EFnet IRC Network Forum

EFnet Forums
http://forum.efnet.org/

Proxy blocking

http://forum.efnet.org/viewtopic.php?f=3&t=1483

Page 1 of 1

Proxy blocking

Posted: Wed Mar 01, 2006 1:24 am
by evil
Just curious, is there some reason why most of the servers are proactive about keeping proxies out but irc.nac.net could care less? The only reason why I ask is because it seems that spammers have chosen irc.nac.net as the server of choice for that reason.

Re: Proxy blocking

Posted: Wed Mar 01, 2006 9:49 am
by Hardy
evil wrote:Just curious, is there some reason why most of the servers are proactive about keeping proxies out but irc.nac.net could care less? The only reason why I ask is because it seems that spammers have chosen irc.nac.net as the server of choice for that reason.
EFnet has a voted in requirement that all client servers should run a proxyscanner. Unfortunately isn’t every sever administrator as careful on keeping their proxyscanner up-to-date...

Posted: Wed Mar 01, 2006 11:41 am
by evil
I see, but I don't think irc.nac.net is doing any scanning because ports 8080 and 3128 have been popular proxy ports for a long time and the spammers are constantly using those. To make matters worse, doing a "stats p spammer_nick" just gets you banned from irc.nac.net. It's a bit irritating but it's not exactly my favorite server. I do however appreciate the excellent effort the other servers make in keeping out spammers.

Posted: Wed Apr 05, 2006 6:34 am
by sealie
There is no way for the EFnet way servers to "firewall" the ports used on the client end. Remember that the proxy ports has nothing to do with the IRC server, its what port the client machine is listening on for remote connections.

The most common way to prevent proxy/socks[4|5]/tor attacks on EFnet is implementing a BOPM (http://sourceforge.net/projects/bopm) client that basically got two features. It can do live scanning of connecting host, or query RBL lists (network blacklists) for every connecting IP to see if anyone else have blacklisted either the IP or the network its connecting from, and k/d-line any positives.
Unfortuately these lists requires alot of maintenance and attention, and the BOPMs needs to be updated with the most updated and recent RBL lists to be effective. Infact, many countries are forced to only use the RBL query method as live portscanning/querying is against the law in many counties (atleast in EU)
However, there are being implemented more effective list distributions as we speak to not only depend on RBL lists.

Hope this cleared things up a bit.

Posted: Mon Jul 30, 2007 2:42 pm
by nababan
any public proxy that allowed in efnet network?
PLEASE SHARE TO ME PLEASE

Posted: Fri Aug 03, 2007 2:22 am
by Kanaka
From what I've seen, the more lenient servers are

irc.daxnet.no [also allows most tor in]
irc.he.net [proxyscanner is a joke]
irc.nac.net
irc.vel.net

Posted: Fri Aug 03, 2007 2:24 pm
by munky
all open I servers are required to have a proxy scanner by global policy.

daxnet uses 2 TOR dnsbls, and what makes you say he.net proxy scanning is a joke?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/