August 28th, 2008  
Main Menu
  • Home
  • Support Forums
  • Support
  • People
  • Policies
  • Info
  • Services
  • Contribute
  • Clone Application
  • Server Application
  • Servers List

    • Links
  • Ladybears Services
  • WooHoo7 Script Site


    • Get NewNet's IRC Script
    		 
    SecureFAQ

    SecureFAQ - How to protect yourself and your channel on NewNet

    For questions and/or help regarding these issues, go to #services

    Introduction:
    -----------------
    Due to the recent problems IRC in general has been experiencing with some abusive users exploiting the IRC system in general, we have compiled this information to help you protect yourself. These steps have been here all along, but many users are not familiar with them. We strongly encourage you to read and implement the following procedures to ensure you are not a victim of an abusive users exploitation.

    Scope:
    ----------------
    This document answers the following questions:
    1) How do I ensure no-one is using my nickname when I am not on NewNet?
    2) How do I protect myself against another person impersonating me?
    3) How do I ensure that no-one can obtain channel ops using my nickname?
    4) How do I protect my channel against a takeover?
    5) How do I protect myself against viruses passed around thru irc?
    6) What preventative measures should I take against DoS attacks?

    NickServ is your most important line of defense. The key to most of the above is the proper use of NickServ. In the following paragraphs we will show you how NickServ will protect you from all of the above.

    NOTE: This document does not take the place of the !Services FAQ obtained from channel #services. !Services covers ALL NickServ/ChanServ commands and is recommended reading.

    Protecting Your NickServ Identity
    ------------------------------------------
    To ensure your nickname is not being used by anyone but yourself, you must first register your nick. The command for this is:

    /msg NickServ!nickserv@services.newnet.net register [password]

    Why do we not use just NickServ? Because any user could switch to the name NickServ and then you would be sending them your password!! You want to always make sure NickServ is noticing you back with the acknowledgement for the commands you used.

    Do not use your nick anywhere in the command line and don't forget your password. It is very important that you keep it in a safe place. Once registered, you need to set a nickserv access mask. This is done by determining your user@host. Before you can do this, you must first insure you are properly idented. To properly ident in mIRC, go to FILE/SETUP/IDENTD then check the Enable Ident Server box, and in the User ID box, type your preferred Ident. All other entries are fine as they are. To properly ident in pIRCh, go to tools/ident server fill out the user name you want to use, click on the active box and then close that window. To properly ident in BitchX, it should do this automatically as long as identd is installed on the machine. To properly ident in Ircle, it's automatic, it will properly ident you. But if you have questions you can join #ircle for more help.

    Once you have set your desired ident, you must log off, exit your program and restart. Log into the NewNet server of choice, and type: /dns [yournick] The exact name you chose to ident with should be right before the @ sign. There should be no ~ sign in front of it. If there is, there is something wrong and we suggest to join #services for help.
    To determine the proper mask, you must know a little about how your isp assigns dns addresses. Is your dns address static (always stays the same) or dynamic (changes each time you dial in to your provider)? If it is static, then the task is easy. Your mask would look similar to the following:

    YourIdent@206.48.106.86 or YourIdent@newnet.rulez.com

    In this case, the command to add your nickserv mask is:
    /msg NickServ access add YourIdent@206.48.106.86 [Place your mask here.]
    Note: You must be registered and identified (/msg nickserv identify yourpass) for this command to work.

    In most cases, your mask is dynamic and each time you dial in it changes. In this case you must determine exactly what changes about it. For example, my mask is User1@hes*.southwind.net. My actual dns can be anywhere from User1@hes1.southwind.net to User1@hes24.southwind.net. Since I know what numbers change, I am able to use the * to denote a wildcard. It is VERY important you do not wildcard the ident portion of your mask. If you are unsure of your correct NickServ mask, join #services and ask for help. This is a key issue in security and it is very important it be done correctly. In this case, the command to add your nickserv mask is:
    /msg nickserv access add YourIdent@hes*.southwind.net [Place your mask here.]
    Note: You must be registered and identified (/msg nickserv identify [yourpass]) for this command to work. Once you have a single access mask added to nickserv, you are ready to ensure no-one will be using your nick while you are away.

    To do this, type:/msg nickserv set kill on

    NickServ will now warn the person trying to take your nick and if that is insufficient, will kill them to ensure your nick is not used. Providing you have properly taken the above steps, you will be in for hassle free enjoyment of NewNet with no worry of an abusive user violating your nick. Additionally, proper ident, proper mask, and setting the kill feature on will also make your channel ops more secure.

    Protecting Your Channel
    -------------------------------------
    NickServ is your channels best line fo defense against takeovers, etc. Here is how to ensure your channel is as secure as possible:

    1) Never add ops to the Chanserv access list by Mask. Always use their registered Nickname.

    Example: /msg chanserv access add JumpMan 5

    You might ask why this is better? In order for JumpMan to have access to ops in the channel, he must first have identified with NickServ. This requires his nickserv password. If he followed all of the steps above, you can be darn sure its really him getting opped in your channel. The chanserv mask does not require this and is therefore less secure.

    2) Set Secureops on. Example: /msg chanserv set [channel] secureops on This feature ensures that anyone who is NOT on the chanserv access list will not get ops. If one of your ops were to attempt to op a friend not on the list, chanserv would de-op them immediately. This feature coupled with adding your ops by nickname will greatly reduce the chances of a channel takeover.

    DoS (Denial of Service) Issues
    --------------------------------------------
    DoS(Denial of Service) attacks are attacks which cause so much traffic on a computer that it causes it to not accept anymore incoming/outgoing connections. This is a denial of service attack because the computer that is being DoS'd is denying all connections in and out. You can't really prevent a DoS attack, some people believe if they have a firewall, or two that it will help. This is untrue, as DoS attacks can't be prevented, if they could, it would save businesses millions of dollars, as bandwith costs money. I'd say the best way to prevent it, is not to get yourself involved in anyway with someone you think might attack you.

    That means, if they provoke you, ignore them. That's really the best thing to do. Another thing is, people who DoS people like you to get mad, so, if you get attacked, just get off your computer for awhile, go read a book, or watch tv or something. Sure, you'll be mad, but don't let them know this. DoS attacks ARE infact illegal, and if you get caught 'causing DoS attacks, you could get jail time and a hefty fine to go with it. These attacks cost companies millions of dollars yearly, and a lot of unhappy customers. So please don't do it.

    Virus Issues
    ---------------------
    Virus's, who hasn't heard of them? Well, it's okay if you haven't (sure you're a little behind, but we're here to help you out). A computer virus has the same definition as a human bodily virus, and that is basically something that will mess you up. Viruses are usually extremely destructive to your PC. A lot of the new viruses are called worms, and they distribute themselves without the infectee knowing, which makes them even more effective. Sure, you wouldn't open a file from someone you don't know, but what if someone close to you (your mother, girlfriend, boyfriend, etc...) sent you a file, you wouldn't be as suspicious would you? Of course not you think, but, most of the time they may be distributing a virus and don't know.
    A lot of the worm viruses get a copy of a persons e-mail list and e-mail itself out to all of them. Some transfer theirselves to people on IRC when they join. Another type of virus is the trojan horse. A trojan may be sent to you, and when open, it gives a person COMPLETE control over your computer. It allows them to connect and view ALL of your files, and go through ALL of your personal things. On NewNet, the most common viruses you will see are the LIFE STAGES worm virus, netol.scr, and MyPicture.bmp.vbs. (Sure there are thousands more, but these are what you will mostly encounter on NewNet) Our suggestion is to update your virus scanner as often as possible. For virus fixes, and other help, you might want to check out www.nohack.net.


    We hope this helped you understand and implement the proper security procedures for both you personally and your channel. If you have ANY questions regarding this information, stop by #services and chat with us and we will be most happy to help.

    Copyright © 2001.. 2008
    NewNet IRC Network
    		  

    - Newnet's Java Chat - From here, you are able to connect to the newnet irc network using our java applet!

  • CHAT NOW!
    		•