linux installs, I'm very positive that my system is clean.
Quote:
AUTO [2] (xxxxx) Infected with a virus or trojan, please clean your system. Cleaner @ http://www.moosoft.com (P14).


Second: I said that I'm using Tor, so obviously it's not my IP that gets glined by Undernet, but the Tor exit node.

Third: Undernet definatively has a ban on Tor and I want to know why.
Quote:
AUTO [1] DNSBL listed. TORs are forbidden on this network. Your IP is xxx.xxx.xxx.xxx.

I get this lots of times for many different IPs, namely the exit nodes.

Fourth: Just look around on this forum. Many users have mentioned about 40-50% botnet/drones on the network, and nothing ever seems to happen.

Fifth: All that said, I want to know the reason. Undernet has a major problem with tolerated abuse, so the crackdown on Tor makes no sense.
I would not complain if 90% of the problems came from Tor, but let's face it: drone herders have networks a few magnitudes larger and don't need it.

I just want ensure my privacy and security. Nothing more, but also nothing less.


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Mon Jul 19, 2010 4:42 pm 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
Can I get a reply, or will this just be some sort of "we don't care, let's ignore him thread"?


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Wed Jul 21, 2010 1:04 am 
Forum Super Moderator
User avatar

Joined: Tue Aug 20, 2002 1:00 am
Posts: 606
Location: Virginia, USA
Torman wrote:
Can I get a reply, or will this just be some sort of "we don't care, let's ignore him thread"?


No one is ignoring you on purpose.

You have not been answered, apparently because no one has an answer for you at this time.

JMO.

~Eenie



_________________
Just a small fish in a big sea Image
Image
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Wed Jul 21, 2010 9:28 am 

Joined: Wed Jul 21, 2010 9:24 am
Posts: 3
How could there be no answer? It's a pretty simple question.


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Wed Jul 21, 2010 11:24 am 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
Eenie: Thanks for the reply.

No offense, but does that mean nobody here knows why a legitimate service like Tor has been blocked?

Since Undernet knows the IP's of the exit nodes, why not simply cloaking users? Like e.g. <nick>!<user>@<random>.tor.undernet.org? That way, every op can simply decide if he wants Tor users or not in his channel by setting a ban on the *!*@*.tor.undernet.org mask.

Tor is an major service for freedom. Reasons may be as simple as coming to IRC from an untrusted hotspot, but also as important as avoiding monitoring by an oppressive regime (China, North Korea, Iran, etc). For me, IRC was always about freedom of speech and it would hurt to see that freedom being taken away.

Yes, I'm annoyed by all that and pardon me if it shows. Perhaps somebody could bring this thread to the attention of those who decide to do such large bans.


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 12:05 am 
User avatar

Joined: Mon Jun 04, 2007 1:06 am
Posts: 182
Location: Behind You!
Torman wrote:
Can I get a reply, or will this just be some sort of "we don't care, let's ignore him thread"?


its pretty simple, TOR are mostly used to abuse, evade glines/bans and we do not support that..
undernet in the last 5yrs has not moved a lot, and now its making progress to erradicate floods/abuse/evading with improvements like this one. Sorry for the innocents who are caught in the fishnet, but.. there are alternatives..

i hope next step would be regex patterns usage in bans/gline :)

the answer is simple: Don't use TOR, its banned. use your own ip and hide it with user mode +x, for this you will need a username, get one at http://cservice.undernet.org/live

and again.. TOR are banned due to abuse.. Its a Good step that i completely support. you should too, i understand your "for privacy" but put yourself in our shoes..



_________________
Image
Go to hell with your questions, my time is done here.
It was fun, but this network is sooooo corrupted by morons, its not worth it.
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 2:42 am 
Forum Super Moderator
User avatar

Joined: Tue Aug 20, 2002 1:00 am
Posts: 606
Location: Virginia, USA
xplo wrote:
Torman wrote:
Can I get a reply, or will this just be some sort of "we don't care, let's ignore him thread"?


its pretty simple, TOR are mostly used to abuse, evade glines/bans and we do not support that..
undernet in the last 5yrs has not moved a lot, and now its making progress to erradicate floods/abuse/evading with improvements like this one. Sorry for the innocents who are caught in the fishnet, but.. there are alternatives..

i hope next step would be regex patterns usage in bans/gline :)

the answer is simple: Don't use TOR, its banned. use your own ip and hide it with user mode +x, for this you will need a username, get one at http://cservice.undernet.org/live

and again.. TOR are banned due to abuse.. Its a Good step that i completely support. you should too, i understand your "for privacy" but put yourself in our shoes..


Coloured in red above by me.

Whose shoes are those? Are you now an official representative of our network, xplo?

~Eenie




_________________
Just a small fish in a big sea Image
Image
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 1:27 pm 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
Quote:
evade glines/bans

What about those users without static IP addresses? Resetting a router is all they need to do to evade a ban. Want to gline all ISP's who use DHCP?

Quote:
its making progress to erradicate floods/abuse/evading with improvements like this one

I would not call that an improvement; it's exactly the opposite.

Quote:
there are alternatives

Like?

Quote:
next step would be regex patterns

No offense, but I seriously hope you won't make those regexp.

Quote:
the answer is simple: Don't use TOR

My conclusion can be equally simple: don't use Undernet. I don't really want to use that option though; but it's a last resort measure.

Quote:
use your own ip and hide it with user mode +x

Which helps not a single bit if you come from an untrusted and/or snooping network.

Quote:
TOR are banned due to abuse.. Its a Good step that i completely support

I've seen lots of abuse coming from e.g. Comcast too. Or Russia and China if you want to be more general. May I make another suggestion for some large bans?

Quote:
"for privacy"

Putting that in quotes makes it sound like you consider it an excuse from me to continue with abuse, which has the nasty taste of calling me a liar.


So xplo, why not cloaking Tor users like I suggested? Or do you think Undernet shouldn't let ops decide who to let into their channels? Cloaking is such a simple fix with benefits for both sides.

See, I don't like drones either. I would not mind to solve a captcha to connect. Somewhat like the "/quote pass" line for broken idents: post an URL to an image. The user looks at it and replies to connect. Voilà, no more drones until they do OCR (and then it's only a matter of minutes to change the captcha layout).


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 3:48 pm 
#Userguide Member
User avatar

Joined: Sat May 15, 2004 12:19 pm
Posts: 39
Location: The land of nowhere
Erm, that must hurt!


Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 11:50 pm 
User avatar

Joined: Mon Jun 04, 2007 1:06 am
Posts: 182
Location: Behind You!
Eenie wrote:
xplo wrote:
Torman wrote:
Can I get a reply, or will this just be some sort of "we don't care, let's ignore him thread"?


its pretty simple, TOR are mostly used to abuse, evade glines/bans and we do not support that..
undernet in the last 5yrs has not moved a lot, and now its making progress to erradicate floods/abuse/evading with improvements like this one. Sorry for the innocents who are caught in the fishnet, but.. there are alternatives..

i hope next step would be regex patterns usage in bans/gline :)

the answer is simple: Don't use TOR, its banned. use your own ip and hide it with user mode +x, for this you will need a username, get one at http://cservice.undernet.org/live

and again.. TOR are banned due to abuse.. Its a Good step that i completely support. you should too, i understand your "for privacy" but put yourself in our shoes..


Coloured in red above by me.

Whose shoes are those? Are you now an official representative of our network, xplo?

~Eenie



i am a well known user/volunteer since a freaking long time ago, no need to act like you own the place!
by OUR i ment Undernet's users who are freaking annoyed of proxy/TOR usage with floodbots/spammers/evaders
i NEVER pretended to be an official, you can see this via /msg x verify xplo from irc..


you should take a nap or something....

Focus on the RED part


Last edited by xplo on Fri Jul 23, 2010 12:07 am, edited 1 time in total.


_________________
Image
Go to hell with your questions, my time is done here.
It was fun, but this network is sooooo corrupted by morons, its not worth it.
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Thu Jul 22, 2010 11:58 pm 
User avatar

Joined: Mon Jun 04, 2007 1:06 am
Posts: 182
Location: Behind You!
Torman wrote:
So xplo, why not cloaking Tor users like I suggested? Or do you think Undernet shouldn't let ops decide who to let into their channels? Cloaking is such a simple fix with benefits for both sides.

See, I don't like drones either. I would not mind to solve a captcha to connect. Somewhat like the "/quote pass" line for broken idents: post an URL to an image. The user looks at it and replies to connect. Voilà, no more drones until they do OCR (and then it's only a matter of minutes to change the captcha layout).


this will never happen here, it took ages to get something moving here...

and as alternative, get a Bouncer, (psyBNC, ZNC, Sbnc) those are alternative. get a secured shell, your own bouncer, and we will never need to discuss about it ever.

like i said above, TOR are used to evade glines/bans. and you don't need to try and be rude, this forum is for support from the undernet's community, and from the people who actually care about helping those in need, i answered your question the best i can, i am NOT an oper/admin, and if my post was incorrect, i am SURE one would have replied something different. ( except flaming like the one above, excuse her.. it happens..)



_________________
Image
Go to hell with your questions, my time is done here.
It was fun, but this network is sooooo corrupted by morons, its not worth it.
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Fri Jul 23, 2010 12:31 am 
User avatar

Joined: Thu Apr 28, 2005 3:03 am
Posts: 111
Location: Virginia, USA
xplo wrote:
( except flaming like the one above, excuse her.. it happens..)


Sensitive much?

By the way, the simple act of asking you a question does not automatically make it a flame.

JMO, and sorry to go off-topic.

MrEen



_________________
The bigger fish.
Offline
 Profile  
 
 Post subject: Re: Annyoing "security" policy
PostPosted: Fri Jul 23, 2010 12:07 pm 

Joined: Sun Jul 11, 2010 1:23 pm
Posts: 14
Quote:
this will never happen here

I agree that a captcha solution takes quite a lot of work to set up correctly; but it would solve the drone problem very efficiently.

Quote:
and as alternative, get a Bouncer

I'm not sure if you understand the situation correctly. You're telling me to buy a shell for a bouncer to keep on using the free service Undernet provides (don't get me wrong, I honestly appreciate that service), but there would be no additional value. Other networks are also free and allow Tor which I want to use. You're making me choose between free (as in beer) and a monthly fee for the same services. And frankly, moving channels is easy.

Quote:
you don't need to try and be rude

If I would have a reason to be rude to you, it would show very clearly. I don't need to beat around the bush.


Blatantly spoken, I'm not really buying the evade argument. We can talk about it when IPv6 has taken over and everything online has a static IP, but until then ISP's will keep on using DHCP with their IPv4 address pools. As long as that's the case, evading a ban is a piece of cake, even for the most retarded troll.

Tor has, at best times, maybe 1,500 exits online. If I stay with my Comcast example from earlier, then you will notice that they currently have 21,124,218 useable DHCP IP's (http://postmaster.comcast.net/dynamic-IP-ranges.aspx). If an op bans a Comcast troll, he just needs to reset his modem and comes back. If that goes on long enough to annoy the op to a certain level, the op will set a ban on *.comcast.net or if he is nice enough to e.g. *.fl.comcast.net "only", blocking millions of hosts. A troll evading through Tor (with a cloaked host) would only cause a colateral damage of 1,500 hosts.

Furthermore, you don't know how many users simply leave without talking about it. When I had my channels on Dalnet and attacks brought it down, all I had to do was to notify the regulars to pass on the message that we will switch networks. One could even just add a CNAME/A irc.* record to his domain and move without having users to change settings. You think I told Dalnet about it back then? I brought this up here because I actually like coming to Undernet, despite the problems with drones/floods/spam. By the way, that's more or less how Undernet itself was born too: users got annoyed with EFnet because nothing was done (or the wrong things were done).

My hostmask/cloak suggestion still stands and I see nothing bad with it. Not only will it hand ban control over to the channel ops, but it is trivial and would also send out a message: Undernet values freedom of speech.


Offline
 Profile  
 
Display posts from previous:  Sort by  
 Page 1 of 5 [ 64 posts ]  Go to page 1, 2, 3, 4, 5  Next

All times are UTC [ DST ]


Who is online

Users browsing this forum: Bing [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

cron