[bug #26571] /ban $nick is EXTREMELY easy to evade

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[bug #26571] /ban $nick is EXTREMELY easy to evade

Eric L.-2

URL:
  <http://savannah.nongnu.org/bugs/?26571>

                 Summary: /ban $nick is EXTREMELY easy to evade
                 Project: Wee Enhanced Environment for Chat
            Submitted by: jdhore
            Submitted on: Thu 14 May 2009 07:56:17 AM GMT
                Category: irc plugin
                Severity: 3 - Normal
              Item Group: irc protocol
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name:
        Originator Email:
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 0.2.6
                IRC nick: jdhore

    _______________________________________________________

Details:

/ban $nick is very easy to evade. In fact, it's as simple as parting the
channel, doing /nick some-other-nick and re-joining.

Currently it makes the ban:

jdhore!*@*
(Which bans the nick only)

My 2 suggestions are to either have it ban:

*!*@full-host-here

or

*!user@full-or-partial-host

The latter can't be evaded without the user disconnecting from the server,
changing the username in their IRC client's settings and
reconnecting/rejoining (or using a shell/proxy, of course). The former can't
be evaded in any circumstance in many cases, or in a few, can only be evaded
by the user using a shell, a proxy or resetting their DSL modem.




    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?26571>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/



_______________________________________________
Weechat-dev mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/weechat-dev
Reply | Threaded
Open this post in threaded view
|

[bug #26571] /ban $nick is EXTREMELY easy to evade

Eric L.-2

Update of bug #26571 (project weechat):

                Severity:              3 - Normal => 2 - Minor              
                  Status:                    None => Postponed              
             Assigned to:                    None => flashcode              

    _______________________________________________________

Follow-up Comment #1:

Ban mask should be improved after version 0.3.0.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?26571>

_______________________________________________
  Message posté via/par Savannah
  http://savannah.nongnu.org/



_______________________________________________
Weechat-dev mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/weechat-dev
Reply | Threaded
Open this post in threaded view
|

[bug #26571] /ban $nick is EXTREMELY easy to evade

Eric L.-2

Follow-up Comment #2, bug #26571 (project weechat):

I suggest using the tab-completion that is there to expand the entire host.
You can also have a look at the /oban command in the ChanOp Script at
http://www.weechat.org/scripts/source/stable/chanop.py/ which seems to support
custom/default banmasks.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?26571>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/


_______________________________________________
Weechat-dev mailing list
[hidden email]
http://lists.nongnu.org/mailman/listinfo/weechat-dev
Reply | Threaded
Open this post in threaded view
|

[bug #26571] /ban $nick is EXTREMELY easy to evade

Eric L.-2
Update of bug #26571 (project weechat):

                  Status:               Postponed => Fixed                  

    _______________________________________________________

Follow-up Comment #3:

Done, new option: irc.look.ban_mask_default

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?26571>

_______________________________________________
  Message posté via/par Savannah
  http://savannah.nongnu.org/


_______________________________________________
Weechat-dev mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/weechat-dev
Reply | Threaded
Open this post in threaded view
|

[bug #26571] /ban $nick is EXTREMELY easy to evade

Eric L.-2
Follow-up Comment #4, bug #26571 (project weechat):

Option renamed to irc.network.ban_mask_default

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?26571>

_______________________________________________
  Message posté via/par Savannah
  http://savannah.nongnu.org/


_______________________________________________
Weechat-dev mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/weechat-dev