webchat

[Klimpong]

Could you make user authenticate with their forum account? We had repeated abuse on channels where users with "chat.efnet.info" joined and spammed channels.

Not a big deal, but a nice to have.

[seiki]

sure, we could.. but what would stop them from just signing up for new forum accounts?. then we'd have to moderate and approve all new users, and that would suck..

the best thing to do, is log the abuse, and send it to abuse@efnet.info

we'll do what we can to track them down and make their lives miserable.

thanks!

-douglas

[SimonB]

Perhaps you could run a script on chat.efnet.org to check for open proxies on the standard ports. That way it would be easier to ban abusive people behind the cgi:irc.

I have noticed problems with cgi:irc with certain proxies. The connection to the IRC server can keep running for up to 24 hours after the user has disconnected. It will still reply to PING etc for the whole duration. I wont go into detail here but I assume this could be abused somehow...

[munky]

if the client is disconnected from the session, the only abuse a 'ghost' of this sort could do is to sit idle in a channel.

without re-writing the connection code for the cgi itself, we could not easily make it check for open proxies.

if someone is abusing from *@chat.efnet.info, contact any of the admins of the website, we all have access to edit the ipaccess file (though usually it's just me )

[Klimpong]

sure, we could.. but what would stop them from just signing up for new forum accounts?. then we'd have to moderate and approve all new users, and that would suck..

the best thing to do, is log the abuse, and send it to abuse@efnet.info

we'll do what we can to track them down and make their lives miserable.

thanks!

-douglas

People always try to abuse things that have no authorization. It's little efford. Assuming GD lib or similar is installed on this server you can even block scripts from registering forum accounts.

[Qube]

iif someone is abusing from *@chat.efnet.info, contact any of the admins of the website, we all have access to edit the ipaccess file (though usually it's just me )

Today I had to ban the whole of *!*@chat.efnet.info because of some lame asshat wreaking havok in #php. What would be really useful would be a constant ident (not sure how you work out the ident, but his kept changing).

Maybe, also as the previous poster suggested, tying it to accounts - then at least you're ip tracking becomes much easier since they have to have a working email to create the account. You don't need to approve everyone, but it'll stop the lamos from thinking they can get away with the abuse.

Cheers,

Paul.

[wundr]

What would be really useful would be a constant ident (not sure how you work out the ident, but his kept changing).

The ident as well as the realname/gecos field both have the user's originating IP in hex. You can use a scientific calculator to convert it, or there are web sites such as this that you can use to convert it to an IP address. for example, 7f000001@chat.efnet.info tells me that the address that is connecting to the web client is 127.0.0.1 (as an example). So, basically, it IS constant as long as the person connects to it from the same IP.

[munky]

the user may be using dialup or open proxies. if either is the case, contact a chat.efnet.info admin (i believe felix, hardy, and i all have access) and we can ban the IPs in question.

[Qube]

<look ma, I posted a log because I can't read the forum rules!>

[skrizatch]

d81a8446@chat.efnet.info
41f3dd34@chat.efnet.info

Basically the guy is trying to provoke a ban on all of chat.efnet.info.

I don't think he means for you to post abuse logs here. Also, the webchat seems to be down tonight at the moment (2:00 AM EST.) Webchat is and always will be one of those crap shoots that you just have to deal with one way or another. People who really want to be asshats can always find a way to be themselves.

That's my two cents ...

~ skriz

[munky]

well that was a long dead and forgotten thread...

but chat.efnet.org is back online now. lighttpd had crashed, apparently.