These are transcripts of the IRC classes held in #class and #opschool on undernet and provide a very good overview of what IRC has to offer for beginning and advanced users.
This class was set up for beginner IRC users to come and learn about IRC and the Undernet. We offer this course every other week so the users can better understand what IRC has to offer. Check the topic in this channel for class times.
Here are some important basic definitions to know when you are on IRC:
User - This is a person who is using IRC. You are a user right now.
IRC was created in 1988 by Jarkko Oikarinen. It started in Finland and is now used in over 70 countries around the world.
It has grown as a popular and exciting place for people to meet from around the world. It was widely used during the Gulf War, Oklahoma City Bombing, the O.J. Simpson trial and Princess Diana's death for news updates and reaction.
IRC is simple when it comes to how it works. When you type a line of text, that line goes to the server you are using. Then, your server is sending it to the server the receiver is using to connect to IRC and finally from there the line arrives the final destination - the user or the channel you sent the line to.
Of course this always can't happen quickly, especially with the growing population of the Undernet. Sometimes there is lag (time between when you type the message and other users see it).
Lag is caused because servers are either too full, not synched, or a netsplit is ready to occur. We will discuss a netsplit later in the class. To get on the Undernet to chat, you need to connect to a server. The server holds information about channels and users in them. It also routes your messages to other servers which it is connected to, forming a network as explained earlier.
Selecting a server geographically close to you can be beneficial and recommended, but it is not generally required. If you get a message that you cannot connect to a specific server, simply try another one. Most Undernet servers follow the same format: city.state.country.undernet.org or city.country.eu.undernet.org. Many large cities have servers. Need a list of servers? Check out http://www.undernet.org/servers.php. You need to set up your client so that it works best for you. This way you can feel more comfortable while on IRC. Most clients ask for a real name. Don't bother entering your real name here, but if you want to, go ahead. Most people stick something cute in there. Entering your real e-mail address is not necessary either. You need to select a nickname. A nickname is the name people will recognize as you on IRC. Try not to pick one which is too general,because others might use that, and then your friends will get confused. Your nickname is limited to nine characters on the Undernet.
When you connect to a server, you may experience server errors. Don't worry, you didn't mess the server up. Try connecting to another server, or try connecting later.
Error messages will be discussed later in Session F.
As an IRC user, you need to get used to a netsplit. A netsplit is when the network splits into two networks when a server link is closed. This can happen because of bad routing or server popularity. Sometimes during a netsplit, the two sides don't receive the correct information, resulting in a desynch. You will notice this when, forexample, a server deops a user whom a channel operator has already opped. This occurs because the server on the other side of the netsplit doesn't know that the op exists, so it will automatically deop the user that was previously opped.
Now it's time to learn the basic commands of IRC. To type a command remember to put the / before the actual command.
You can also search for channels with a certain number of users. For mIRC, use /raw list >4 (to list channels with more than four users on it), pIRCh uses /verbose list >4, and ircII uses /quote list >4.
Besides chatting in a channel, you can also privately chat with other users. You probably have seen this if you have asked a question to your tutor. Here are some commands on user communication:
Do not have your DCC GET set to autoreceive, there are too many trojans being sent by users and you run the risk of being infected if you receive and run them.
Remember, with all the commands listed above, do not include the < > marks. This is just an aid to indicate to you of the parameters you need to enter.
All IRC channels start with # or &. # is most commonly used because that channel is available globally to all users on the network. For example, #newbies is a channel. Channel names have a maximum length of 89 characters.
A channel that begins with & is only available to users on the local IRC server. If you open a channel like &Mychannel people on other irc servers will not be able to chat there with you. This kind of channel is used rarely.
Many commands are available to use when you're on a channel. These commands help you join a channel, leave a channel, invite others to a channel, and many other commands.
Most channels have a chanop. They are there to participate in the channel and to monitor it using special commands which are available.
All users in the user list with a @ in front of their nickname are chanops in that channel. If you join a new channel, e.g. #newchannel, and no one is in there, you just create it and you will automatically become a chanop.
If you are a chanop in a channel, here is a example listing of some commands you can perform:
There are more commands, including the ban command, which will be discussed later in this class.
You can register a channel if you want on the Undernet. Go to the Channel Service web site at http://cservice.undernet.org to register a channel. Before you do this, make sure an Undernet channel service bot is not in the channel. Channel service bots are robots with the nickname X. Channel Registration is now ready.
You can register a username (not nickname) on Undernet for X bot access. Go to the Channel Service web site at http://cservice.undernet.org and click on the web interface link to register a username.
If you need help or have questions about registration of a channel, join #cservice. They have a lot of knowledgeable people in there to help.
If you want to see what a channel manager (the user who registered the channel) does, try attending an #opschool. This is similar to this school, except it teaches about X. Visit their website at http://cservice.undernet.org/main/opschool/index.html or check the topic in #opschool to see the class schedule.
Your behavior on channels is always important on the Undernet, and mostly anywhere else you go. Be sure to follow directions, if any, set by the channel ops. Be sure to look at the topic of the channel for more info.
Try not to say hello and goodbye to every user. If you want to, send them a private message. It is rude to interrupt conversations by constantly saying hello, even if you are trying to be friendly. While different channels have different rules, it is generally good manners not to send a /query or dcc chat to another user without first asking in channel.
If you become advanced in IRC and learn how to program a bot so your client performs certain instructions on command, never use autogreets. Autogreets are when a user joins a channel and another user's computer automatically greets them. They are not only obvious, but rude.
Remember, users will not see you, and they judge their opinions about you on what you type. Always think about what you are typing before you say it. Don't flood a channel (continuously entering many lines of messages to a channel). This will almost certainly get you kicked and banned.
Never harass other users. You might think it is funny, but others may take it the wrong way. It is just another way to be thought of as rude and annoying.
Try not to use other people's nicknames. This will result in people thinking you are one person while you really are another. Think of a creative nickname that no one will have. Don't use a nickname of -John- for instance. Anyway, a registered username will always identify you whatever nickname you are using.
Overall, just try to be nice to people. IRC is a privilege, so try to take advantage of it in an entertaining, educational way. Don't abuse it. Remember, ChanOps can kick and ban anyone they want for any reason or no reason.
If there are no ops on a channel, that channel cannot do anything about annoying or flooding people who enter it. You can report this to an IRC operator if necessary. To find an oper with mIRC, type /who 0 o. Other clients use different commands for this, so refer to the program's help files.
Sometimes other users may use clones, which are multiple connections from the same IP. If at all possible, only use one connection when you are on the Undernet.
Some channel ops like to kick and ban users for no reason. Since they are in charge of the channel, there is nothing you can do if you are kicked and banned. Just move on and join another channel.
The Undernet is a community, while you may enter and hold an unregistered channel, getting along with others that want to share it is encouraged. Flooding or attacking other users to gain ops is considered a takeover and action can be taken.
If you are in doubt, join #Userguide and ask. The people in there can always help you on almost any question you have. If they don't have the answer they can probably refer you to another place where you can find it.
Here are some common error messages users receive when logging onto a server.
Some servers do not want you to run bots. If you do, you are at a possible risk of being detected and dealt with. Make sure always to read the MOTD (message of the day) of the server before you use it. This always appears when you connect to a server, or type /motd. This contains what is allowed and what is not in that server.
Ultimately, you don't really need a bot. Some are nice for playing games, but it does take up a lot of bandwidth. If you know how to make a bot, make one which is very simple, without backdoors, and run it on a server that allows it.
As we have talked about before, the Undernet Channel Service maintain a server exclusively for management of a channel. To get a channel service bot in your channel, you need to register it. Go to http://cservice.undernet.org to find out more about Undernet channel registration.
When you enter channels like #cservice, you will see a channel service bot (currently X). The server works as a tool for a channel manager (user who registers the channel) to use to customize and protect their channel.
There are help bots on the Undernet which are provided for help. For example, type - /msg UserGuide UserGuide usage - for general Undernet help.
If you are a chanop, you can use modes by typing /MODE < channel > < mode > < parameter >. The < channel > is the channel you are a chanop in and want to change the mode, the < mode > is the mode key (which will be listed soon),and the < parameters > are the characteristics for the mode. A + or - sign before the mode key determines whether the mode should be added or removed.
Here is a list of channel modes for channel ops:
b < ban mode > - This bans a user. If I wanted to ban MLewinsky from #thebigcreep, I would type /mode #thebigcreep +b <hostmask for MLewinsky>. The hostmask is available by typing /whois MLewinsky and adding asterisks where dynamic areas are in the user@host. Most clients have mouse driven menus that can assist you with this.
i - Channel is set to invite-only. Only users who are invited by a channel op can join the channel. Channel ops in the X bot of level 100+ may also invite themselves to a +i channel.
l < max > - Channel is limited to < max > number of users. If this number is exceeded, they cannot join the channel. (For example, /mode #example +l 25).
m - Channel is moderated. Only chanops and users with + in front of their nicknames can talk (i.e. send text to the channel).
n - No external messages are allowed. When you are not in a channel, you can still send msgs to it, by typing /MSG < channel > < text >. This mode prevents this.
p - Channel is private. When a /WHOIS is performed from outside on anyone in a private channel, the channel will not be displayed in the /WHOIS result. It won't be shown in a channel listing either.
s - Channel is secret. This is similar to the mode +p: channel won't be shown in a listing and a /WHOIS performed from outside won't reveal the channel. The difference is that, unlike mode +p, you won't be able to see who is in the channel with /who #channel.
t - Topic is locked. Only chanops can change the topic, not regular users.
o < nickname > - Gives that user chanop status. (For example, /MODE #example +o LindaTripp) gives LindaTripp chanops in #Example.
v < nickname > - Gives that user a voice in a moderated channel. This user can chat when the channel is set to +m and when banned.
k < key > - This sets a key on the channel. Only users typing /JOIN < channel > < key > can join the channel. It acts as a password.
r - restricted - This useful channel mode allows only users who have previously logged in to their registered username (i.e. to X) to join thechannel. So, to join a +r channel, log in to X and try. This is not restricted to registered channels only but it's available for all the channels.
To see a list of channel modes currently in effect, refer to the title bar of the channel window, or type /MODE < channel >.
Users can also set modes for themselves. This is different from channel modes. To use these, type /MODE < nickname > < mode >. Here is a listing:
i - Makes you invisible. When users do a /WHO #example, your nickname will not show up. If they do a /WHOIS < nickname >, it will show which channels you are in. When you are in the channel, users can still see you. This just prevents people from seeing you when they search for people in a channel.
w - Wallops. Lets you see messages to all IRC operators (another way opers communicate with each other).
d - Deaf. This prevents you from seeing any channel dialog. Useful for bots.
x - Host hiding. This useful usermode will hide your real IP/hostname and, instead, show email@example.com in a /WHOIS info. To enable this mode, log in to X. If you want to turn it off, you'll need to disconnect from the IRC.
Most operators will not deal with channel affairs, unless it's a particular situation, like a channel takeover.
If you seriously need an IRC Op, find one and report what you need and they should be able to help you. Please do not ask to kill a user because they are using profanity or something similar. IRC Ops are very busy and need to attend to other activities also.
Try not to /msg an IRC Op numerous times, as they usually cannot respond to every request. They have to maintain over a server, and that is hard work.
To find an IRC Op online, type /who 0 o. (First 0 is a zero). H means they are Here, G means they are Gone. This only shows opers who are -i or who are in the same channel with you. This works with some clients, but not all. Refer to the help files of your client for information on this feature.
Remember the IRC Ops are very busy people, so please be considerate if you absolutely need one.
The IDENT is used on IRC to help tell one user apart from the other.
Clients which have a working IDENT server installed are identifiable because their user@host information is not prefixed with a ~ (tilde).
For example: ThisIsMe (firstname.lastname@example.org) <-- IDENT is installed and detected. ThisIsMe2 (~email@example.com) <-- Ident Not Detected.
Note that if the server checks for IDENT on your host and fails, it will use the front part of the 'email address' parameter instead.
When IDENTD is running you have proof you are on a legitimate address. Most connections from hacked hosts or via stolen proxies are not idented, and for this reason people without ident are often banned from channels, or occassionally from entire servers.
Channel Ops: If you have problems with flooding or abusive users, banning non-idented clients often eliminates most of the hassle - /mode #yourchannel +b *!~*@* bans non-ident clients. This is another reason guests should try to get their IDENTD working correctly.
The following are instructions for configuring IDENTD: mIRC: Click on File, then Options, then click on the plus (+) sign next to Connect. Click on IDENTD under Connect. The following information must be used :
1) Enable identd must be checked.
2) User ID should be the same as the first part of your email address found on the main connect page of mIRC. Example: if, on the main connect page, your email is firstname.lastname@example.org, your user ID should be blah. (This prevents confusion of your identity if ident should fail).
3) System MUST say UNIX (yes even though you are using Windows, UNIX is what goes in the system box).
4) Port MUST be 113 (usually set by default).
For further help with this please read the mIRC help files or /join #mIRC.
Linux: In Linux If you are not the Administrator of the box, please contact your system administrator for additional help. If you are running a Linux system and are having trouble enabling identd, the package you are looking for is identd-masquerade.
#userguide - Helpful User Committee channel where members are available to answer questions about the many resources that are available on our network as well as provide help or point users in the right direction for both simple and advanced IRC- and computer-related questions. Please visit our webpage for more information, http://www.user-com.undernet.org/userguide .
#zt - Technical help channel, usually for technical help and channel difficulty.
#vh - Reputable virus removal help channel (vh stands for virus help).
#cservice - Undernet Channel Service. Help with the X bot and information on how to use it.
#beginner - Another new users channel to ask questions.
#help - Help available for more experienced users, along with newbies.
#opschool - A CService Class similar to this. Follow the directions in the topic for Opschool classes.
The Undernet also provides e-mail addresses where you can get help. Here are a few which you should know.
email@example.com - Channel Service mailing list.
firstname.lastname@example.org - Opschool mailing list.
email@example.com - Abuse or misuse of powers, e.g. IRC operators, NOT channel affairs.
firstname.lastname@example.org - For more experienced users along with newbie help.
email@example.com - User Committee mailing list.
Like explained before, if absolutely necessary, you can get an IRC Op to assist you. Also, Undernet has a homepage with useful resources at http://www.undernet.org.
Floods are found everywhere you go on IRC. Even though they can disconnect and annoy you, there are very simple ways to combat them.
There are many different kinds of floods on IRC Here are some of the more common types. Included after each one is how to combat or prevent that kind.
CHANNEL TEXT FLOODS - Multiple lines of text sent to a channel - usually in random letters.
CTCP FLOODS - The flooder sends a ctcp command to you many times, causing your client to respond just as many times, and ending up in a disconnection.
DCC FLOODS - A user attempts to hold multiple DCC sessions with you and sends random text to the chat window.
The best thing to do to combat this type of flood is to not accept any DCC chats from people that you don't know. Otherwise if the DCC is a DCC send, the best thing to do is to close your client, open it again, and set it to auto-ignore DCC Sends until you're sure the flooder stopped.
To combat CTCP and channel text floods, set up an alias key to /silence +*!*@*, which will ignore everyone until you take off the command. To take off the command, type /silence -*!*@* (note the -). For information on setting up aliases, consult your clients documentation.
Latest versions of clients like mIRC bring a slight flood protection which you can configure to block most of the channel and ctcp floods. In mIRC, go to File, Options, expand IRC section and go to Flood. Refer to your client help file for further info about the options for this.
FLASH FLOODS - Occurs mainly when someone sends specific control characters to another user who is ircing via a unix machine. The results of the flood causes a slight reset of the clients terminal and renders text unreadable. Mostly this is only seen on school networks that are using ancient ircii clients.
For all UNIX users, simply type - mesg n - (no quotations) at the shell prompt BEFORE using IRC. This command will get rid of the problem.
ICMP FLOODS - This happens when a user sends multiple packets of information over and over again to your internet dialer, causing the dialing program to become busy. The dialer doesn't have time to respond to the IRC server you're on, so the server thinks you've left. This ends up in a disconnection.
While there is no major - full proof - way to suppress icmps on a win95 box, you can install programs that could prevent serious attacks and even deny icmps from hitting your box directly. These are known as firewalls and are usually used at most ISPs. If your ISP doesn't have one, download & install one, like BlackIce Defender, ZoneAlarm or Shields Up! (We will give you the webpages where you can get these and other firewalls later in this class".
Latest Windows versions like 98, ME, XP, etc. already comes with patches that may help you avoid these attacks. Anyway, a good habit should be to keep your Windows as much up-to-date as possible. This means to get the latest security patches for your Windows or any operating system you may be using. For Windows, visit http://windowsupdate.microsoft.com .
LOCAL PORT FLOODS - Unpatched Windows versions have a bug that lets flooders attack your printer and modem ports. However, already exists patches for this bug. Also, latest versions of mIRC have already fixed these bugs in them to avoid this attack. It's highly recommended to get the latest patches for your Windows and to use the latest versions of your IRC Client.
There is a simple fix for oldest mIRC versions' users. Just type /ignore -p < option >. Where option is, type these commands in separately: com1*!*@*, com2*!*@*, com3*!*@*, com4*!*@*, prn!*@*, and lpt!*@*. Be sure to type them SEPARATELY. E.G. /ignore -ptn com1*!*@*, then /ignore -ptn com2*!*@*, and so on for all of them.
FORMAT FLOODS -. Format floods are - pictures - drawn on a client using colors. As cute as it sounds, they can flood users off - both accidentally and intentionally. Most Irc clients have options that let you strip these enhanced text formats and avoid being flooded. Refer to your client help file for info about this.
Those are all the types, fixes and commands you need to combat floods. Remember to NEVER retaliate against a flooder, it only makes the situation worse. If a flooder persists to flood you, try contacting an IRCop with the nickname and/or the user@host of the flooder by typing /who 0 o or /who -oper for UNIX.
For a more in depth document about flooding and how to combat it, check NudeDude's NoFlood document available at the documents website at http://www.user-com.undernet.org/documents/ .
A Denial of Service is an attack against computers connected over the internet, especially on IRC. These attacks are illegal in the U.S and many other countries.
There are many DoS attacks, the most common being nukes, packeting and hacking.
A nuke is usually performed by sending specially crafted packet(s) of data to a computer running an unpatched operating system. If, for example, you don't update Windows regularly, you may be vulnerable to a nuke-based attack. Nukes usually use an internal operating system exploit to cause the computer to lock-up (i.e., Blue Screen of Death), forcing you to reboot.
There are many kind of nukes - SMB bombs, Winnuke, land, Click, Sspin (ping of death) just to name a few, though most only affect unpatched versions of Windows 95/NT. There are also many nukes that exploit bugs found in older Linux versions too.
SMB (Server Message Block) is not an attack in itself, but a weakness in the windows file sharing logic that allows remote attackers to view your files and folders. There are several patches for users, another solution would be to uncheck the Netbios and IPX protocols in your modem connection settings, only leaving tcp/ip in place.
Packetting is an entirely different kind of DoS (often Distributed Denial of Service, or DDoS) attack. The objective is no longer to cause the computer to lock-up, but instead prevent any normal data from being sent or received over the Internet by the victim. This is done by flooding the victim with an extraordinary amount of meaning data, cluttering up any available bandwidth.
There are many different kinds of packetting attacks, including smurf, slice, UDP floods and ICMP floods".
ICMP is Internet Control Message Protocol, and is very common. Not all ICMP are attacks. If you are attacked with ICMP it affects your modem connection and causes all Internet application to run very slowly and eventually disconnect from your ISP. Firewalls can help reduce the effectiveness of this type of attack.
If an ordinary dialup user is targeted for a DDoS attack, it will usually lead to being disconnected, however, the dialup user will likely be able to reconnect and obtain a new IP. On the other hand, if an IRC server, a webserver, or even where ISP is attacked, there is very little they can do to defend themselves. Packetting has been responsible for the delinking of many IRC servers from undernet, and has forced many online companies out of busine
How can you help this cyber-terrorism war against malicious users who packet? Find out in Section F, when we cover Trojans.
Hacking is another form of Denial of Service attack. It's important to dispel any myths about hacking, since there are many. Hacking can only occur if your system allows it. If you do not run software that has a backdoor or a vulnerability/exploit (such as a virus or a trojan), then you cannot be hacked.
DoS attacks are very serious. In some cases, a fix is available, and it is strongly recommended you get the patch. At the end of class URL's will be given for the patches. As with floods, the last thing to do is retaliate. Remember, when you're getting attacked, the first thing you want to know is the IP address so you can report the abuser to the authorities.
There are currently lots of viruses going around IRC. A user with an infected copy of mIRC unknowingly distributes the virus to all users entering a channel in one way, or another. Sometimes by sending a file, but usually by spamming a website.
Many kinds of IRC viruses exist, many cause anything you type to be echoed into a secret channel created by the abusers, other kinds of viruses will install an infected robot (or drone) that will connect to a predefined IRC server and join a predefined channel, giving abusers full access to your computer, and your bandwidth. They can use this bandwidth to launch DoS attacks on users and other IRC servers (i.e., packetting).
The most important thing to remember is to NEVER accept a DCC from someone you don't know, especially if they're trying to send .ini, .vbs, .scr, .dll, .pif, .bat, .exe, .shs, .com, or anything with a double extension, like .jpg.bat, etc. If you do not see file extensions in your windows client you may want to set it to show them before ever accepting any file thru DCC.
If you are a Windows user, visit http://windowsupdate.microsoft.com/ regularly to secure your system against known vulnerabilities and nukes. By downloading critical patches, you stop over 80% of IRC viruses from having any effect on your computer. For more information on nukes, take a look at http://www.irchelp.org/irchelp/nuke .
If you'd like to take the extra step and install a software firewall, make sure you shortlist Norton's Personal Firewall, ZoneAlarm, Tiny Personal Firewall, BlackIce Defender, McAfee Personal Firewall, etc. URLs for these products will be given at the end of this class.
Keep in mind that on the Undernet, since the release of the new +x usermode, you can hide your IP address from regular users, so they cannot launch any sort of direct DoS attack on you. They may still flood you via IRC, which lead to disconnections and possibly even channel takeovers (covered in the next sections).
Even if you install all of the patches and take all of the precautions in section A and B, you are still likely to be a victim of a flood or a DoS attack. Knowing where to report them is the next step.
The most important thing you can have is a log. Try and have the log timestamped, so we know the exact time. Also try to cut out all irrelevant lines in the log. Besides the log, it is requested that you have the attacker's nickname & username and user@host, if possible.
Takeovers happen just as much as abuse. Takeovers are when a person comes into a channel and tries to gain ops. Often the abuser will deop and kick/ban the other ops.
Takeovers can occur when multiple floodbots are set up to flood everyone in the channel, and backdoored clients can expose X passwords and they can be used to gain ops.
If your channel has been taken over, you can go to #zt or #nastrand. Calmly report the incident to the helpers there.
Many users start a channel one day, and come back the next day to see that other people are ops in it. This is certainly not considered abuse because the channel is not registered, and does not belong to any one person.
Users gaining ops by changing their user@hosts and pretending to be an op is NOT considered a takeover, but bad channel management. Many IRCops will not aid channels when this occurs.
Remember that the most important thing to prevent DoS attacks is to have all of the patches and a good firewall software installed, rather than to rely on #zt.
Bots are clients with automated responses to certain commands. These responses can be coded into the client and run on IRC to serve some sort of purpose.
There are many different kinds of bots - Bar bots, fileserving (f-serve) bots, trivia bots, even casino bots. Each bot is coded to have a specific purpose on IRC. Note - For channel management, maintenance of an oplist and banlist, and to utilize other features that bots can offer, it's best to use CService's X. For more info, join #cservice.
Warbots are bots that are programmed to take over channels by use of flooding and trying to create a netsplit. Warbots are illegal on the Undernet and will get your host/address g-lined, if not k-lined, so it's best NOT to run this type of bot.
Unlike scripts, bots are run on a separate client then you're using. For example, you would have a second copy of mIRC on your computer.
A bot works by using a script, comprised of many 'on' commands. For example, - on *:JOIN:#:whois - would tell you who a person is when they join a channel.
An alternative way for running a bot is to obtain an already programmed bot. All you need to do is download the scripts and load it into your client. These bots can be obtained from many popular web sites, and ask for help on your clients channel i.e. #mIRC.
The best way for a beginner to write a bot is to use the scripting language of their client, such as mIRC, pIRCH, ircle, or ircII. More advanced scripters usually use Perl, C, Tcl, etc. To learn how to script in your own client, ask in a scripting/bot channel, look on a bot website, or consult your clients documentation.
A good resource for bots is the Undernet Documents Committee's BotDoc. This document has an FAQ and has many resources for creating your own bot, or getting one off of the web. This document can be found at the Documents website located at http://www.user-com.undernet.org/documents .
Scripts are groups of commands that enhance or automate some features or tasks in your Irc client.
Scripts are sometimes used to run bots. In bots, scripts are the files that actually have the 'on' commands. Scripts tell the client what to do when certain cases come about.
Other times scripts are used for fun. Fun scripts include automatic greetings when a client joins a channel, different responses to different actions, or to run f-serves or other services.
For example, you can go to your Remotes in mIRC and type an - on join - line so that your client automatically sends a greeting to every other client joining the channel(s) you're on.
For more information on creating scripts or bots specifically designed for your client, refer to your client's help files, join a channel specifically for your client (eg. #mIRC), or try #eggdrop, #darkbot, #emech.
Some useful websites for bots are http://www.mircx.com, http://www.winbot.co.uk, http://www.energymech.net, http://www.arteryplanet.net/~darkbot/, http://www.eggheads.org or http://www.egghelp.org/, and the Undernet BotDoc mentioned above.
LUSERS - Options: none. Syntax: /lusers. Use this command to get network information and status.
WALLCHOPS - Options: none. Syntax: /wallchops < #channel > < message >. If you are an op and would like to send a private message ONLY to the other ops on the channel, use this command.
WHOWAS - Options: none. Syntax: /whowas < nickname >. Use this command to see if someone was on IRC recently. Useful if you're being flooded and don't know the address of the attacker.
CTCP - Options: Clientinfo, ping, time, userinfo, version and page. Syntax: /ctcp < nick > < option >. CTCP (Client To Client Protocol) is used in many different ways, to check lag, to see a persons client version, etc. To see all available ctcp commands use the clientinfo option.
USERHOST - Options: none. Syntax: /userhost < nickname >. Finds the user@host for the specified nickname.
USERIP - Options: none. Syntax: /userip < nickname >. Similar to Userhost, but this command finds the IP address for the specified nickname.
SILENCE - Syntax: /silence [+|- nickname or user@host]. This command works like ignore, except that it works at the server level, not at the client level.
USERMODES - Options: i, w, d, x. Syntax: /mode < your nickname > < + or - (option) >. Use this command to set modes on yourself. Option i makes you invisible, w makes you receive wallops, d makes you deaf to all channel conversation and x hides your real IP/host and shows instead firstname.lastname@example.org. Example: /mode < nick > +i. Note - You can use either + or - before the option to choose setting.
DNS - Options: none. Syntax: /dns < nickname > or < address >. The DNS command is used to find someone's resolved address, or unresolved DNS number. Useful for finding people with unresolved hostnames. This is a client command, so check if your client supports this command.
For all of these commands, when using them, omit the parentheses. For more advanced commands consult your client's help files Since each client is different, giving more advanced commands would be confusing.
For more help with any IRC command, try reading the IRC Command Cosmos Tutorial at http://www.irchelp.org/irchelp/misc/ccosmos.html .
IRC is a heaven for hackers and virus writers because it is unmoderated and fairly anonymous. Consequently, there have been outbreaks of Trojan's being sent to unsuspecting users quite regularly.
These Trojan's are passed around in disguise as games, enhancements to an IRC client, warez and pornography with any extensions such as .exe, .jpg.bat, .pif, .ini, .html, .shs, .com and so on.
The result of accepting a file send from anyone or visiting a spammed website could be the compromise of your computer to the writer/owner of the Trojans.
What does this compromise mean? Well it ranges from allowing access to your computer when you are online, permitting the Trojan writer/owner to get your ISP, e-mail address, passwords, any financial account information that might be on your machine.
This allows the Trojan writer/owner to use YOUR machine for Denial Of Service attacks, which for example in the United State of America is a felony.
The only way this problem can be minimized is by YOU the user, NOT accepting ANY file from anyone, for any reason, keeping your Windows updated via http://windowsupdate.microsoft.com/ and running an up-to-date antivirus software.
YOU are protecting yourself when you decline a file send from someone, should they ask why, tell them why!!!! You shouldn't be ashamed to tell someone that you don't accept file sends, and you can also set file types to ignore in your mIRC DCC options.
The best way to prevent getting infected with a virus or a trojan is to never accept files from people you do not know. Also be sure that Auto Accept is OFF for DCC, you can do this by typing /sreq ask after typing this, you should see this line: *** DCC Send requests pop up a dialog, that means that anyone who tries to send you files needs your permission to do so.
Regular use of an antivirus program is the best solution, there are just too many exploits/trojans/viruses for any one person or channel to be good at helping with all of them. Professional virus software is your best prevention. When researching for antivirus software, make sure your shortlist these products: PC-cillin, Kaspersky (formerly AVP), Norman Virus Control, Norton Antivirus, among others. Check the URLs for these products and others at t
Users may also try to say they are sending you a 'fix' for these Trojans, they may also be the Trojans itself so do not accept these either unless they are an operator in a reputable virus removal channel, such as #vh .
To download a cleaner that will check for and clean Trojans go http://www.moosoft.com/ and download the latest version of The Cleaner. Make sure you visit http://hackfix.org/software/configure/cleaner.html for proper configuration and running instructions.
It is recommended that you visit #vh or #nohack first to get the proper information.
If you do come across a user who is spamming a website, don't assume he/she is a hacker. Chances are, he/she has fallen victim of the virus and doesn't know what to do. Try to contact the operators of the channel the user is in and get them to guide him/her to one of the above mentioned virus removal channels.
mIRC versions between 6.0 and 6.11 have an exploit which could get it to "crash" if someone intends to. Download mIRC version 6.12 from http://www.mirc.co.uk/get to avoid the problem. Also type /ignore -wd * to make your mIRC safer.
The Undernet may seem very simple to the common user, but behind the scenes there are many people hard at work for the users. Many people devote their time to perform many necessary tasks for maintaining the Undernet.
The Undernet is comprised of many different committees and subcommittees. Each committee tries to work with one another to create a better network and to maintain network stability.
There are a total of five committees, and seven subcommittees.
1.- Channel Service Committee - Provides an easy method to register usernames and channels in order to have op access, maintain channel stability, to prevent takeovers, and to manage a banlist and userlist. CService has 3 groups - registrations, abuse, and help channel.
The CService home page is located at http://cservice.undernet.org. CService's main e-mail address is email@example.com.
2.- Coder Committee - Concentrates on the continued development of the IRC protocol with the goal of making the Undernet a more efficient chat network.
The Coder Committee home page is at http://coder-com.undernet.org/. Their e-mail address is firstname.lastname@example.org.
3.- Undernet User Committee - Provides Undernet Users a place to give their thoughts. This committee has seven subcommittees - #UserGuide, Webmasters, Documents, Promotions, Newsletter, UUS and Class.
The User-Com home page is located at http://www.user-com.undernet.org. The committee's main e-mail address is email@example.com.
4.- North American Routing Committee - Views current IRC Servers and evaluates new applications for servers. The goal of the committee is only to link the most qualified servers.
5.- European Routing Committee - Acts the same way as the NA Routing Committee, except for focusing only on European Servers Having separate committees insures the utmost attention is given to this task.
Both Routing Committee's home pages are at http://www.routing-com.undernet.org. Their e-mail address is firstname.lastname@example.org.
The Undernet also consists of volunteers known as IRCops. These people, picked by server administrators have the job of maintaining the network. To find an IRCop for assistance, type /who 0 o or /quote who 0 o for UNIX clients. Remember these are busy people, don't get mad if they don't respond at first.
The Undernet FTP site, ftp.undernet.org, is a great place to find out more information about the Undernet. Included in this site are history, IRC documents, servers, scripts, clients, pictures, mailing list archives, and miscellaneous utilities.
As an Undernet user, you have access to a number of documents that help you have an excellent experience online. There are two main sources of documents, Userguide on IRC, and the Documents Project.
When you are in your web browser, you can go to the Documents Project Web page. This page is very useful in finding what you need, whether it be the Undernet FAQ, or the History of the Undernet.
The Undernet Documents Project can be e-mailed also. E-Mail them if you have any ideas for documents or if you have any comments or suggestions for them. Their address is email@example.com.
Their web page is located at http://www.undernet.org/user-com/documents/. At this address, you can find various documents including beginner, advanced, technical, and historical documents.
You're strongly encouraged to visit all the Usercom pages since they contain very helpful and interesting information at your disposal. The Usercom webpage is at http://www.undernet.org/user-com.
If you don't want to go to the WWW, there is a bot online on the Undernet, called UserGuide.
<Italiano> this bot is cute ;)
UserGuide has many uses. It holds many help available for you.
To use Userguide, type /msg UserGuide UserGuide usage . This will give you a list of information available to choose from.
A reminder that because the Undernet is run strictly by volunteers working on their spare time, please read all of the appropriate documentation before asking for help from any of the committees.
#userguide - Undernet User-Com's help channel, for all general help.
#user-com - Undernet User Committee's home channel, always staffed with helpful people.
#vh - One of the Undernet's most reputable virus removal channels.
#zt - Channel-takeover and network abuse assistance channel.
#cservice - Undernet Channel Service. Help with the X bot and information on how to use them.
#help - General help available for more experienced users, along with newbies.
#opschool - A CService Class similar to this. Check the channel topic for the next class scheduled or go to http://cservice.undernet.org/main/opschool/index.html for a complete schedule.
The Undernet also provides e-mail addresses where you can get help. Here are a few which you should know.
firstname.lastname@example.org - Channel Service mailing list.
email@example.com - Opschool mailing list.
firstname.lastname@example.org - Abuse or misuse of power, e.g. IRC operators, NOT channel affairs.
email@example.com - For more experienced users along with newbie help.
firstname.lastname@example.org - User Committee mailing list.
Like explained before, if absolutely necessary, you can get an IRC Op to assist you. Also, Undernet has a homepage with useful resources at http://www.undernet.org.
Besides using Userguide and the Documents Committee, there are many other places to go for help that were mentioned earlier. Many resources are available such as IRC channels, Web sites, and e-mail addresses.
SECTION A - Floods - NudeDude's NoFlood Document - Available at Documents Project web site - http://www.undernet.org/user-com/documents .
Firewalls - BlackIce Defender: http://blackice.iss.net. ZoneAlarm: http://www.zonelabs.com. Shields Up!: http://www.grc.com
Windows Updates - http://windowsupdate.microsoft.com .
SECTION B - DoS Attacks - For Information - http://www.irchelp.org/irchelp/nuke/ .
McAfee Firewall - http://www.mcafee-at-home.com/default.asp - Norton Personal Firewall - http://www.symantec.com - Tiny Personal Firewall - http://www.tinysoftware.com.
Firewalls FAQs and HOWTOs for Linux users - http://www.linux-sec.net/Firewall/ - Iptables info - http://www.linuxsecurity.com/resource_files/firewalls/IPTables- Tutorial/iptables-tutorial.html .
SECTION D - Scripts and Bots - Eggdrop - channel #eggdrop,. URLs - http://www.eggheads.org or http://www.egghelp.org/
Darkbot - channel #darkbot -, http://www.arteryplanetnet/~darkbot/ - Emech - channel #emech - http://www.energymech.net, - Winbot - http://www.winbot.co.uk/ .
mIRC scripts and bots - channel #mircscripting - URLs - http://www.mircx.com - http://www.mircscripts.org/ .
BotDoc - http://www.undernet.org/user-com/documents/botdocshtml - the Documents Project - http://www.undernet.org//user-com/documents .
SECTION E - Advanced Commands - IRC Command Cosmos - http://www.irchelp.org/irchelp/misc/ccosmos.html .
SECTION F - Trojans - Channels - #vh, #nohack - - URLs - http://nai.com/us/security/home.asp .
The Cleaner - http://www.moosoft.com/thecleaner - Configuration of the Cleaner - http://hackfix.org/software/configure/cleaner.html .
PC-Cillin antivirus - http://www.trendmicro.com/en/home/global/personal.htm - Trend Micro Free Online Virus Scan - http://housecall.antivirus.com .
Kaspersky antivirus - http://www.kaspersky.com - - Norman Antivirus - http://www.norman.no - - Norton antivirus - http://www.symantec.com -- McAfee antivirus - http://www.mcafee.com/ .
SECTION G - Undernet Administration - CService - Channel Service Committee - CService@undernet.org - http://cservice.undernet.org - Coder-Com - Coding Committee - email@example.com - http://www.coder-com.undernet.org .
User-Com - User Committee - firstname.lastname@example.org - http://www.user-com.undernet.org - NA and EU Routing-Com - Routing Committees - email@example.com - http://www.routing-com.undernet.org.
Undernet FTP site - ftp://ftp.undernet.org .
SECTION H - Documentation - Documents Project - http://www.user-com.undernet.org/documents - Userguide - /msg Userguide Userguide usage - Misc Help Channels - #UserGuide, #help, #mIRC, #CService, #newbies - For various documents and help, check out Undernet's FTP site at ftp://ftp.undernet.org. Also for general IRC help, take a look at www.irchelp.org.
While Undernet Channel Service has many methods of educating the network public about the nuances of our services, many people seem determined to avoid the FAQs, the online classes, and often even the common sense advice rendered in our help channel.
This in turn ends up creating these work-producing, expectation-shattering ideas, several of which are simplistically explained below.
Understanding the basic misconceptions held about Undernet Channel Services will make your username and channel registration and maintenance experience much easier.
We'll start by learning how to create and register a username with X.
In order to use X at all or to register a channel, you need to have a username. Keep in mind, this is *NOT* registering a nickname. Undernet does not provide nickname registration. Just to keep this clear :o)
Now, to create a username, go to our website at: http://cservice.undernet.org/live/
At about the middle of the page, under the login box, there is a line labeled: "If you do not have an account create one now!" Click on the "Create one" link.
There are 8 steps on the next page that *MUST* be completed or you will not receive a username. They are as follows...
*Step 1 - Age Statement* - You must specify whether or not you are above the age of 13 or not. If you are below the age of 13, we cannot ask you personal questions such as your name or email address without parental consent. Thus meaning you cannot register a username, since we cannot verify you.
*Step 2 - Choose a Username* - Here is where you pick your username. Remember, it has to be unique. There are over 140,000 usernames. Someone probably thought of the one you want before you did :o)Choose it carefully cause you won't be able to change it later!
*Step 3 - Enter your email address* - This should be your email address, given to you by your internet service provider. If you are unsure what your email address is, contact your provider.
Free emails, such as hotmail, yahoo, geocities, and other non-paid emails are not accepted for registration. This is due to way to much abuse from users on these providers.
*Step 4 - Language of choice* - Here you will be able to choose the language you desire to use with X commands replies later.
*Step 5 - Secret Question/Answer* - This is for password/username retrieval. Makes sure when you make your selection and input in this field, you write down your answer somewhere safe and keep it. You will need this if you forget your password.
*Step 6 - Security Code* - This is the code who prevent multiple submitions for username registrations.Enter the code you see in the above picture into the below input box (upper/lower case doesn't matter).
*Step 7 - READ THIS INFO: Individuals are granted the use of a Channel Service username specifically to gain access to channel services. While you need not use channel services to have a username, be aware that attempts to register multiple usernames to the same person will result in a suspension of all the offending names. Don't jeopardize your access to channel services by trying to register multiple usernames on our system.
Finally, Step 8, Click on submit. After you do so, a link will be emailed to you. Make sure you have cookies enabled in your web browser, then click on the link provided in email.
This will take you to a webpage that will give you your password. PLEASE write it down somewhere safe, and do not lose it. It can be quite difficult to retreive your password if you lose it.
This is the basics of username registration. If you have any questions regarding anything specific, ask your tutor, or join #CService and ask one of our many qualified helpers.
Next we`ll have a look on channel registration system and the maintainance of channels registered with X.
Any unregistered channel can be registered by the first person to see fit to do so.
Active unregistered channels are owned by the groups that use them, and usually there a consensus about who are the founders, and therefore owners, of the channels.
Many applications for channel services are submitted by folks who either have no existing relationship with the channel, or are doing so without the knowledge or support of the channel membership.
They are termed "takeover applications". Any such applications are rejected and the applicant placed on a probation if he tries it repeatedly.
<Applicant>: All I need to get my channel registered is 10 usernames?
The requirement for registration support on the application is 10 people, not 10 usernames. Admittedly, usernames are the only way we can verify that the 10 supporters are real, and that they actually support the applicant as manager.
That is why we require 10 usernames for supporters, generally only one e-mail address is allowed per person with an ISP account.
Supporters need to be people who frequent your channel and have helped to establish it as a viable channel entity deserving of registration services.
A channel is registered only after its application has been accepted by CService, not after the application has been successfully submitted.
It takes 10 days for your application to be reviewed, verified, checked, twisted, turned; a length of time called the posting period.
Having posted an application does indicate a claim of ownership, but the claim must be validated, and this takes time.
We will now take a brief pause in order for you ask your tutor any questions.
<Applicant>: My channel is in incoming. What does incoming mean??
Incoming is the time immediately after your application is posted on the web site. All channels are in incoming for 72 hrs, or when all supporters have voted on the application.
<Applicant>: My channel is currently in Pending. Explain "Pending" please.
Pending means the application has fulfilled the initial traffic requirements. You will receive notices in your channel that an application is pending for 3 days (72 hours)
<Applicant>: My channels status shows it is waiting for review. What does that mean?
Ready for Review refers is the final step in the process and your channel will be reviewed in the next 2-3 days.
<Applicant>: I'll use this username from this guy in another channel, he'll never know I did.
Actually he will. All usernames used on the application are sent a notice when they login on the web or to X on IRC, giving them the opportunity to call your bluff.
If someone replies to a notice of support saying "I never gave my consent" or "I don't know this guy" or "get me off your mailing list", then you've blown it.
Your application will be rejected, your e-mail will be blacklisted for 3 days and you won't be able to apply for the channel until then.Make sure that the usernames that you use are people you know (and trust not to back stab you) and are active in your channel.
<Applicant>: I just opened my channel and I need X to get it off the ground.
A simple quote from our registration web page, authored by a most clooful admin, is appropriate here:
"Channel registration is not meant as a means to start a new channel.It is meant for previously established channels to have an opportunity to have some stability.If you are first starting a new channel, then just start using your channel and give it time to see if a reasonable user base develops to justify registration."
We'll know if you don't have the required traffic for registration and you'll waste 6-8 days in the posting period finding out that we know.Once your channel is rockin', then registration should be fairly easy. If it doesn't yet rock, then be patient until it does :)
Let's look at some of what you need to do to apply to register at our website: http://cservice.undernet.org/live/ . First you need to login, Enter your username and password in the box provided at the site. Then click on the link "Register a Channel" on the left.
Read the Acceptable Use Policy or AUP carefully. It will give you vital information on Channel Registration. If you agree to bide by the AUP click on "I ACCEPT THE ABOVE". If you do not agree or your channel is in violation of the AUP, Then you can not register your channel.
As a channel manager you are responsible for the channel and seeing that your channel users and ops follow all Channel Service guidelines, so PLEASE READ IT BEFORE YOU APPLY
The automated site walks you through each step of the process.. so it pays to be prepared. Realize that Cservice gets 150 applications a day.. over 1000 a week! Help yourself and us by taking the time to follow the steps.
Have the following information ready *before* you try to apply: 1) Channel info: #channel-name, description.. 2) Manager information: That your personal information 3) Supporter info: 10 Usernames
The channel name must be not currently registered or on probation due to past abuse and it must begin with alpha-numeric or ASCII (enhanced) characters only. Also, the name *must* describe the channel in some way (eg: #!!!:P is unacceptable).
The description refers to why users join.. eg: #CarTalk - autorepair. While Cservice does not censor channel content, NO channels are permitted for illegal activities, such as warez trading or child pornography (more on this later).
The manager's information is important so we may contact you if needed. Please make sure that the information on your username is correct, it will be kept confidential
The 10 supporters you enter will be notified from X next time they login. Note that they are supporters, NOT necessarily users you plan to make Ops. Once the channel is registered, the manager is the only access that is in X .. you then add those people you choose at the appropriate levels
Don't even think of trying to register *more* than one channel - if you try, you will lose BOTH, pronto! Cservice screens applications for many issues: Known abusers, Prohibited activities, Bogus supporters, Multiple registrations and much more. (Trust me, these folks are tenacious.. so, help by supporting the rules).
With that in mind, realize that when you register a channel, you agree to take care of that privilege by preventing abuse and understanding the rules. Let's move on to see how to keep your channel from being purged, now that you have worked hard to get it this far.
There are two main ways you can lose the services of X in your channel: Abandonment (or apparent absence) and Abuse. Since this can happen as often out of not knowing as out of malice, it's crucial that you have the facts. Getting X purged from your channel is.. a very bad thang ®.
A channel manager has a large responsibility that takes time and commitment. You agree to take care of what happens, *even when you are off-line*. Start by preventing a purge for your absence or for low traffic.
Your 500 level access is the key. You need to login to *that* access regularly, with no absence longer than 21 days. CService gets a list of all managers that have failed to login like that. They will look at the channel and decide whether to purge the channel or seek out a new manager. The decision is theirs and is final.
A registered channel is up for grabs if the manager is missing for 21 days.
There any number of reasons why a manager may be missing. We do require that a manager authenticate his user account at least every 21 days as a bookmark for review, usually channels are not purged and made available for reapplication so quickly.
We try to establish if the manager is indeed present but can't authenticate due to a forgotten password.If the manager is truly gone but the channel has a lot of traffic, we try to mediate and establish who the consensus new manager should be and let the registration remain.
Channels purged for missing manager usually also have no traffic anymore and are indeed open for reapplication. Remember that the channel still belongs to the community that resides there, and their consensus will be required in choosing a new manager.
<Channel Manager>: I'm changing ISPs and I'll have a new e-mail, no need to contact CService about it.
If you are going to change ISPs, use the e-mail change form available at http://cservice.undernet.org/ followed by clicking on "Web Interface". You must be able to login to your username to change the e-mail address.
Our only way of verifying who is really the manager of a channel is by their "e-mail of record", the e-mail that was used on the application for your username.
Any official contact with the manager by CService is done with this e-mail address. That is why it is paramount that CService have a current e-mail on record for every channel manager.
Any channel manager or user with a 500 level access must update a new e-mail of record with CService to maintain your channel ownership.Do this *before* you change ISPs, so we can see your form request from the current e-mail of record and know it is really you.
<Channel Manager>: I'm there everyday; how can someone say I'm a missing manager?
The usual circumstance here is ignorance of our system. There is only one 500 account and it is awarded to the manager when his application is accepted. Usually a manager will add a 499 account with a second username, so he can still login.
What the manager neglects to do is tell CService they lost their e-mail account or password for the 500 access. If you don't authenticate a 500 account, we have no way of knowing whether you are really there.
This is a simple process and can be fixed at http://cservice.undernet.org/ followed by clicking on "Web Interface". There you will see the "Forgotten Password" link.
We will now take a brief pause in order for you ask your tutor any questions.
The userlist is another key to channel activity. How often do users join and get op'd *without* logging in? The result is that those listed with access to X appear as away longer than they really are. Beware: channels with few active listed users as well as an aging 500 access may be purged.
Prevent your channel from appearing as inactive, low traffic or idle by *always* logging into X with passwords! And have your Ops do the same.
Channels also get purged for abuse by the Ops and users: Abuse of.. 1) X.. 2) Users.. 3) Other channels.. and 4) Prohibitions against illegal activities. Since the manager is ultimately responsible, be sure you know what Undernet considers abuse so that you can recognize and control trouble before it puts your channel at risk.
Undernet has a concise policy towards abuse: *zero tolerance* . The Server Admins and Irc Ops collaborate to detect and remove clones, flooders and others who harass users. In fact, one of the channels where you can find help on abuse is #zt.. meaning zero tolerance.
1) Abuse of X: While kicking or de'opping X can't usually be done, any efforts to do so waste resources and trigger an immediate response from CService. Often it is a bot or script, so insist that *all* such bots disable net hack protection so they don't interfere with X.
2) Abuse of Users: Many of you have probably experienced floods or denial of service attacks. We will cover ways to protect yourself in another session. Any channels harboring or condoning such attacks are at immediate risk and, once purged, may lose the privilege of any re-registration.
Mass messages or mass inviting is also abuse. Aside from being annoying and rude, they are a terrible waste of bandwidth and a drain on resources. Alert your users and report any such incidents to #cservice.
<Channel Manager>: One of my high-level ops was spamming invites to our channel, but I wasn't online so it's not my fault.
But you will get blamed. You are responsible for anything that is done by ops in your channel.
It's important that you realize that the ops you chose will reflect directly on you and your channel and must behave on the net according to the established do's and don't's.
A user spamming invites, flooding users or channels, taking over channels, while authed in a registered channel makes that channel, and you, responsible.
3) Abuse of Other Channels: Attacks or takeover attempts on other channels, whether registered or not, are grounds to purge X. Note: "they started it" is *not* an acceptable reason to retaliate. Report any incidents, instead of engaging in abuse yourself.
4) Prohibited Activities: Illegal acts include trading warez or pirated software, software used to damage other systems, stolen services or accounts and involvement with child pornography. Not only will these result in a purge of X but also in appropriate criminal charges. Undernet cooperates with responsible authorities to eliminate these forms of abuse.
While most channels don't harbor abuse knowingly, it's important that you recognize all we have mentioned. Report incidents by sending a timestamped log with relevant /whois details to -> firstname.lastname@example.org.
You also prevent abuse by giving Ops access carefully.. appointing only users you know and trust, and by making sure they know what your channel permits. They represent your channel, especially when you are not on-line.
This registration provides a channel manager with a flexible tool for managing the channel and handling channel affairs.
X is a specialized server often referred to as a bot which actually hold the channel open and allow for control.
A special note, when giving the commands, I will use < > for required elements and [ ] for optional elements.
Now for a few definitions:
The Manager - The user who applies for and owns the channel.
Channel Operators - Users given the privilege of being an operator by the manager. The manager grants them access to the bot.
Userlist - The database in X that holds the information about the channel users added to the bot.
CService Operator - An IRC user experienced in the X commands and is an authorized member of the CService Team
CService Helper - An experienced CService Operator who has been asked to assist CService in providing user support.
CService Administrator - A very experienced CService Helper who manages CService responsibilities.
Please keep in mind that all CService personnel volunteer their time, effort, and resources to make CService as best as it possibly can be.
As the channel manager YOU are ultimately responsible for what goes on in your channel whether you are there or not .
Your primary duty is to ensure all the users on your channel understand and are willing to comply with the CService guidelines.
You are also responsible for maintaining the userlist for your channel. This includes making sure your ops login to their access when in the channel and ensuring that the userlist is up-to-date and active.
Finally you must login to your 500 access at least once every 21 days.
Changes to managers emails or forgotten password should be handled via the website or via one of our CService mailinglists:
* X@undernet.org for EMail Changes if the username owner can't access email address on record anymore or for username unsuspensions if the username was suspended previously by a CService Administrator for being hacked.
* Object@undernet.org for others issues that cannot be handled via X@undernet.org.
These apply to X and to any users that are added to the database in the bots.
The levels for channel personnel range from 0 - 500
Level 0 -- These commands do not affect the operation of the channel, and are mainly used for information. The commands are: access, banlist, chaninfo, help, lbanlist, login, motd, pass, showcommands, showignore, and verify.
/msg X access #channel <search string> to find a users access level on the channel. This tells you their username, access level, whether autoop is set, and if they are suspended. To see who last modified a user's entry, type /msg X access #channel username -modif
A note here, the search string can be anything from a nick to a user@host to a wildcard (*). It is just that, telling X what to look for.
/msg X lbanlist #channel <search string> shows the list of bans set through X.
In order to do the banlist or lbanlist commands, you MUST be in the channel.
If there are more than 15 users in the Lbanlist, you will get a message from X telling you there are too many entries to display. You will need to fire up your web browser and visit the CService website at http://cservice.undernet.org to see the full list.
Remember, the two ban lists are separate. The channel ban list holds 30 bans. They are set by /mode #channel +b *!*userid@host. The Lbanlist (bot list) holds up to 50 entries.
The channel list is smaller and is lost if the channel closes (like on a netsplit). Channel bans don't lag when the bot is lagged. The Lbanlist is larger and isn't lost if the channel closes. Bans there can be up to 336 hours (2 weeks). For important bans, put them in both lists.
/msg X chaninfo #channel-name gives information such as the channel manager's username as well as the Channel Description and URL.
/msg X showcommands #channel-name will show you which commands you have available to you on that channel. These depend on the level you have in X for that channel only.
/msg X help command will explain the usage of that command. Use this to see command syntax and a wealth of helpful reminders.
/msg X motd displays X's message of the day.
/msg X showignore shows a list of users X is ignoring *note* if you are on the ignore list, you will not be able to see this information. If you feel that you are, ask someone to check for you.
To authenticate yourself with X , use /msg X@channels.undernet.org LOGIN <username> <password>
To change your password for that channel use you can no longer use X. For better security it can only be changed on the website now.
You will need to go to http://cservice.undernet.org/live/ and login with your current username and password. Then select the "New Password" link on the left and follow the instructions.
Lang sets the default language for the individual user. Available languages codes: dk - Danish, en - English, es - Spanish, fr - French, hu - Hungarian, it - Italian, no - Norwegian, ro - Romanian, tr - Turkish Lang is a level 1 command and can be set by any user at any userlevel with /msg X set lang <lang_code>
The verify command is used to determine if a user is an authenticated IRC Operator, CService Official, or CService Administrator. Typing /msg X verify <nick> will let you know if the person claiming to be a CService representative is authentic. If a user is not an authenticated CService Representative and pretends it is from CService, then be sure to stop by #cservice and ask about them.
Verify also shows the username of the person .
/msg x status #channel gives the user information about the channel, such as the number of users, Floating limit settings, Default flags, and the people authenticated in the channel. This command is a Level 1 command.
/msg X banlist #channel <search string> shows you the channel banlist. This is also a level 1 command.
The newest of the commands is at level 25. They are voice and devoice.
/msg x voice #channel <nick1> <nick2> <nick3> and so on... This makes X Give +v (or voice) to the nicknames specified. Just typing /msg x voice #channel will have X voice you.
/msg x devoice #channel <nick1> <nick2> <nick3> and so on... This has X DEvoice you, or -v on said channel. As above, just typing the command without a nickname, will have X devoice you.
The additional commands at level 50 are kick and topic. These allow a user to kick someone or change the channel topic even if they are not a channel operator.
/msg X kick #channel-name <nick> [reason] will kick someone off, and they will see the reason you supply. Note: Your username will appear in the reason; there is *not* an anonymous way to kick users.
/msg X topic #channel-name <topic> will change the channel topic. If AutoTopic is turned on by a 450+ op, this can be overridden every 30 minutes by X and the topic restored. Note, with topic, your username will proceed the topic you set.
The next command level is 75, which gives access to the ban and unban commands.
The usage is /msg X ban #channel-name <nick> (or email@example.com) [duration] [level] [reason] Note: ban duration is in hours. Duration, level, and reason are not required for a ban, it just gives you more control over what happens. If duration and level are not designated, the default is 72 hours at level 75. Note #2: There, again, is not an anonymous way to ban someone, your username will appear in the reason.
Remember, bans set by /msg X ban... are set in the Lbanlist. You must /msg X Lbanlist #channel * to see them, NOT /msg X #channel-name banlist. "banlist" is for viewing channel bans (which can be viewed by typing /mode #channel +b) , "Lbanlist" is for the bot list.
Ban levels are important. For example, a level 20 ban will not keep the user off of the channel, but will prevent them from being opped. A level 75 or higher ban will keep them out entirely.
To unban /msg X unban #channel-name <nick> (or firstname.lastname@example.org). You cannot remove or set a ban that's higher than your own access level.
The next level is 100, this confers full access to all op commands on the user. In other words, this level is just like being an op in an unregistered channel but allows the user to execute the commands through X without having ops.
Commands at level 100 are op deop invite suspend and unsuspend.
This is the first level at which your access will allow you to op yourself through X. Lower levels of access have to be opped by a channel op, they cannot op themselves. Also, no user level lower than 100 can get ops if the channel is SET to StrictOp mode ON.
To op someone Use /msg X op #channel-name <nick> Note: The person being opped will see who is opping them. This is *not* an anonymous way to op.
To deop someone type /msg X deop #channel-name <nick> Note: Again, the individual being deopped will see who is deopping them.
To have X invite yourself to a channel. type /msg X invite #channel-name You can use this from outside the channel to invite yourself to the channel. Just authenticate with X and then send the invite command
/msg X invite #channel-name
/msg X suspend #channel <username> <duration [s|m|h|d]> <level>. This temporarily stops a user's access to X. Note: s=seconds, m=minutes, h=hours, and d=days.If you don't set the level in suspend commands then X will set the suspend at the higher level you have in channel.
An example to suspend username Joe for 3 days would be... /msg X suspend #here joe 3 d 500<-- note there is a space between the duration and the time format .
Please remember two things about the suspend command. First, you cannot mix time formats. Use only *one* of the time formats ... s, m, h, or d. Second, you must use the username as it appears in the userlist.
To unsuspend type /msg X unsuspend #channel-name <username> Note: You cannot suspend or unsuspend anyone with higher access than yourself. If a user with higher access suspends a user, someone with higher access has to unsuspend.
Anyone you give ops to, whether or not they have access to X, can kick and ban users from the channel. In practice, it's probably best not to op anyone who has less than 100 access.
There are only a few changes in the section of level 200, the Senior channel operator. They are as follows:
You can now mass kick users matching a given nick!user@host pattern.
If a channel key has been set you can also view it from outside the channel by typing /msg x status #channel, 200+ ops will receive the channel key as part of the channel status info, it is listed near the top of that status beside the modes.
Once you have the key, you can simply /join #channel-name Key-Word-Here (it is case sensitive).
If your channel is +i as well, you will need to do the invite command before joining the channel.
These users are able to modify the userlist by adding or removing users, and changing their information. The new commands added at level 400 are adduser, remuser, modinfo, clearmode, and status.
To add a user to the userlist, use /msg X@channels.undernet.org adduser #channel <username> <access level>
To remove a user it's /msg X remuser #channel <username>. You can't remove or add users with equal or higher access than your own. HOWEVER you can remove yourself from a channel at any level, EXCEPT level 500.
All of these commands can be sent from outside the channel. Should you need to clear the modes to get in, you send your authentication to X, and then issue your command. It will work just like you were issuing the command yourself from inside the channel.
/msg X clearmode #channel, will clear all channel modes from that channel and will have to have the modes reset by an op afterwards.
This command can be useful if someone sets a key on your channel (+k) or sets the channel to invite (+i) while you are away and you can't get in. NOTE: The clearmode command should be done as a last resort.
Modinfo is used to change information about a user in the userlist. These include automode and access.
For all of these commands be sure you use the username that is in X. If you are unsure, you can do an access check on the user.
To set automode, /msg X modinfo #channel automode <username> <OP/VOICE/NONE> - Automode is a convenient feature that allows you to be opped or voiced by the bot when you enter the channel, once you send your password.
To change a user's access level in a channel type /msg x modinfo #channel access <username> <new level>
/msg x SET <#channel> <variable> <value> - Set variables are userflag, autotopic, url, massdeoppro, description, and keywords.
The first of the set commands is userflag . Which is similar to the old one, except now you can specify voice instead of op, or none at all. Value 2 is for Voice, value 1 is for OP, and value 0 turns them off (Neither Op, nor voice).
* With AutoTopic set to ON -- X will reset the channel topic to the official URL and Description every 30 minutes *if* the channel is active.
* Set URL <URL> will store the URL associated with that channel, and it will be displayed when a user does a chaninfo on that channel.
* Set Description <topic> stores the default channel topic, think of this topic as the 'theme' of your channel, and like URL, it too will be displayed using chaninfo.
* Set Keywords <keywords> This sets keywords for your channel that will trigger on a SEARCH (level 0) of channels. If no keywords are specified, the current keywords are reset. The maximum string of keywords is 80 characters long.
The newest group of set commands if for Floating Limit. These setting will allow X to reset the channel limit within a preset margin above the number of users in the channel, and within a preset period of time.
/msg x SET <#channel> <variable> <value> - Set variables are floatlim, floatgrace, floatmargin, floatmax, and floatperiod.
FLOATLIM - Sets the floating-limit feature on or off. By default, this feature is off. When turned on, the STATUS command will show the settings on the "Flags set:"
FLOATGRACE - Sets the floating-limit grace value to be used in the channel. This number can be between 0-19. This makes X avoid changing the limit if it will be smaller than the grace value. The default value is 1.
FLOATMARGIN - Sets the floating-limit margin to be used in the channel. This number can be between 2-20. The limit that X resets will be: number of users in the channel + FLOATMARGIN. The default value is 3.
FLOATMAX - Sets the maximum limit for the floating-limit setting. This can be any number desired, and will prevent X from changing the channel limit to a number higher than the chosen number. The default value is 0, which turns the setting off.
FLOATPERIOD - Sets the floating-limit period, in seconds, to be used before X resets the channel limit. This number must be between 20-200. The default value is 20 seconds.
To make X join, type /msg X set #channel autojoin ON - This insures that X will always rejoin your channel after a netsplit.
To make X leave, type /msg X set #channel autojoin OFF - This is to make X part and stay off your channel. (Not really recommended).
You can also make X join/part temporarily, and not effect the channel settings, you can type:
/msg x join #channel - Does exactly what it says, joins the channel.
/msg x part #channel - Parts the channel.
NOTE: WIth both part and join, it will show who parted/joined the bot. *** Parts: X [email@example.com] (At the request of TheBeast) for example.
Next command is SET. With this command, you can chose how your channel will function and the likes. It also allows you to customize your level of protection for the channel. To set any of these parameters Use /msg X set #channel <parameter> <on/off>
* NoOp set to ON means nobody may be a channel operator except X. This doesn't mean you don't have control of X or the channel. If you have access to X and authenticate with it, you can issue commands like kick, ban, etc. through the bot. You just can't be opped yourself.
* MassDeopPro is the maximum number of deops by a single user in a 15 second period. This is to prevent channel takeovers by one user deopping everybody else. For example, with massdeoppro set to 5, I can only deop 5 people in 15 seconds.
* StrictOp is a parameter that allows only those users with 100 level or higher access to X to be opped.
What is a flood? Flooding comes in several varieties, including:
CHANNEL TEXT FLOODS -- (multi lines of text sent to the channel chat window) -- are usually considered floods if over about 5 lines
NICK FLOODS -- changing nicks over and over rapidly causing the channel window to be flooded with nick change notices
DCC FLOODS -- attempts to send rapid and massive amounts of dcc chat requests and/or files to you
And finally CTCP FLOODS -- where a user rapidly sends ctcp info requests to you. These are usually in the form of /ping ,/version , /time , etc.
Most client programs are setup to automatically respond to such requests by sending back the requested info. Therefore, your own system rapidly overloads itself and causes you todisconnect. This is why the CTCP flood is the most troublesome.
The other floods are annoying, but do not usually cause disconnects (with their associated loss of presence -- and therefore ops -- on your channel)
One other type of flood is an ICMP flood... This type sends massive data packets directly to your dialer connection andties up your connection port. Your IRC client program therefore doesn'tfind time to respond to server pings and eventually times out anddisconnects.
You can recognize an ICMP flood because your program will act like its locked up (no text coming in) and your modemlights will be very busy. Also, if you run a packet tracing program it cansound an alarm.
Note: For help on protecting against and tracing recent versions of the "blue screen" attacks (muerte, winnuke), join#icmp. Some of these programs send OOB (out of band) packets to freezeWin95 or NT. Also see the Microsoft homepage for approved patches.
We'll cover what to do to defend against floods in a moment.
Fortunately, every user has the tools alreadya vailable to combat flooders in a responsible way.
NEVER retaliate against a flooder by flooding back. All flooding is wrong and abuses Undernet resources.
Here are some advice to stop flooders...
1. Set up an alias key to *** /silence *!*@* . When a flooder starts, just hit that alias key. It will stop all CTCP andPRIVMSG from reaching you (use /silence -*!*@* to turn off). See thedocumentation for your particular IRC client to learn how to set an alias[L33]
Then you can also /ignore *!*userid@host on the offender to silence any channel flooding to you or DCC and /msg. Get theiruserid@host from a /whois.
As for ICMP floods, the only defense is to log in connected to a firewall ( run by your Provider - ask them for details) ,or through a shell account or telnet connection.
These simple techniques are all any user needs to defend against most flooders. You should also set your DCC file get to "auto refuse" when you see a flood attack start.
Hopefully you won't be subject to any flood attacks, but these tools should help protect you.
In a moment, we'll go over how to log a flooder and report them to their Provider to request their account be suspended orremoved..
CTCP and ICMP flooding are "denials of service" and are forbidden under internet rules (and are also felonies under U.S. law).
It's a good idea to log your status window at all times (this is where a ctcp flood will show up). In mIRC, just type /logon in the status window. It will be saved to a file called status.log in your mIRC directory.
When you detect a CTCP flood, you should get the/whois info on the flooder. That will include their firstname.lastname@example.org (if the user changes nicks, use /whowas within a minute to retrieve theinfo).
Even when a user is logged in with a fake userid,this information can be used by their Provider to trace them and identify the real user. You will need the exact time, date and time zone of theincident also.
You can setup a simple script to help get that info. For help with setting up scripts please join #help or#userguide.
Email webmaster@domain or you may try to look up the abuse email Address at http://www.abuse.net/lookup.phtml and emailwith a short log of the flood, and the email@example.com and time/dateinformation. Be sure to send the email right away, many Providers delete their own port utilization logs every 24 hours or less.
In your e-mail, tell them that an abusive user from their site flooded you in an attempt at denial of service as indicated inthe log you are including. Do not *attach* the log - copy and paste it*directly* into the body of your email.
Tracing ICMP is a bit more involved. In windows3.1, just enable IP tracing in winsock. The last few IPs shown in thetrace from just before you got disconnected will show large packet sizesand the IP of the ICMP flooder. The problem with this, is most ICMP floods are spoofed and ISP will not act one them.
When you get back online, try a /dns <IP> to get the domain name of the user that flooded you. (this command only works inmIRC, ask someone to do it for you if you don't have mIRC). You can alsotry emailing to webmaster@<IP> (example firstname.lastname@example.org) -- just change the last set of numbers to a 10 in for the email address.
Another way to find the domain name of the IP numbers is to use a utility program like wsPing ... you enter the IP andselect lookup or trace. It will try to find the domain name and report itto you.
Just like with the CTCP flood information needed,you will want to note the exact time and date and timezone when reportingthe ICMP flood to the Provider.
A quick sidenote... While current versions of the most popular irc clients like Mirc, Pirch, and Virc support textenhancements like color, bold, underline, and reverse video, not all ircclients do.
In addition, abusive use of these features(intentional or unintentional) can disrupt normal channel conversation,flood yourself and/or other users, and is a waste of bandwidth.
For these reasons we'd like to ask you to use thesef eatures sparingly.
2. There is another recently possiblity to avoid flood atacks over your client or ip you use.Users can now /mode +x forhost hiding. This will email@example.com . ie: Nick firstname.lastname@example.org.You will need to be login with you registered username to X and than type /mode nickname +x .
They can range from merely bothersome to outright trouble. So lets take a minute to review them briefly.
Netsplits are caused when a hub gets overloaded and the routing buffers fail to handle the flow. Translation: Bad things happen, and a server disconnects from the network.
The most common symptoms that will show up are; 1) A sudden rash of quits by a group of users ; 2) a /luser showing less the full 32 servers means that some are split. However, some serversare only connected for parts of the day, for various reasons.
There is nothing you can do to prevent or cause a netsplit. If the split last more then a few minutes, you might want to change to another server and try to get onto the other side of thenetsplit that way.
If X is gone from your channel due to a netsplit. You will need to wait patiently for it to return
Occassionaly, during a netsplit, servers will become desynched..
You can recognize a desynch by some or all of the following..
-- some people say they can see the topic on the channel and some can't (though there are other reasons this mayhappen).
-- users without ops are able to op/deop/etc others(those "invisible" ops are on a desynched server)
A Desynch is like a partial netsplit. The servers send incomplete (or un-time-sychronized) info to each other and get confused as to the status of user and channel modes.
There isn't much you can do about a desynch except "ride it out" ... or you can log into the server that the desynched ops are on and get the upper hand that way.
You can also resynch your channel by having everyone (including X) leave the channel so that it closes.. then rejoin the channel.
Remember, commands you send thru X to op/deop, ban,etc are then sent to *all* the servers by X... therefore, that is a way to effectively override a user that is riding a netsplit and giving you problems in your channel. However, you may be lagged to X, or they may be lagged to the person trying to cause trouble.
The Undernet Coders have been working hard and steady on server release 2.10.11.02 .This brings new features for users.
One of those is the hide host option which was explained few minutes ago.But there are few more options :o)
* Users can now set +r on any channel they have ops in. If a channel is +r then only users who are logged into X (have ausername) can join the channel, this can help a lot with flood nets. Thisis not restricted to registered channels, this feature is for all channels.
* Users can now be invited into any channel by an chanop they wouldn't normally be able to join because they are banned, the channel is keyed, invite only or registered users only.
* Users can now see who users are (the user's username) when they /whois another user.
* Your server will remember who you are logged in as, and will automatically log you in to X again after net splits so you don't have to log in again.