autojoinchannel timer

[frootv]

hello. autojoinchannel were a nice features so that all users has default channel. i hope timer can be added so that user has time to login and mask their ip before joining a channel. whether a fixed timer or a variable which can be set in the config file.

thanks!

[jobe1986]

Not a bad idea, however it still wont prevent a users IP address being discovered by other means such as if a malicious user has his/her victim on their WATCH list.

For this reason Nefarious 2 provides a few additional features that help resolve this issue:

1. Nefarious 2 supports SASL when in use with compatible IRC services packages. When enabled any client that connects using SASL will be authenticated to services before theyre shown to connect to the network and will additionally receive user mode +x
2. Nefarious 2 also supports an additional form of authentication using server passwords in the format "//" (without the quotes) when used X3 and configured to allow it. Like SASL this also authenticates the user before completing the connection and sets user mode +x
3. Nefarious 2 also has a hybrid HOST_HIDING_STYLE 3 which uses style 2 (similar to UnrealIRCd) hosts for unauthenticated users and style 1 hosts for authenticated users. This combined with giving users user mode +x upon connect is also sufficient

[frootv]

dear jobe1986 thank you for the reply. unfortunately host_hiding_style 3 still not prevent users from showing their real IP in the autojoinchannel since the unrealircd +x masked is not as fast as autojoin. in the autojoin channel i can 3 times join, 1st with real ip, then quit, then with the unreal masked, quit, then the services masked. i believe timer on autojoin is the solution. i know people still can catch their real ip using watch or notify, but not all users can do that, but all users in the autojoinchan can see the real ip without a timer.
thank you in advance.

[jobe1986]

If you configure Nefarious 2 to give users user mode +x on connect they will get user mode +x and a cloaked host/ip before they will ever be able to join a channel. So I am afraid given that that is the case it is simply not possible for a users real IP to be exposed when the user is given user mode +x upon connect and HOST_HIDING_STYLE 2 or 3 are in use.

To give users user mode +x upon connect use the usermode option in the applicable class blocks. That way the IRCd will set +x before any JOIN command will even be processed, thus preventing the issue described.

Not to mention the autojoin channel option is processed after the usermode option and after the user has been introduced to the rest of the network. What this means is that because the usermode option and thus cloaking is processed before the network wide introduction, the autojoin will not be processed until after the introduction.

Additionally the description you gave only applies when the users OWN client has to set user mode +x as the QUIT+JOIN behaviour of setting user mode +x does NOT occur when the usermode option in class blocks is used to set user mode +x.

[NX-Andro]

Assuming you are using services compatible with Login-on-Connect (LOC), I would suggest using it. LOC authenticates you with services before you establish a complete connection, generally granting you +x before you can join any channels.

X3 for example, using AuthServ's SET AUTOHIDE ON feature will give +x on AUTH. You can read more about LOC in the documentation directory of Nefarious 2 or for your convenience, here: https://github.com/evilnet/nefarious2/blob/master/doc/readme.login-on-connect

Hope this helps!