mIRC Home    About    Download    Register    News    Help

Print Thread
Joined: Mar 2004
Posts: 3
T
tuatha Offline OP
Self-satisified door
OP Offline
Self-satisified door
T
Joined: Mar 2004
Posts: 3
I've been visiting a regular chat channel where a particular user (who has a history of malicious internet behaviour) has turned his attention towards me.

The channel operators say they cannot do anything about the problem because he uses proxy servers, so if he is banned he can return.They just tell me to ignore him. They also refuse to do anything if he sends private chat messages to me when he sees me in the main chat window.

I can use /ignore nick, and change channels where sometimes the channel operators will ban him, but he just changes to another nick and logs back in with a different address. He persists in sending obscene messages privately and hacking threats etc etc.

Can I get some help with a situation like this? (I am sure he will move on eventually when he finds another target, but if nothing can be done that just means he will never stop behaving this way.)

Also he threatened to hack my PC (I don't think he can, or he would have actually done it, instead of just trying to intimidate me) but I installed Zone Alarm. I don't know how to configure mIRC to use the firewall though.)

Explanation of technical replies would be preferred. Thanks.

OS: Win98
Connection: Dialup ISP



Joined: Jun 2003
Posts: 5,024
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
Hey there smile - Sorry you're having this bad experience frown

Firstly, we on these boards have no ability to do anything about a user. We have no affiliation with any one network or channel, nor do we know the policies of every network, or how their IRCop system works. We're simply volunteer IRC users.

If he is constantly changing IPs/vhosts/nicknames/idents then, I'm terribly sorry to say, there is not much to be done at your end. You might try contacting an IRC Operator as they may be able to take further steps. K-lines, AKills/G-lines are usually ineffective however. Due to their authority though, IRC Operators are able to talk to these kind of users and reason with them to stop. Some other times however, people are just determined to act like asses.

Threats to hack your PC...I really wouldn't worry about that, but good for you for installing a firewall. If you do detect threats, be sure to DNS the IP and find out the ISP and report it to them, even if you don't know who it is or not. If he builds up a record, he can get disconnected from his ISP, or at least he cannot use that hostname anymore.

As you say though, in my experience (I've had more than my fair share of these lamers), the only thing you can do is wait it out. They really do get bored, it's just they haven't got anything else to do with their lives.

You could also hide for awhile. Use a different nickname and IdentD, and if possible change your hostname, and let your friends know privately it's you. Don't announce it to the public. This way you can continue chatting and this idiot will come to the channel none the wiser. A lot of these people put your usual nickname on their notify list so they can get to you as soon as you get online. Hiding is a good tactic for the short term.

Hope it is over soon smile

Regards,


Mentality/Chris
Joined: Mar 2004
Posts: 3
T
tuatha Offline OP
Self-satisified door
OP Offline
Self-satisified door
T
Joined: Mar 2004
Posts: 3
thanks for your reply.

I was hoping there might be some way to use the ignore function so that he can't keep sending private messages. frown

I checked the policy for the server, it says to use /silence +nick when the user is online. Here's what it says:

"This blocks all direct traffic from a particular host mask to you (unfortunately this does not include channel traffic, however by using the client-side /ignore command you can counter this problem): for instance if you type /silence +nick it will block all traffic from me (the implied host mask will be nick!*@*). It stops harassment cold and even has limited effectiveness against flooding, although as stated above we can deal with that as well...

...with a /silence you can block off a far greater address space without it infringing on anyone else; you could easily /silence *!*@*.aol.com whereas if we K-Lined that same hostmask there would be an uproar."

So I'll see how that goes if the user attempts to harrass me again. I don't understand about the host mask, what that means.

Also I don't know how to DNS an IP (sorry, very low technical skills here) so if you could explain that more fully that would be great.


Last edited by tuatha; 12/03/04 12:24 AM.
Joined: Jun 2003
Posts: 5,024
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
Well, you can block private messages from ALL people, and then use the mIRC -x ignore switch to make exception hostnames for your friends. To ignore all private messages, use:

/ignore -pn *

this ignores query messages AND notices. To add a person to your exceptions list, use:

/ignore -x *!*@hostname

or if they're online, use:

/ignore -x nickname 3 (The '3' adds the *!*user@hostname).

Also see /help /ignore

To DNS an IP (Internet Protocol) type /dns IP.here. It should resolve it to a hostname, and at the end of the hostname is the ISP (Internet Service Provider).

For example:

Let's say UserX is with AOL as an ISP. His IP is 123.456.789.101.

/dns 123.456.789.101

* Dns resolving 123.456.789.101
* Dns resolved 123.456.789.101 to ABCD36B0.ipt.
aol.com[/color]

(Note: This is an example, using the above will not work)

Most ISPs abuse report email is abuse@isp.com - For example, abuse@aol.com is AOL's. To be sure, you might check out the ISPs website. If you don't know it, search Google with the ISPs name as the search term.

Hope this helps smile

Regards,


Mentality/Chris
Joined: Dec 2002
Posts: 3,127
P
Hoopy frood
Offline
Hoopy frood
P
Joined: Dec 2002
Posts: 3,127
As a side note, if this user is making you feel really uneasy and threatened (as opposed to just being annoying), you could check to see if the network you frequent has a #WiredPatrol channel, or check their website, www.wiredpatrol.org for advice


ParaBrat @#mIRCAide DALnet
Joined: Dec 2002
Posts: 2,985
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,985
I wrote this many moons ago but it is still fairly relevant. The top two paragraphs may apply to your situation.

Joined: Nov 2003
Posts: 2,327
T
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
Quote:
If you do detect threats, be sure to DNS the IP and find out the ISP and report it to them, even if you don't know who it is or not.

this is where you might be able to help me out smile
in zonealarm, i have at least 20 "high-rated" intrusions a day, but some are from irc networks proxy scanners, it's really quite hard to tell whether certain intrusions were malicious or not.
most of the intrusions have TCP flags: S (i'm guessing this is a syn packet?), and i can never really decide whether to report it or not.
any ideas?


New username: hixxy
Joined: Dec 2002
Posts: 2,985
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 2,985
Zonealarm, by its very nature also finds it hard to tell. I don't bother with occasional attacks. Wait till you can barely stay connected before making formal complaints. ISP's generally won't listen otherwise.

Joined: Nov 2003
Posts: 2,327
T
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
ok, thanks smile


New username: hixxy
Joined: Nov 2003
Posts: 46
D
Ameglian cow
Offline
Ameglian cow
D
Joined: Nov 2003
Posts: 46
Hi,
As a side note, those high rated attacks that you are seeing may just be the networks open proxy sniffer.

I dont use zone alarm but in my firewall I can backtrace to the source and more often than not its the networks proxy sniffer.

Quite a few networks now use this feature to detect open proxy's. If they are found, you get dc'd.

Regards,
Dizkonnekted


Dizkonnekted from reality....!
Joined: Nov 2003
Posts: 2,327
T
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
yes, it wasn't them i was worried about.
more worried about the excessive syn packets i receive from well known websites (probably a spoofed ip)


New username: hixxy
Joined: Jun 2003
Posts: 5,024
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
I don't know about ZoneAlarm, I don't use it. Some firewalls have a feature that ignores certain IPs completely, I know Norton Personal Firewall does, but of course you have to pay for that (although you can try the 30 day free trial).

Other than that, and of course Watchdog's good advice, can't think of anything.

Regards,


Mentality/Chris
Joined: Mar 2004
Posts: 3
T
tuatha Offline OP
Self-satisified door
OP Offline
Self-satisified door
T
Joined: Mar 2004
Posts: 3
Thank you to everyone for your help. I have followed the advice given and blocked all private mesages, and am making exceptions as needed. (and of course I can still open a window to anyone I want to talk to.)

I now feel that I can enjoy chatting with my friends again, which is what it's supposed to be about. smile So far there has been no further harrassment, I hope that this is the end of it now.

I am also very grateful that this forum is here to help.

tuatha

Joined: Jun 2003
Posts: 5,024
M
Hoopy frood
Offline
Hoopy frood
M
Joined: Jun 2003
Posts: 5,024
You're welcome smile - I'm glad you managed to get it sorted! (fingers crossed)

Happy chattin'

Regards,


Mentality/Chris

Link Copied to Clipboard