[General] Ping Time out !

Ask your general or IRC related questions.
User avatar
evi|one
Posts: 211
Location: Netherlands

Post by evi|one »

If many clients (ie: a floodnet) send you CTCP messages at the same time, you will try to respond to those message and flood the IRC server. You usually get disconnected with an Excess Flood message. Remedy: when under attack ignore the CTCP messages (mIRC command: /ignore -t *) or ignore private messages altogether (/silence +*)
I am a signature virus. Copy me into your signature to help me spread.

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

What about dos atacks ? Are dos atacks related with ctcp flood in any sens, what does a dos atack do ???
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.

puterfixer
Posts: 212

Post by puterfixer »

Somehow I bet that Google and whatis.com and irchelp.org and the thousands of websites out there will provide any answer you are looking for. Of course, you will have to SEARCH for it. Even the ping timeout is such a first grade (irc-wise) question! Haven't you read any help file, didn't you try searching for answers on your own before asking?

Elite
Posts: 10
Location: UK

Post by Elite »

Razvanet wrote:What about dos atacks ? Are dos atacks related with ctcp flood in any sens, what does a dos atack do ???


DoS attacks are ICMP Ping floods or UDP flood or a combination of both against your IP address directly ie not IRC related, you can often protect yourself from this by //mode $me +x (make sure you set this BEFORE joining any channels) another good measure that would protect you against it is by installing a firewall.

puterfixer
Posts: 212

Post by puterfixer »

Installing a local firewall will not prevent the packets from coming through your internet connection and eating up your bandwidth - which is, in fact, what the effect of DoS is: no more bandwidth for normal communication, it's entirely used by junk. The only way to prevent a DoS or flood attack is to contact your ISP and ask tech support to block out the source. In DDoS, Distributed Denial of Service, where thousands or hundreds of thousands of computers are attacking your IP, this filter is not that easy to implement and it will probably affect your ISP as well, so they will contact their upstreams providers and find a solution for blocking the traffic from the attackers towards your computer, thus freeing your Internet connection of incoming packets.

By hiding your local host with +x mode, you are only preventing someone on IRC from seeing it. But from the second you connect to the Internet, your computer is part of the global network and can be accessed by anyone. So, even if you just connect to the Internet and don't do anything, your IP can be attacked or scanned, either individually or by specialized programs which portscan thousands of IPs each minute trying to find vulnerabilities they can exploit.

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

Well good information...but i don't understand why so many undernet servers had to delink to to DoS!
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.

OUTsider
Posts: 435
Location: Netherlands

Post by OUTsider »

puterfixer wrote:... this filter is not that easy to implement and it will probably affect your ISP as well, so they will contact their upstreams providers and find a solution for blocking the traffic from the attackers towards your computer ..


The problem here is, that backbones like level3, uunet, above.net etc actually make money when an ISP is getting (D)Dos'ed, coz in the end, the ISP has to pay for the traffic. Also it's very hard to ask these organisations for a decent filter. Most of the time, the only option they provide is nullrouting the destination IP to make that unavailable, which results in even that what the attacker wants: Getting you offline.

A solution would be make it possible to implement rate limiters for specific protocols. Most of the time the attacks are using the UDP and ICMP Protocol. ICMP could be heavilly rate limited for example. E.g. filter packets which are larger then xxxx bytes or limit to 5 packets / source / destination / amount of time.
The problem is, on large networks this EATS CPU. since the box will have to check every packet, thus slowing down routers, and if you , as isp, want equiment that is able to handle this. Then start paying about 50.000 bucks or more for a simple version.
I wish it would be possible for AS'ses to decently communicate wich each other and be able to tell each other something like: Please don't send any more packets to <destination>. Then the backbones can remain sitting on there chair earning less money coz they refused to offer the filters. And DDoS attacks could be stopped a hell lot easier.

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

Turning back to the subject, i have another question...is Elsene.be.eu.undernet.org LordLuke and X and X's server conected some how ? I know it's probably secret...but some how i got to the conclusion that they are all related somehow. Sorry for my curiosity ! :)
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.

Eenie
Posts: 606
Location: Virginia, USA

Post by Eenie »

Then why are you commenting on it?!?!

Eenie
:)

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

Just thought someone...could give me an answer...you never know ! :)
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.

Eenie
Posts: 606
Location: Virginia, USA

Post by Eenie »

OH! Sorry! I was answering some other post of yours, and this appeared here! Wonder how that happened?!?!

Kindly disregard it.

Eenie
:)

User avatar
evi|one
Posts: 211
Location: Netherlands

Post by evi|one »

Razvanet wrote:Turning back to the subject, i have another question...is Elsene.be.eu.undernet.org LordLuke and X and X's server conected some how ? I know it's probably secret...but some how i got to the conclusion that they are all related somehow. Sorry for my curiosity ! :)


I bet you ask that because that oper has an @undernet.org host (which makes it X's "clone"). But that doesn't mean the oper has anything to do with X. Some admins provide that kind of host for their opers. I't just a matter of making some private IP resolve to undernet.org and make undernet.org resolve to that IP. Next time you see that try /userip <oper's nick>
I am a signature virus. Copy me into your signature to help me spread.

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

HAHA, evilone this is not my first week on Undernet !, i know all about hiden ip's. I don't want to get in to details but i will explain a little where i got the idea. First Lordluke is the admin of elsene.be.eu.undernet.org , second he is also a cservice administrator, and third last time when X was down, elsene.be.eu.undernet.org was also with some conection problems, not that i'm sure of all this, just that all this made a connection in my mind....it might be all not true...but i was just wondering... :)

Regards,
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.

User avatar
evi|one
Posts: 211
Location: Netherlands

Post by evi|one »

My post was NOT about hidden IPs
I am a signature virus. Copy me into your signature to help me spread.

User avatar
Razvanet
Posts: 406
Location: Toronto,Canada

Post by Razvanet »

evilone wrote: I't just a matter of making some private IP resolve to undernet.org and make undernet.org resolve to that IP. Next time you see that try /userip <oper's nick>


I thought it was.. :confused:
Dream what you want to dream; go where you want to go; be what you want to be because you have only one life and one chance to do all the things you want in life.