Security - Eggdrop - How

mia_richard · Post by **mia_richard** » Fri Sep 26, 2003 5:39 am

hello
Which are the things, what are to do , do have a secure eggdrop

- running as NON root user
- telnet disable ?!?
- partyline only to trusted persons

any other thinks what are to do (for identd mabye too)?

ppslim · Post by **ppslim** » Fri Sep 26, 2003 7:33 am

For 1, eggdrop will not run as root. If you don't know why you shouldn't run the bot as root, then you should torch your hard disk now. It may save you some hastle.

Second, you should allways only provide access to trusted users. It seems silly not to.

Ohter things you can do.

1: Make sure require-p is set
2: Only set yourself as perm owner, unless you specificly trust another person
3: Disable addhost, ident, simul, set, tcl
4: Look for the word paranoid in the config file, you should find some settings for you
5: Use a seperate owner account that is non-perm owner for yourself.
6: Use the most obscure password you can think of for the perm owner account like "D:4w@!54d&%". That would take some brute force work.

mia_richard · Post by **mia_richard** » Fri Sep 26, 2003 8:12 am

mia_richard · Post by **mia_richard** » Fri Sep 26, 2003 8:19 am

unbind dcc n tcl *dcc:tcl
unbind dcc n set *dcc:set
unbind msg - ident *msg:ident
unbind msg - addhost *msg:addhost
unbind msg - simul *msg:addhost
set paranoid-telnet-flood 1
set private-user 1

correct so ( a part) ...