It is currently Fri Apr 28, 2017 8:48 pm




 Page 1 of 1 [ 5 posts ] 
Author Message
 Post subject: Abuse reports.
PostPosted: Mon Jun 26, 2006 3:24 pm 

Joined: Mon Apr 10, 2006 1:55 pm
Posts: 8
Hi. I know this is a touchy subject but I think we must discuss it in a civilized way, without offending users, IRCops or admins.

Like any big network, Undernet has problems with script kiddies/drones/spammers/lamers. It is not possible to stop everything, we all know that, but some measures might help a bit.

The main complain from regular @Ops is the apparent lack of interest by the network authorities about abuse. If we go to #zt, #arlington or #CService and report some kind of abuse (CService impersonation, drones, etc), we often get a kick saying that it isn't the IRCops' main job to assist on that. I know that keeping the servers running is.. but whose job is it to work on abuse then? Regular @Ops can go as far as the @ let them, no further.

What if there was a "special" IRCop, whose job was to handle abuse? Just this morning we found a CService impersonator and a lamer with a similar $decode script, that made the infected msg a channel after the victim typed the command. If we could report that channel or that impersonator's IP to someone, they could stop them before they did more damage. abuse@undernet.org sends us no feedback, so we don't know if it's being looked on or not.

I'm just making a suggestion for this problem.. we are all in the same side here, I don't wanna criticize or point fingers :)

Thank you.


Offline
 Profile  
 
 Post subject:
PostPosted: Mon Jun 26, 2006 6:41 pm 
Forum Moderator
User avatar

Joined: Fri Nov 19, 2004 9:51 pm
Posts: 594
Location: Europe
Hi Z-26,

G-lining him won't help a lot because he can just come back with another IP, either using bouncer, either using some proxy, either he has a dynamic IP address, either hacked machine, the list is unlimited. So, instead of doing that think about a way of protecting the users from the $decode infection, tell them to download mIRC 6.17 (the latest mIRC version where $decode is disabled by default), so they won't be able to get infected with that $decode anymore.

Regarding abuse@undernet.org, the main purpose of that email address for users is to request a gline removal and report ircop abuse. I am not sure how much you are aware of Undernet projects, and I am not sure how old Undernet user are you but there is a project called Report-Abuse, the channel name is #report-abuse. It is known that the project was closed for 11 months till now. I am a member there so trust me, it was closed because of improving the system, website interface and the robot in order to help the network users in a better way.

Best Regards,
Mit.



_________________
Dimitar Tnokovski aka Mitko
Image
Offline
 Profile  
 
 Post subject:
PostPosted: Mon Jun 26, 2006 7:47 pm 

Joined: Mon Apr 10, 2006 1:55 pm
Posts: 8
Thank you for the reply, Mitko :)

I am aware of #report-abuse, but until the last time I checked (one minute before posting this), #report-abuse was still closed. On the other hand, I'm not familiar with the functionality of #report-abuse (how it works, what do you do, etc), and I would appreciate it if you explain it to me :)

[15:38:05] *** [#report-abuse] Cannot join channel (+i)
[15:38:10] *** [#report-abuse] topic- '#report-abuse is currently closed, please wait until we reopen.'


I know that there are tons of ways an abuser can connect to Undernet, and G-lining them is a waste of time in the long run, but I was thinking more of a on-the-act response - making sure those lamers wouldn't cause any harm for a couple of hours at least. On the long run we need to educate users, thing which we are doing everyday on Undernet :)

Thanks again for the reply :)


Offline
 Profile  
 
 Post subject:
PostPosted: Tue Jun 27, 2006 8:33 am 
User avatar

Joined: Thu Jan 26, 2006 4:41 pm
Posts: 69
Mitko wrote:
It is known that the project was closed for 11 months till now. I am a member there so trust me, it was closed because of improving the system, website interface and the robot in order to help the network users in a better way.


As Mitko said, #report-abuse is closed, so you cannot be assisted there. I can explain you how we usually assist users. When the user joins, he is told to wait for his turn and he is invited to #reports when a member is ready to assist. The user must /part #report-abuse for his own security, everything is reported privately in #reports, one user at a time. Members try to collect as much information as they can and then add a report. User is told to leave and the report will be processed. :)

While #report-abuse is closed, you can direct your reports as shown bellow:
IRC operator abuse, G-lines - abuse@undernet.org
Unregistered abusive channels (botnets, spam, floods, etc) - abuse-exploits@undernet.org
Registered abusive channels, abuse done by CService staff - cservice-abuse@undernet.org

Regards,
Crosswing



_________________
Dead account, don't bother contacting.
Image
Offline
 Profile  
 
 Post subject:
PostPosted: Tue Jun 27, 2006 10:59 pm 

Joined: Mon Apr 10, 2006 1:55 pm
Posts: 8
Thank you for the info =)


Offline
 Profile  
 
Display posts from previous:  Sort by  
 Page 1 of 1 [ 5 posts ] 


Who is online

Users browsing this forum: Yahoo [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

cron