mother fucking spybots

General talk about EFnet

Moderators: Website/Forum Admins, EFnet/General Moderators

prefect
Posts: 76
Joined: Mon Jul 14, 2003 6:25 pm
Location: Oslo

Postby prefect » Sat Aug 07, 2004 12:50 pm

stop whining already and cope. mental ignore should be efficient enough to handle these things. geez
User avatar
Mobber
Posts: 2
Joined: Thu Sep 02, 2004 5:50 am
Location: Oakland California

Postby Mobber » Thu Sep 02, 2004 5:54 am

^ prefect did you used to roll on Relic net?

and the bots suck....

allthough whoising them can lead to interesting channels!
prefect
Posts: 76
Joined: Mon Jul 14, 2003 6:25 pm
Location: Oslo

Postby prefect » Thu Sep 02, 2004 1:08 pm

Mobber wrote:^ prefect did you used to roll on Relic net?
nope. efnet 4 life
ticztac
Posts: 2
Joined: Fri Sep 03, 2004 1:09 pm

DIE EURO SPYBOTS

Postby ticztac » Fri Sep 03, 2004 1:17 pm

i couldnt help but register to post. what is the FUCKING deal with these new irc spybots is there a fucking point to this??? its happends every hr at least 3 times.
ticztac
Posts: 2
Joined: Fri Sep 03, 2004 1:09 pm

Postby ticztac » Fri Sep 03, 2004 1:22 pm

Someone didn't read the posting rules.
User avatar
munky
Site Admin
Posts: 826
Joined: Wed Jul 02, 2003 4:54 pm
Location: Phoenix AZ
Contact:

Postby munky » Tue Sep 07, 2004 8:00 pm

they are not spybots. they are bots that catch trojan infected clients and auto-msg spambots. they do not log anything or anyone that is in the channels they join, they only pay attention to messages sent directly to them.
In God we trust,
Everyone else must have an X.509 certificate.
evil
Posts: 59
Joined: Mon Sep 15, 2003 6:18 pm

Postby evil » Sun Oct 10, 2004 1:56 pm

Yeah sure.
User avatar
Pills
Forum Admin
Posts: 312
Joined: Wed Jul 02, 2003 1:14 pm
Location: Long Island, NY
Contact:

Postby Pills » Mon Oct 11, 2004 7:21 pm

evil wrote:Yeah sure.
OK, you caught us. The FBI, Interpol and other agencies have paid us a lot of money to spy on our users. Shh!! Don't tell anyone!

Of course, there are always servers in... debug mode!!! Oh, NO!!!
admin, irc.umich.edu
oper, irc.servercentral.net
User avatar
Govvy
Posts: 22
Joined: Mon Jul 14, 2003 1:52 pm
Location: UK
Contact:

Postby Govvy » Wed Oct 13, 2004 9:40 am

can't you just resolve a few ip's and see if they belong to a shell provider? Then give the shell provider the logs??
@IRChelp - Stay and help, I will!
User avatar
munky
Site Admin
Posts: 826
Joined: Wed Jul 02, 2003 4:54 pm
Location: Phoenix AZ
Contact:

Postby munky » Wed Oct 13, 2004 12:51 pm

give shell providers logs of what?
most spambots are hacked trojans or open proxies, with very little way of tracking them down to the original source.
In God we trust,
Everyone else must have an X.509 certificate.
User avatar
Govvy
Posts: 22
Joined: Mon Jul 14, 2003 1:52 pm
Location: UK
Contact:

Postby Govvy » Wed Oct 13, 2004 12:53 pm

I am no expert! I was just giving a thought! If it works or not, isn't it worth a try?
@IRChelp - Stay and help, I will!
User avatar
munky
Site Admin
Posts: 826
Joined: Wed Jul 02, 2003 4:54 pm
Location: Phoenix AZ
Contact:

Postby munky » Wed Oct 13, 2004 12:57 pm

i think you're missing the point
what shell provider am i supposed to give logs to? should i email abuse@randomshellprovider.net and tell them there are hacked bots on comcast.net sending kidney stones spam messages to #warez-n-things?
if i were to send any abuse reports, they would go to comcast.net, not any shell providers. and with the volume of spambots we get on this network, it would be a fulltime job reporting them all by hand.
In God we trust,
Everyone else must have an X.509 certificate.
baulditty
Posts: 1
Joined: Thu Oct 21, 2004 9:33 am

Postby baulditty » Thu Oct 21, 2004 9:54 am

Glad munky explained what this was. I was just gonna make a bot that would auto ban anyone using efnet.xs4all.nl since the joinpart bots with server added spoofhosts seem rampant on that server. Also its good to know somethings being done about all the f*cking msg spam. Hopefully soon I wont have to rely on umode +g when im away and legitimate msgs can get through again.


Cheers
The only thing to think about is not thinking at all.
evil
Posts: 59
Joined: Mon Sep 15, 2003 6:18 pm

Postby evil » Mon Nov 01, 2004 4:33 am

They aren't hacked clients, they are spoofed hosts by the admin of xs4all, none of them resolve, and I'm about to write a script banning anybody on that server just so I won't have to fill up the ban list on my bots. After all, there was a suggestion of "why don't you just ban them". So be it. It's nonsense.
User avatar
munky
Site Admin
Posts: 826
Joined: Wed Jul 02, 2003 4:54 pm
Location: Phoenix AZ
Contact:

Postby munky » Mon Nov 01, 2004 5:06 pm

this is why you read before you reply.
i didn't say the spamtrap bots (the clients *detecting* the spam) were hacked clients. i said the spambots (the clients that *send* the spam) are usually hacked clients and not clients sitting on shell servers.
the spamtrap bots do not all run on xs4all, there are many servers that contribute to this effort.
if you want to ban them, it's entirely up to you. and last i checked, most bots (eggdrop, emech, etc) didn't "fill up" when adding a handfull of hostmasks to ban. i believe most servers support 100 channel modes, so i don't think you can really fill up your channel ban list with a handful of bans, either.
In God we trust,
Everyone else must have an X.509 certificate.

Who is online

Users browsing this forum: No registered users and 7 guests