Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

broader kill line with custom timeout #37

Merged
merged 1 commit into from
Jul 27, 2018

Conversation

anarcat
Copy link
Contributor

@anarcat anarcat commented Jul 27, 2018

The os_klinechan.c module is quite handy to deal with bad users, but
it is a little specific in the way it works. It bans the full
user@host hostmask and does so for a single day. For prolonged
botnet attacks, this is not very practical.

This patch broadens the banned hostmask to cover all users on the
attacker's IP address, so that rotating the username is not sufficient
to bypass the ban. This means more possible collateral damage, but I
think it's a good tradeoff considering we use this module to deal with
botnet attacks, for which we ban whole networks anyways.

Also, the timeout was hardcoded to one day. That seems awfully short
when dealing with prolonged attacks. Instead of hardcoding another
value, let's reuse the value from SET KLINETIME so that opers can
actually customize that setting.

The `os_klinechan.c` module is quite handy to deal with bad users, but
it is a little specific in the way it works. It bans the full
user@host hostmask and does so for a single day. For prolonged
botnet attacks, this is not very practical.

This patch broadens the banned hostmask to cover *all* users on the
attacker's IP address, so that rotating the username is not sufficient
to bypass the ban. This means more possible collateral damage, but I
think it's a good tradeoff considering we use this module to deal with
botnet attacks, for which we ban whole networks anyways.

Also, the timeout was hardcoded to one day. That seems awfully short
when dealing with prolonged attacks. Instead of hardcoding another
value, let's reuse the value from `SET KLINETIME` so that opers can
actually customize that setting.
@aaronmdjones
Copy link
Member

I will tidy this up at some point in the near future but this is good enough for now.

@aaronmdjones aaronmdjones merged commit 561ba05 into atheme:master Jul 27, 2018
@anarcat anarcat deleted the broad-timeout branch July 30, 2018 14:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

2 participants