ive looked for all the proxyscanner tcls on the net
they seem not to work.
i need one that checks the users on channel join and verify if they are proxies and if they are since the chan is +Dm not to voice them.
i already have a Dnbsl but it doesnt CATCH all of them..
dnsbl does work, try adding more blacklist sites to it. Many of the older dnsbl sites are defunct, so try google searching for active ones, these are still active afaik:
spamhaus.org
njabl.org
sorbs.net
Might also need dialup blacklists and so on. Google is your friend.
How would you ever detect them, outside of having a list of known proxies? It's not like you can /whois someone and see something that identifies them as a proxy.
This should be a faq, because it's been discussed to death here.
Proxy scanners are unreliable as most "abusive" proxies use ports not normally used for proxies.
Scanning all 65536 ports on an IP for open relaying proxies that work for IRC takes a bit of time.
As for rosc's comments, proxy scanners work by actually attempting to connect to a suspected proxy host, as implied by DragnLord.
As for Dragn's comments about most abusive proxies being on random ports, I would have to disagree with "most" being on "random" ports, as "most" open proxies are open AND abused for that very reason of NOT being on random ports. IRC servers on many networks scan incoming connections for open proxies by connecting to select ports known for accepting connections for proxying.
That being said, once a proxied user has connected successfully to a server, and has entered a channel, the time it would take for a script to check for an open proxy on a host, would probably take longer than it would take for such a user to do their ill will, if ill will is indeed their intent.
If your going to go with the "scan ports" method it makes more sense to use a program designed to do that, instead of using eggdrop for that task. Scanning for proxies should be done by the network, not channel operators.
Bopm works well and fast with correct configuration, can be used as a chanop instead of as an ircop to ban from the channel and write to a blacklist.
My point is, use a program designed to do what you want in the most efficient way possible.
DragnLord wrote:If your going to go with the "scan ports" method it makes more sense to use a program designed to do that, instead of using eggdrop for that task. Scanning for proxies should be done by the network, not channel operators.
Bopm works well and fast with correct configuration, can be used as a chanop instead of as an ircop to ban from the channel and write to a blacklist.
My point is, use a program designed to do what you want in the most efficient way possible.
Assuming the user is running their own network, which is doubtful, since most IRCD's have proxy scanning add-ons.
If you still wish to do the proxy-scanning method, I think Ofloo created a non-blocking proxy scanning script. (Not really so much a proxy scanner as it is an open port scanner). A simple search in the script archive for "proxy" should yield a list of results which include his script.
strikelight wrote:Assuming the user is running their own network, which is doubtful, since most IRCD's have proxy scanning add-ons.
If you still wish to do the proxy-scanning method, I think Ofloo created a non-blocking proxy scanning script. (Not really so much a proxy scanner as it is an open port scanner). A simple search in the script archive for "proxy" should yield a list of results which include his script.
I have run bopm as a non ircop, configured to use "mode +b" instead of kline or gline, it can work that way. I have used a port scanning eggdrop along with bopm as a chanop to compare, bopm was faster and used far less system resources.
By all means, use an eggdrop to do your port scans if you wish. I'd rather use a tool designed to do the work when it's easily available.
Yea, not arguing the point that eggdrop may have innefficiencies compared to other tools. Regardless of any non-network tool though, I still think that any damage that such an ill-willed user wishes to perform from a proxy host, will have enough time to do so before such a tool would be able to ban him or her from the channel. (ie. spam, collect nicks, short flood, etc..)
strikelight wrote:Yea, not arguing the point that eggdrop may have innefficiencies compared to other tools. Regardless of any non-network tool though, I still think that any damage that such an ill-willed user wishes to perform from a proxy host, will have enough time to do so before such a tool would be able to ban him or her from the channel. (ie. spam, collect nicks, short flood, etc..)
That was the biggest problem I had when using eggdrop to scan ports, it took too long. The spammer/flooder was usually already gone, although the bans did keep them from making a quick repeat performance.
thing is i dont want to ban
i just dont want the bot to voice the user since its +Dm
and if possible write the proxy in a file so when it comes back it doesnt need to scan it again..
i searched in the tcl area and non of them worked!