Re: security questions

[Kurt Roeckx <Q@xxxxxxx>]

On Wed, Nov 08, 2000 at 06:36:04PM +0100, Dejan Lekic wrote:
> 
> 1) Is there any way to hide hostmask (we want to protect our users): per 
> example - let's say we have user with hostmask: Sanda!^mama@xxxxxxxxxxxxx 
> We want everyone on the NET see that user as: Sanda!^mama@*.htu.se or 
> Sanda!^mama@xxxxxxxxxxxxx

There currently isn't an option to do this, and I doubt we will
ever include it.  It stops people from being able to give a good
abuse report to the admin.

It shouldn't be to hard to implement something like that tho, but
you do want to think about certain commands that may reveil the
real host or ip.  The first thing that comes to mind is stats L
nick (note the capital), which will show the ip.

> 2) What is compression level between two IRC servers? I have tested but 
> havent't found that (like they said) Hybrid has better compression...

Like always, commpression depends on the data that is being
transfered.  You can set different levels of compression tho, see
ZIP_LEVEL in config.h.

You really should compare the total bw used by the two, not how
much it compresses.

> 3) Can someone sniff connection between servers/clients and see what people 
> talk (can someone in that way see private conversations) ?

If there is someone in between, he always can.  Irc is not a
secure protocol, it's all plain text.  If someone can sniff it,
he can see what you do.

> 4) Is there services available for IRCnet ircd? (MemoServ, OperServ, i am 
> not interested in NickServ and ChanServ)

There are a few services, like tkserv that comes with ircd.
There is a noteserv, which would be about the same as memoserv I
guess.

Services, like we define it, can not have anything to do with
channels.  They do not have any special power.  If you want
something like operserv, nickserv, or chanserv, you'll have to
link a server to provide them.


Kurt