Hi, i have 3 bots linked and i am using netbots 4.09 almost 2,3 years, no problems at all, but today some idiot had tried to flood the channel with a lot of (100+) join-part floods with different ip's and then in a mean time he tried "msg flood" to the bots with multiple flood bots(over 100+ with diff ip's) and then all 3 of the bots were quit with this message -> Max sendQ exceeded
sentinel is enable in 3 of the bots.
when he tried "msg floods" sentinel was adding to the ignores like
sentinel: added *!*@222.110.55.166 to ignore list (MSG flooder)
i'll appreciate for your advise? what can be done to prevent this because now they will try to kill the bots again and again.
advance thanks
This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
All data has been migrated (including user logins/passwords) to a new phpBB version.
For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.
sentinel or bot
Re: sentinel or bot
Excellent. Lots of real-world floods to test things against are a gift to those who want to implement protection. If you're serious about having this looked into, send me an e-mail and let me know your network/nickname/channel. I'm currently doing a minor update to sentinel to add the custom lock modes, but I may as well tack on a few other things where possible.mm wrote:now they will try to kill the bots again and again.
Thanks Slenoxx. That will be great, if we can add "silence"..
I need your kind expert advise on my settings please, i have 3 bots, one hub and 2 leafs. Sentinel is ON in three of them, with the following MSG/CTCP flood settings for bot, after that huge(100+ different ip's) msg/ctcp floods on the bots.
sentinel settings:
Bot CTCP flood: 3 in 20 secs
Bot MSG flood: 2 in 20 secs
while bot's config settings is the following
set flood-msg 2:10
set flood-ctcp 2:10
should i disable sentinel on one of my leaf? is this setting is fine? so if they attack on the bots with 120 diff ips, they won't d/c?
thanks again
I need your kind expert advise on my settings please, i have 3 bots, one hub and 2 leafs. Sentinel is ON in three of them, with the following MSG/CTCP flood settings for bot, after that huge(100+ different ip's) msg/ctcp floods on the bots.
sentinel settings:
Bot CTCP flood: 3 in 20 secs
Bot MSG flood: 2 in 20 secs
while bot's config settings is the following
set flood-msg 2:10
set flood-ctcp 2:10
should i disable sentinel on one of my leaf? is this setting is fine? so if they attack on the bots with 120 diff ips, they won't d/c?
thanks again
MM
this sem pretty clear, noslennox wrote:For greater protection against large channel floods, I recommend you also use the chanlimit.tcl component.
- There is a trade-off between convenience and security. The more automation you enable, the more stress the bot will be under during a flood and the more stuff it will be sending to the server.
- Where security is paramount, have one or two bots that aren't running sentinel.tcl. Since sentinel.tcl is a complex script with many automated and convenience features, there is a potential for vulnerabilities.
