> The hidden +x host was created with a reason: To protect users > and Undernet > > staff. If I run a ddos/botchan, and an oper walks in to gline > them, or a cservice admin join and removes my X bot, I really > think I shouldn't be able > > to see his IP, even if I'm a chanop. > > Spike
This is not an issue, if you want to protect an oper going into the channel for this, you just have to pub an additional check for the status of the user joining the channel before giving away his IP... Anyway you put it it wouldn't be hard to code. To the other objections on the privacy basis... I really don't understand your point and clearly you don't understand mine. Everything on this network is based upon the idea of protecting users from attackers and this is nice, but now, the way it is working it also help attackers who want to exploit this. Let be more practicle on an everyday example: #afunchannel, having the habitual limit of 45 bans have to deal with #wewilldestroyyou, a channel from where SomeIdiot is member of a fun team of 'you will not ban me from your chan even if i'm an asshole'. Nom, SomeIdiot have 10 buddies on #wewilldestroyyou that decide that SomeOp had a bad idea when he banned SomeIdiot from #afunchannel. In the past, there was 2 choices: 1- they join #afunchannel with 30 clones, flooding and so, and were banned one by one or by groups and the ops could trace the drones and contact the ISP if they want (or nuke them i admit) but when SomeIdiot did came back to SomeOp and told him 'see what happen', at least SomeOp was able to trace SomeIdiot and contact the ISP (or nuke him i admit). 2- they simply nuke the connexion of SomeOp (or everyone on the channel...) Today, what we have is: 1- they can't flood the connexion of SomeOp, but they will, from time to time, nuke everybody else on the channel who isn't using +x (...) 2- they come with 100 drones to the channel, much of them +x. You can't trace them so their ISP cannot be contacted (or nuked, i know). But it rapidly become impossible to manage the flood with bans so the only choice reside in banning *.users.undernet.org. (and now we go back to the old way, and get the same set of problems!!) And worst of all, when SomeIdiot come to claim 'you should know better than to ban me' there is not a thing you can do about it! If only ops could see real IPs: 1- flood of +x drones would be stoppable with much less bans. ISP could be contacted (or nuked i know). 2- SomeIdiot couln't claim his glory, since he would be tracable (log of a past join prior to the first ban) and so if a flood began 2 minutes after a ban, you would know what ISP to contact (or nuke i know!!) The difference between those cases? On the fisrt one, everybody can and will eventualy be nuked (arg) On the second, attackers are perfectly protected and untracable if they are a bit carefull, but the peoples on a target channel are still vulnerable! Non +x will still get DoS, and eventualy it is easy to force the issue and force ops to use +ban *.users.undernet.org and go back to the even less secure #1 state. The way i propose would simply turn the balance in the favor of ops by letting them act (hopefuly responsably) and be able to resolv a channel attack without having to revert to state #1. To the peoples who are suggesting that this would deprive sormal users of their protection, let remember some things: 1- It will always be a choice to join or not a channel. auto-join on invite are not an issue, this is a client matter. Want to try to solve the old game of #prison on the server side too? (auto-invite on part from this channel was giving a hard time to some mirc users) 2- If you want, you could put supplementary information on the topic... (mode +x or login to x sending a warning telling that their host will NOT be hidden from ops...) 3- you can even imagine (i dont like it) other ways, like putting a channel mode that would void this detection, then a client script could check if the channel have the mode set before joining. Anyway, i hope some lights will go on with this, try to imagine being in the position of the ops of a big channel.. or a support channel for a small isp that is seeing his connexion flooded simply because someone doens't appreciate besoin banned! (or worse doesn't want to give free access!) And to finish with this, choose an everyday example.. you always have the choice to enter in a store that would request that you give you name as a club member before going in. You then decide if this is acceptable for you before going in, even if it is possible that you will receive unwanted publicity afteward. Anyways, a good day (and a good year to come!) to everyone who's taking the time to think about this. Regards, - Alocin.
