ircuser
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | ircuser [2006/09/28 23:18] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | # $EPIC: ircuser.txt, | ||
+ | ======Synopsis: | ||
+ | __ircuser__ < | ||
+ | |||
+ | ======About usernames, registration, | ||
+ | Whenever you connect to an irc server, the client sends some information | ||
+ | about you to the server (``registration'' | ||
+ | mation it sends is your " | ||
+ | the account you are logged into. The server treats this username as | ||
+ | nothing more than a fallback value; a hint. The server does not trust | ||
+ | the client to send trustworthy data (and why should it? The user has | ||
+ | control over the client. ;-) | ||
+ | |||
+ | By default, the server always queries your username by asking the ident | ||
+ | (auth) service that is running on your machine (using RFC 1413). | ||
+ | host is running identd, then the value returned by identd will be used as | ||
+ | your username and the " | ||
+ | If your host is not running identd, then the value provided at registration | ||
+ | time is used, but is prepended with a ~ (tilde) to warn other irc users | ||
+ | that the username was not authenticated. | ||
+ | |||
+ | It is a good idea to be running an identd, and many servers on large public | ||
+ | networks absolutely require that you be running identd before they will | ||
+ | accept your registration. | ||
+ | an annoyance... | ||
+ | |||
+ | In the modern irc world, most of the irc users are running windows, where | ||
+ | this is no concept of a username, and hence the username you see for them | ||
+ | is ultimately provided by the client. | ||
+ | provide their own identd server which just returns the same username that | ||
+ | the client provided at registration time. Therefore, the username that | ||
+ | you get for a user is not really of much value at all, even if it is | ||
+ | " | ||
+ | |||
+ | One of the features of the identd service is that if you ask it for the | ||
+ | username of a connection that does not exist, it will return an error | ||
+ | code. A popular irc attack is to forge many irc connections (and | ||
+ | registration attempts) from a victim' | ||
+ | annoy an operator enough into falsely K-lining the victim for running | ||
+ | clonebots. | ||
+ | |||
+ | Every time a connection is made to an irc server, the server asks the | ||
+ | identd service on the connecting host what the username is for the new | ||
+ | connection. | ||
+ | an error, and the server will consider the connection non-authenticated. | ||
+ | |||
+ | Thus, if a server forbids all non-authenticated users, then by rule all | ||
+ | connections on the server have been positively confirmed by an identd | ||
+ | service running on the connecting host to be valid and truthful. | ||
+ | therefore possible to hold responsible people who do rude things to others | ||
+ | since it is not possible to forge connections with others' | ||
+ | |||
+ | There are three lessons here: | ||
+ | 1) DO run an identd service, even if it is one that lets you control | ||
+ | what it returns as your username. | ||
+ | what your username is, only that the connection actually came from | ||
+ | you. Running an identd service is your first line of defense from | ||
+ | others who would try to get you in trouble. | ||
+ | 2) DON'T run an identd service that returns a dummy username for all | ||
+ | requests valid or invalid. | ||
+ | *are* running clonebots and will get you in trouble. | ||
+ | 3) DON'T run an identd service that returns an error for all requests | ||
+ | valid or invalid. | ||
+ | are actually forgeries and many large public servers don't want any | ||
+ | forged connections. | ||
+ | |||
+ | Do your part. Run identd for the good of IRC. | ||
+ | |||
+ | ======Description: | ||
+ | You can use this command to change the default " | ||
+ | EPIC to the server every time you establish a new server connection. | ||
+ | This " | ||
+ | you **are** running an identd server, right? ;-) Because the " | ||
+ | generally discarded, being able to set the " | ||
+ | |||
+ | You must, of course, [[reconnect command|reconnect]] after you use | ||
+ | __ircuser__ before your new username will be seen to other users (if at | ||
+ | all). | ||
ircuser.txt · Last modified: 2006/09/28 23:18 by 127.0.0.1