Partial Spoofing of User's Addresses

Dan Udey danudey at gmail.com
Thu Feb 10 12:01:43 EST 2005


I should also point out one thing I've noticed in the past on various
IRC networks. If you have user at cable.host.com and mask to
user at spoof.host.com, that works fine. If you have user at 127.0.0.1 and
mask to user at 127.0.0.spoof, then some (most?) IRC clients will assume
this is a reverse-resolved host, and will set banmasks like
user@*.0.0.spoof (which, depending on your code, may or may not work).
Masking IP addresses as 127.0.0.000 (or 999, or whatever) will
generally overcome this problem.


On Thu, 10 Feb 2005 14:21:33 +0200, Peter Pentchev <roam at ringlet.net> wrote:
> On Wed, Feb 09, 2005 at 11:43:29PM -0800, Jack L. wrote:
> [format recovered - see http://www.lemis.com/email/email-format.html]
> > Michael <xeon at xshellr8.com> wrote:
> > >
> > > Thanks Jack.
> > >
> > > I'm surprised that no one has created some hack that will allow
> > > hybrid to do this, especially since there are other ircd's that do.
> > >
> > > At any rate, thanks for the help.
> >
> > It has been discussed many times and I believe there are patches out
> > there for it, but a lot of us don't like the idea of hostmasking so
> > that is why its not in the stock ircd, however, if someone creates a
> > patch that will provide hostmasking, we might put it in the contrib
> > portion. And as for those other ircds, those are the other ircds :)
> 
> Actually, I believe this is part of the modifications in the
> ircd-hybrid-7-bg project - http://sourceforge.net/projects/hybrid7-bg/
> I'm not quite sure how easy it would be to extract just the hostmasking
> part, though...
> 
> G'luck,
> Peter
> 
> --
> Peter Pentchev  roam at ringlet.net    roam at cnsys.bg    roam at FreeBSD.org
> PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
> Key fingerprint FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
> The rest of this sentence is written in Thailand, on
> 
> 
> 


-- 
Dan Udey



More information about the hybrid mailing list