6 Discussions

6 Discussions
6.1 A look under the hood
You might want to see what is transmitted between you and the server to better understand what's going on. mIRC has the command /debug on|off that saves a log in debug.log. In the log you will encounter "numeric replies", those numbers at the beginning of the lines. They are for example used in the /whois replies to identify the contents of each line. The common numeric replies are listed in chapter 6 in RFC1459, but I'd advice you to instead have a look at this webpage: http://mirc.stealth.net/download/ which contains a helpfile for numeric replies, also network-specific for Undernet, Dalnet and Efnet and give you good examples on ways to use them in scripts.

6.2 Privacy and anonymity on IRC
As a thumbrule you shouldn’t trust irc or internet for that matter when it comes to your privacy and anonymity.
Some networks can send invisible listeners into any channel, some even record everything you say and do. Never trust a network that dosn’t give out their sourcecode. Personally I wouldn’t trust a network that put restrictions on what you can talk about either, as that easily justifies “violations” of privacy. It’s easy to eavesdrop on internet conversations and irc in particular. You may use DCC chats to bypass the irc-network, but if privacy is of great importance for the conversation at hand, consider a substitute for IRC, preferrably one with heavy encryption.
As for anonymity, I’d say you are anonymous if people can’t track down your true identity. Your identity could be revealed by your IP address. This is the address of your computer when it’s on Internet, and can be translated into a corresponding DNS address. (Say modem50.ppp.village.net) Some nets mask your ID for other users, but on most nets you can see peoples address in the /whois reply. Even if your net masks it, they themselves have access to it, and could possibly hand it out. When you accept a DCC chat or filetransfer, you also reveal each others address. When someone has gotten your address, they ask your internet provider “who used that address at that time?” and if the ISP comply, your true identity is revealed. If IDENTD is used, your userid at your provider may be shown in a /whois, and a simple finger at your provider may reveal your identity. If you’r chased by lawyers, secret service or ECHELON itself, expect to be tracked down in more sofisticated ways.
http://www.user-com.undernet.org/newsletter/archives/2000/newsletter03-00.html - bouncers features an article on “bouncers”, relay-servers that you can route your IRC chat through, making it appear on IRC like you originate from that server and not your machine. Much like anonymous mail forwarding. On the other hand, bouncers are a golden chance at listening in on IRC conversations. How far can you trust the bouncers, or to rephrase: How far can you throw Manhattan?

What can the operators see according to current ircu?
Operators can not see messages between users, they can not monitor the talking in a channel without joining it and they can not join a channel without beeing seen. 1)
Apart from that, you should assume that the operators can join any channel regardless of restrictions, find you regardless of +i mode (2.5.1), see the secret channels you are on and who is in there with you. 2)
If you have a special operator in mind, the version-reply (4.2.7) should give you sufficient information about his powers.

But, that’s when we’re all playing by the rules. Perhaps the admin has tweaked ircu? perhaps he is packetsniffing his own machine? Tapping IRC chats are easy, and it isn’t harder with ircu than any other serversoftware.

1. I once were on a net where it was said they had a bot that could join a channel “invisibly”, and monitor for indecent words.
2. The ability to see inside +s/+p channels were added in ircu, but I guess other nets could have opted for this too.



6.3 What's a ping? Meet CTCP and DCC
A ping files under what we call CTCP (Client To Client Protocol) commands.
Essentially, sending a PING to a nick is an everyday PRIVMSG and the reply sent back is a NOTICE. A PRIVMSG is a message to a nick or a channel, so /ping #channel is a valid way to ping everyone in that channel.
The time and IP is determined with a LONG-number, (see G-lines(5.1.2)), and the PRIVMSG/NOTICE line also contain some special characters. The /me command is also a CTCP command. (Called ACTION)
You may convert between regular and long IP in mirc by typing //echo 2 $longip(IP-address)

The DCC (Direct Client Connection) is initiated via CTCP but has its own life after that.
For more information, have a look at http://www.doco-com.undernet.org/, they have both the DCC and CTCP RFC with good explanations. (Believe me, how CTCP work isn't hard to grasp at all) Type /ctcp nick clientinfo to see what commands the nick will respond to.
Beeing on a LAN or using a firewall, you may have run into problems with DCC. This ICS and IRC FAQ discuss the problem and possible solutions.

A small trick:
Typing /raw PRIVMSG BlondeBunny :DCC CHAT chat 413460262 8888 will trick BlondeBunny into initiating a Telnet session with the roleplaying server furry.org on port 8888. The character is 01 in hex, (most easily retrieved by copying from the debug.log in mirc) This could have been used for say, checking your mail via mIRC, but alas! Several clients disallow attempts/accepts of connections lower than 1024, stopping those with malicious intents. You may manage to connect to port 25 on a mailserver via mIRC, but a port 23 telnet dosn't seem to work (Anyone out there who managed this through mIRC? Please drop me a mail)

Note:
Typing "/raw ping garbage" does a serverping. That's the ping that makes those "PING? PONG!" lines in the status-window, checking to see if you'r online. It’s not related to the CTCP ping. The serverping before ircu2.10.11 had a “remote” capability, see 1.4.

6.4 What’s lag and bandwidth?
Bandwidth is about how much data the servers manage to squeeze in on their lines. If there's much data passing through, its going slow. The result is lag, that it takes a long time before you see what people typed. The easiest way you can reduce your lag when you'r chatting with someone, is to initiate a DCC chat. The text is then passed directly between you, not through the irc-network. Also, you won’t be affected by a netsplit in DCC-chats
For channels, you may want to use close servers. (4.1.2) The source of the lag can be traced down using /trace (4.1.5) and a remote whois (2.6)
6.5 Desyncs after a netburst
A netburst is the “reconnection” of the network after it has had a split.
During the netburst, most information in the network like who’s on which channel is synchronized. A timestamp as the one in the g-lines (5.1.2) is used to decide between conflicting information. If for instance, two people have the same nick, the one who got it first keep it, the other one is kicked off the net. This is exploited by services like X on Undernet by setting the timestamp to 0 (1. january 1970) thus overriding all other settings withouth violating any IRC protocol.
As of P10 (4.1.3) the away, silence, topic and invite information is not synchronized, to save bandwidth. Silence (2.12) has its own synch-system and common sense tell people to do the invite (3.6) over again. The average channelservicebot will synchronize the topic as well. To get hold of the away-message after a split without joining the persons server, you’d have to use a remote /whois (2.4)
6.6 Obscure commands
I believe that most commands in this guide can be usefull or interesting to someone out there. The commands below however, is absolutely uninteresting. But, this guide should contain every command reachable by the user, so here goes:
/raw dns: Displaying Something about DNS-caching data. (Hurray! it’s gone in ircu2.10.10 :-D)
/hash: I don’t even know! Grrr.. (Drat. The bugger is still around in 2.10.11 :-[ )
But ofcourse, you can pretend for your friends it’s something much more interesting. Use your imagination and mail your ideas to me, I’ll add the best to the guide in the next edition.
6.7 What’s Uworld, X and Cservice?
uworld is a service running on undernet. Acting as a server, it can set modes for a channel and by that helping opers fix channels more easily. It also helps administering g-lines. It has no services for regular users, but if you ping or msg it too much, you might set off its G-line floodprotection. Cservice is another service running. It’s the one responsible for the X channelbots you’ve probably encountered if you frequent Undernet.

6.8 Summary of Undernet anti-flood measures.
A network will want to minimize the number of ways people can harass others on it. A common loophole were to take advantage of net-splits to gain op in channels and cause “nick-collisions”, to kick people off the net. This loophole has been eliminated on Undernet with the use of “timestamps”, but flooding, the most common way to cause a DOS (Denial Of Service) or just causing annoyance prevails. Flooding is to send a lot of unwanted data to something, so that their connection is lost, their channelwindow is filled with garbage or they’r otherwise harassed.

I’ve mentioned the floodstoppers throughout the guide, Here’s a summary of how other people and the server is stopped from flooding you:

* Stops flooding in channel by nickchanges
* /Who and /names limit how many lines they send back to you
* A ban of a user already in channel shuts his mouth
* You can msg only a given number of people in a short time interval. (userhost/userip and wallchops works around it)
* ircu command “silence” is better than “ignore” as a floodstopper
* Clones are limited, and many connections from the same address in a short timespan might G-line you. (“reconnecting too fast, throttled”) Connecting 3 times in a row to the undernet within 20 seconds will get your IP throttled for 20 seconds.
* Somehow, getting the channellisting always floods me off EFNet, while it works just fine on Undernet.


Apart from this, the net takes action against you flooding it, by restricting remote calls to servers and hiding the network structure. Cservice also has floodstoppers built in.

6.9 Characters on IRC
For chatting in channels, anything that can be translated to ASCII gets through. (ASCII is a standard way to express characters) Note however, that since the parts of the ASCII table may be country-specific, your ASCII-art may not turn out as well for others. Fancy fonts will only show up on your own computer. You can use character map (charmap.exe) in windows to view the ASCII table.

Channelnames: After the initial #, & or +, all characters except NUL (\0), BELL (\007), CR (\r), LF (\n) a space or a comma
Colons in channelnames are valid for ircu but may be reserved for other purposes on other nets.

Nicks: The allowed characters are a to z, A to Z, 0 to 9 and [ ] { } [ ] { } \ | ^ ` - _
This is the same as saying that ’-’ and the characters ’0’ to ’9’ and ’A’ to ’}’ in the ASCII table are allowed.
The first character in a nick cannot be a ’-’ or a number.

The characters { } | ^ are considered the lower case equivalents of [ ] \ ~ respectively. This is said to be because of IRCs scandinavian origin, but while scandinavians will notice that Æ,Ø,Å is forced lowercase in channelnames, Å and Ä is not equivalent with each other or with any of { } | ^. This bear the mark of a backward-compatible ircu feature, and how non-american letters are treated on IRC may vary between nets.

A weird side-effect happens when trying to ban people with these characters in the name.
Trying to ban the nick “ac\dc”, *|*!*@* will work where *\*!*@* fails. *ac\dc*!*@* works just fine too.

Categories