Print Thread

Page 1 of 2

bad identh #186336 21/09/07 01:45 AM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	I have these notice flooders using random identh like this: Any script to ban those? [07:16] * Parts: shake`it (~f3o015oo@24.96.132.143): [07:16] * Parts: Denying` (~kxx7199kk@24.96.132.143): [07:16] * Parts: HiGh-TiLL-I-DiE3754 (~b228@24.96.132.143): [07:16] * Parts: s[e]x (~n193h6388@24.96.132.143): [07:16] * Parts: ViolinistUSA7328 (~b94947m@24.96.132.143): [07:16] * Parts: dreamrose2375 (~sw9515918@24.96.132.143): [07:16] * Parts: Telecom^Engineer1133 (~vl33l2@24.96.132.143): Last edited by Garou; 21/09/07 01:46 AM.

Re: bad identh Garou #186338 21/09/07 02:05 AM
Joined: Dec 2002 Posts: 503 Melbourne, Australia B Bekar Fjord artisan
Bekar Fjord artisan B Joined: Dec 2002 Posts: 503 Melbourne, Australia	In this particular instance, you could ban the host (!@24.96.132.143), or all non-idented users (!~@*).

Re: bad identh Bekar #186340 21/09/07 02:08 AM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	Yes I did ban that ip but they come back with diff ip but always with those same kind of identh. Is it possible to ban random identh or identh with numbers in it on join? Last edited by Garou; 21/09/07 02:41 AM.

Re: bad identh

Garou #186343 21/09/07 03:00 AM

Joined: Aug 2006

Posts: 469

Garou

Fjord artisan

Garou

Fjord artisan

Joined: Aug 2006

Posts: 469

Can my random nick kick be edited to kick bad identh?

Code:

 on @*:JOIN:#:{
  if (($israndom($nick)) && (%consonant == on)) { ban -ku600 # $nick 2 14Random Nick Detected }
}

alias -l israndom {
  var %nr = 1, %count
  while ($mid($1,%nr,1)) { 
    if ($v1 isletter bcdfghjklmnpqrstvwxz) {
      inc %count
      if (%count >= 5) { return $true }
    }
    else { var %count = 0 }
    inc %nr
  }
  return $false
}

Re: bad identh Garou #186348 21/09/07 04:14 AM
Joined: Oct 2004 Posts: 8,330 MA, USA Riamus2 Hoopy frood
Riamus2 Hoopy frood Joined: Oct 2004 Posts: 8,330 MA, USA	There may be a better way to do this, but you could set your script in an on JOIN event to count the number of numbers in the ident and if it has 3+ numbers in a row, ban the person. It may catch legitimate people as well, but it's hard to avoid since there doesn't seem to be a lot in common with those. I'm guessing regex is the best way to do that. Invision Support #Invision on irc.irchighway.net

Re: bad identh Riamus2 #186349 21/09/07 06:18 AM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	ok Riamus2 thx, hope someone have time code it thx.

Re: bad identh Garou #186350 21/09/07 09:20 AM
Joined: Aug 2006 Posts: 183 T Thrull Vogon poet
Thrull Vogon poet T Joined: Aug 2006 Posts: 183	Regex is indeed the best way to do that. However, I'd need a lot more addresses to text it out on. With the limited number from above, I'm very hesitant that I'd be able to ban 100% of the bots like that. Instead, I'd suggest a clone checker for the channel. Code: on @*:JOIN:#: { var %clonemask = $address($nick,2) if $ialchan(%clonemask,$chan,0) > 2 { mode $chan +b %clonemask var %i = 1 while $ial(%clonemask,%i).nick != $null { if $ial(%clonemask,%i).nick ison $chan { kick $chan $ial(%clonemask,%i).nick } inc %i } } } If someone comes on and then that person has two clones come on, it'll trigger the script to ban all the clones from that ISP. If you give me more data (as much as you have, preferably) I can write a tighter Regex and ban them that way instead. Last edited by Thrull; 21/09/07 09:29 AM. Yar

Re: bad identh Thrull #186353 21/09/07 01:30 PM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	We have lost of cafe users on our channel will that not ban them also? cause some cafe we can get up to 8 clones.

Re: bad identh Garou #186354 21/09/07 02:20 PM
Joined: Jan 2006 Posts: 111 N noMen Vogon poet
noMen Vogon poet N Joined: Jan 2006 Posts: 111	How many of those flooders join in lets say 3 seconds?

Re: bad identh Garou #186357 21/09/07 03:11 PM
Joined: Oct 2004 Posts: 8,330 MA, USA Riamus2 Hoopy frood
Riamus2 Hoopy frood Joined: Oct 2004 Posts: 8,330 MA, USA	Yeah, as noMen said, you can ban based of how many join at once... the danger of that being netsplits. I'd still recommend a regex method. Just give Thrull as many idents as you have so he has something to work with. Invision Support #Invision on irc.irchighway.net

Re: bad identh noMen #186359 21/09/07 03:36 PM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	6 to 8 join at the same time.

Re: bad identh Garou #186362 21/09/07 03:53 PM
Joined: Jan 2006 Posts: 111 N noMen Vogon poet
noMen Vogon poet N Joined: Jan 2006 Posts: 111	Here's a suggestion. I combined it with Thrull's clonekicker. Code: on !@*:JOIN:#:{ if ($regex($gettok($address($nick, 0), 1, 64), /[0-9]/g) >= 3) && ($isflood(joinfl. [ $+ [ $chan ] $+ [ $wildsite ] ], 6, 3, 1)) { ban -ku600 # $nick 2 14Random Nick Detected kickclones $address($nick, 2) } } alias isflood { if (!$3) return var %v = $chr(37) $+ isflood. $+ $1 if !$(%v,2) { set $(-u $+ $3,2) $(%v,1) 1 } else { inc $(%v,1) } if $(%v,2) >= $2 { if ($4) { unset $(%v,1) } return $true } return $false } alias kickclones { var %clonemask = $1 if $ialchan(%clonemask,$chan,0) > 2 { mode $chan +b %clonemask var %i = 1 while $ial(%clonemask,%i).nick != $null { if $ial(%clonemask,%i).nick ison $chan { kick $chan $ial(%clonemask,%i).nick } inc %i } } } This code does the following - it counts the number of ciphers in the identity of the joiner's address ($regex) - it also counts the number of joins with the same wildsite in a partical channel ($isflood) - if there are 3 or more ciphers in the address and there are 6 or more of such joins within 3 seconds, it will kick/ban the joiner plus its clones that already had joined I couldn't test this completely of course, but I tested the $regex and the $isflood separately. Ehm ... Thrull is responsible for the clone kick but it looks perfect to me. Btw, Thrull, Riamus, does mIRC known some kind of identifier to retrive the identity without having to use $gettok? I couldn't find one in the help ... O, Garou, you can change the 6 and the 3 in $isflood, but leave the 1 as a third parameter! Last edited by noMen; 21/09/07 03:54 PM.

Re: bad identh noMen #186364 21/09/07 04:27 PM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	that should work great, cool thx guys.

Re: bad identh Garou #186395 22/09/07 12:46 AM
Joined: Aug 2006 Posts: 183 T Thrull Vogon poet
Thrull Vogon poet T Joined: Aug 2006 Posts: 183	Quote: Btw, Thrull, Riamus, does mIRC known some kind of identifier to retrive the identity without having to use $gettok? I couldn't find one in the help ... Sadly no. Or if it does, it isn't documented that I know of. Yar

Re: bad identh noMen #186396 22/09/07 12:52 AM
Joined: Jun 2006 Posts: 508 Storage D deegee Fjord artisan
deegee Fjord artisan D Joined: Jun 2006 Posts: 508 Storage	Originally Posted By: noMen Btw, Thrull, Riamus, does mIRC known some kind of identifier to retrive the identity without having to use $gettok? I couldn't find one in the help ... $ial($nick).user

Re: bad identh deegee #186398 22/09/07 01:01 AM
Joined: Aug 2006 Posts: 183 T Thrull Vogon poet
Thrull Vogon poet T Joined: Aug 2006 Posts: 183	Well, yes and no. $ial($nick).user looks at your entire IAL. It doesn't look at a specific channel, which is problematic. This can be scripted around (as I did in my code above), but it is a bit annoying to have to do it that way. Yar

Re: bad identh Thrull #186399 22/09/07 01:07 AM
Joined: Jun 2006 Posts: 508 Storage D deegee Fjord artisan
deegee Fjord artisan D Joined: Jun 2006 Posts: 508 Storage	It's no problem. There can only be one user with a particular nick online at any one time. Provided <NICK> (and you of course) is on #CHAN, $ial(<NICK>) will always be the same as $ialchan(<NICK>!@,#CHAN,1)

Re: bad identh deegee #186403 22/09/07 01:33 AM
Joined: Aug 2006 Posts: 183 T Thrull Vogon poet
Thrull Vogon poet T Joined: Aug 2006 Posts: 183	Ah, yes indeed, you are correct. My apologies. I was answering a question that wasn't asked. Yar

Re: bad identh Thrull #186407 22/09/07 06:50 AM
Joined: Aug 2006 Posts: 469 G Garou OP Fjord artisan
OP Garou Fjord artisan G Joined: Aug 2006 Posts: 469	How about using Regex when they join with nicks like this exemple here? M_2728816 c_8576494 h_3018346 k_5134810 y_9942033 and `M_2728816 `c_8576494 Last edited by Garou; 22/09/07 06:58 AM.

Re: bad identh Garou #186418 22/09/07 01:58 PM
Joined: Oct 2004 Posts: 8,330 MA, USA Riamus2 Hoopy frood
Riamus2 Hoopy frood Joined: Oct 2004 Posts: 8,330 MA, USA	I don't know regex very well other than to be able to figure out what smaller ones do by looking at them, but here's a non-regex solution for that one. Code: if ($right($nick,7) isnum && $mid($nick,-8,1) == _) { ban here } EDIT: Well, here's a possible regex solution. I've never made a working regex before, but this seems to work. I'm sure it can be improved, and I'm hoping someone can do so so that I can learn it better. Code: $regex($nick,/^`?[a-zA-Z]_[0-9]{7}$/) That will match nicks that have any number of a-z, A-Z, and ` characters followed by a _ and then 6 numbers. EDIT: I counted the number of numbers wrong. Both examples are changed. EDIT2: Fixed the regex thanks to help from qwerty-. Last edited by Riamus2; 22/09/07 05:15 PM. Invision Support #Invision on irc.irchighway.net

Page 1 of 2

Link Copied to Clipboard

Forums Scripts & Popups bad identh