software/RELEASES/ircservices/achurch.org/services/lists/ircservices/2002/003317.html

   1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
   2 <HTML>
   3  <HEAD>
   4    <TITLE> [IRCServices] Network Policies..
   5    </TITLE>
   6    <LINK REL="Index" HREF="index.html" >
   7    <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Network%20Policies..&In-Reply-To=">
   8    <META NAME="robots" CONTENT="index,nofollow">
   9    <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
  10    <LINK REL="Previous"  HREF="003321.html">
  11    <LINK REL="Next"  HREF="003318.html">
  12  </HEAD>
  13  <BODY BGCOLOR="#ffffff">
  14    <H1>[IRCServices] Network Policies..</H1>
  15     <B>Craig Edwards</B>
  16     <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Network%20Policies..&In-Reply-To="
  17        TITLE="[IRCServices] Network Policies..">brain at brainbox.winbot.co.uk
  18        </A><BR>
  19     <I>Mon Nov 18 20:09:01 PST 2002</I>
  20     <P><UL>
  21         <LI>Previous message: <A HREF="003321.html">[IRCServices] Network Policies..
  22 </A></li>
  23         <LI>Next message: <A HREF="003318.html">[IRCServices] updating?
  24 </A></li>
  25          <LI> <B>Messages sorted by:</B>
  26               <a href="date.html#3317">[ date ]</a>
  27               <a href="thread.html#3317">[ thread ]</a>
  28               <a href="subject.html#3317">[ subject ]</a>
  29               <a href="author.html#3317">[ author ]</a>
  30          </LI>
  31        </UL>
  32     <HR>
  33 <!--beginarticle-->
  34 <PRE>If that one server is compromised, yes. But in the end, the
  35 ircservices box should be under control of the netadmins, who
  36 have final juristiction over what does and doesnt happen on their
  37 network in most cases. The whole idea is keeping the network run
  38 how the admins want it to be run, and not how individual server admins
  39 want to do things their own ways. Some irc networks such as efnet
  40 operate this way though, where each admin has their own policies,
  41 and such services wouldnt be forced to load such a module. On a side
  42 note, im thinking of expanding this to a larger project, called (working title)
  43 &quot;AbuseServ&quot; which would also do such things as network-wide scanning of
  44 proxies (this is something else that should be centralised, if one admin accidentally
  45 unloads their proxy scanning module from their ircd, it creates a &quot;weak link&quot;
  46 where abusive clients may connect, rendering the whole system useless).
  47 Any ideas on this whole idea, please mail me off the mailing list, as this is
  48 starting to become interesting with all the ideas im being given (Thanks MrBOFH!)
  49 and i will certainly start work on this as an optional addition for ircservices :)
  50
  51 &gt;<i>From: &quot;Craig Edwards&quot; &lt;<A HREF="http://www.ircservices.za.net/mailman/listinfo/ircservices">brain at brainbox.winbot.co.uk</A>&gt;
  52 </I>&gt;<i>
  53 </I>&gt;&gt;<i> Sometimes this is not possible - lets take for example a
  54 </I>&gt;<i>hypothetical situation where server may be compromised by crackers.
  55 </I>&gt;<i>You'd trust the admins running the server, but someone would be in
  56 </I>&gt;<i>control of the server secretly who you probably dont know, and
  57 </I>&gt;<i>certainly dont trust. In this case their first action may be to set up
  58 </I>&gt;<i>an oper with reasonably high privilages and &quot;play around&quot; with it.
  59 </I>&gt;<i>This system would prevent such a situation by immediately de-opering
  60 </I>&gt;<i>any such abusers as soon as it saw them, unless the policy actually
  61 </I>&gt;<i>said they could oper up.
  62 </I>&gt;<i>
  63 </I>&gt;<i>
  64 </I>&gt;<i>So, one person (who host services) would have TOTAL control of a
  65 </I>&gt;<i>network and it's Admins?
  66 </I>&gt;<i>I don't think this is a good idea.
  67 </I>&gt;<i>
  68 </I>&gt;&gt;<i> server may be compromised by crackers
  69 </I>&gt;<i>
  70 </I>&gt;<i>As well as services' server...
  71 </I>&gt;<i>
  72 </I>&gt;&gt;<i> but someone would be in control of the server secretly who you
  73 </I>&gt;<i>probably dont know, and certainly dont trust.
  74 </I>&gt;<i>
  75 </I>&gt;<i>What if someone gain access to services then?
  76 </I>&gt;<i>
  77 </I>&gt;<i>
  78 </I>&gt;<i>-----------------------------------------------------------------------
  79 </I>&gt;<i>Z kraju i ze swiata, minuta po minucie &gt;&gt;&gt; <A HREF="http://link.interia.pl/f1676">http://link.interia.pl/f1676</A>
  80 </I>&gt;<i>
  81 </I>&gt;<i>
  82 </I>&gt;<i>------------------------------------------------------------------
  83 </I>&gt;<i>To unsubscribe or change your subscription options, visit:
  84 </I>&gt;<i><A HREF="http://www.ircservices.za.net/mailman/listinfo/ircservices">http://www.ircservices.za.net/mailman/listinfo/ircservices</A>
  85 </I>
  86
  87
  88 </PRE>
  89
  90 <!--endarticle-->
  91     <HR>
  92     <P><UL>
  93         <!--threads-->
  94         <LI>Previous message: <A HREF="003321.html">[IRCServices] Network Policies..
  95 </A></li>
  96         <LI>Next message: <A HREF="003318.html">[IRCServices] updating?
  97 </A></li>
  98          <LI> <B>Messages sorted by:</B>
  99               <a href="date.html#3317">[ date ]</a>
 100               <a href="thread.html#3317">[ thread ]</a>
 101               <a href="subject.html#3317">[ subject ]</a>
 102               <a href="author.html#3317">[ author ]</a>
 103          </LI>
 104        </UL>
 105
 106 </body></html>