Hmm..... He has a valid point, however, I still think
that the HEAD_IN_SAND code should still be
implemented. I suggest leaving it up to the admins on
whether they use it or not. I don't think this is our
department to decide that. I personally would like to
see the HEAD_IN_SAND code developed.
Regards,
Braden
--- Shaun O'keefe <[EMAIL PROTECTED]> wrote:
> Took him a long time to type this bless him :)
>
> Simba
>
>
> Shaun O'keefe,
> Home: +44 (0)115 9136164
> Cellular: +44 (0)7971 316698
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On
> Behalf Of VamPyro
> Sent: 19 July 2001 07:50
> To: [EMAIL PROTECTED]
> Subject: [User-Com] map links and notices
>
>
> I'm not sure if this is the place to go with this
> questions, but the website
> seems to make this as the place to go. I've used
> undernet for years and
> always have thought it was the coolest server with
> many useful functions,
> and now these functions are going away. If I saw lag
> taking place I could
> ping a channel and using there /whois info and /map
> figure out which link
> was having the problem and find a server on the
> other side. If the net
> splits, I could again use map to see which servers
> left and/or watch server
> notices to see when the server comes back. Now some
> of the servers don't
> allow server notices, the map command or links
> command (which I once
> scripted for my client a way to make its output like
> a map command sorta).
> This does not make sense. I understand the need not
> to want to be under
> attack as it has in the past, but this is not the
> answer. The routing
> committee and those in charge of dns and server
> software has already made it
> such that the hubs and services of the network
> resolve to 127.0.0.1 or not
> resolve at all. This eliminates all forseeable
> attacks on the hubs and
> services. The client servers need to resolve for
> obvious reasons. Thus now
> the only thing attackable is individual client
> servers. While this is still
> tragically possible, there is no real way around it.
> Therefore, the map
> command and links command work as well as they can,
> given that they show
> client servers and you can't get to a hub using the
> name provided. By
> removing these commands, you leave the clients only
> 2 choices for choosing a
> server and they are not very good choices. They can
> do as the reply for the
> command suggests and go to a webpage with a list of
> servers, which is not
> only usually far outdated, but does not give a good
> idea of which servers
> are better beyond the name and isp sponsoring, and I
> for one usually rely
> more on word of mouth, experience, and map command
> for an idea of how the
> network is set up to find the potentially most
> reliable servers. By watching
> server notices, I can also see which servers split
> often to avoid them, or
> to see when my favorite server is back from a split
> so I can rejoin that
> server. Quit message from net-splits also lets me
> have an idea of which
> servers left if I have the output from an old map
> command or links command.
> I also do whois commands on either fast clients for
> a server I might want to
> use, or on lagged clients to find which servers to
> avoid. These now
> tragically also show only *.undernet.org and no
> useful information. While
> this also prevents some forms of DoS attacks, noone
> has seemed too concerned
> for this type in years, and have also been patched
> against most of this form
> of attack. Again, the webpage even if it is
> up-to-date, has the name of the
> client servers and these names do resolve to ips to
> connect to undernet. If
> someone wanted to DoS a particular client server,
> they now have the method,
> just as if they had done a map command. The other
> choice left is to use the
> random pools eu.undernet.org and us.undernet.org.
> This severely hurts load
> balancing as without a choice the client is put to
> one server until it is
> full and then to the next. Not only does this
> overload some servers and
> leave others empty, but this also causes clients to
> take longer to connect
> as they have to go through a list of ips. On several
> occasions, the first
> server it connects to is split from the rest of the
> net. These pools should
> really only be used for and by those without a list
> of other servers to
> connect to and now this list is coming to the point
> of only being found on
> the web. This also doesnt solve attacks on
> individual client servers because
> by resolving these names, one is presented with a
> list of ips that can be at
> tacked.
> The only security issues I see being resolved by
> these means is not worth
> the hurt this has caused. While I can no longer tell
> which server you are on
> to attack it, I can still see your ip to attack you,
> which is most often
> (unless your name is Bill Gates) easier to take out.
> I cannot see any
> logical reason to take out a server for one persons
> inconvienience and with
> proper load balancing it would require DoS attacks
> to target several servers
> for one particular group. Again it would be easier
> to attack this group than
> a group of servers. The advantage to attacking the
> server before was to
> attack a major hub. By denying certain stats
> commands to only opers and
> having hub names that are unresolvable, this is
> fixed. If someone attacks a
> server now it is probably just to make security
> teams nervous and make
> servers more and more unusable due to all the
> restrictions and it appears
> this is working. I may not require all the knowledge
> of whats going on with
> the servers, but being informed makes my experience
> much more enjoyable by
> allowing me to deduce which servers are
> (un)reliable, where lag spots are to
> find servers in the majority for if/when the split
> occurs and for finding
> which servers my friends use so that I can be closer
> to them to reduce lag.
> Without server notices, without map and links
> commands, and especially
> without usable information in a client's whois
> information or a netsplits
> quit message, I am gradually becoming helpless on a
> network gradually
> becoming over-paranoid about security and attack
> risks. If you have read
> this far I thank you for the time and consideration.
> If I have emailed the
> wrong place I ask you forward this to the proper
> place. I am only
> registering a complaint and looking for explanations
> and begging that
> undernet doesnt become the dull boring security
> tight place other networks
> long ago became (which became the whole reason I
> enjoyed undernet; friendly
> people with workable, efficient and reliable
> servers). Again I thank you for
> your time.
> Sincerely,
> Daniel Radachi
> bka 'VamPyro'
>
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
