| View previous topic :: View next topic |
| Author |
Message |
NewzNZ
Halfop
Joined: 05 Mar 2009
Posts: 60
|
 Posted: Sat Aug 03, 2019 6:23 am Post subject: Telnet connection flood ignores |
 |
|
Hi
My bots have recently been getting flooded by Telnet connections such as:
[09:48:18] Telnet connection: 185.100.87.250/45920
[09:48:17] Telnet connection: ip231.208-100-26.static.steadfastdns.net/45518
...so many floods at a time that it causes the bots to Ping timeout.
(numbers after the / change with every connection attempt)
Have tried using +ignore but they eventually time out - is there a way to place a perm ignore on an address or set of addresses...such as that first 185 one or the steadfastdns.net one?
Thanks in advance. |
|
| Back to top |
|
 |
willyw
Revered One
Joined: 15 Jan 2009
Posts: 1175
|
| Posted: Sat Aug 03, 2019 7:46 am Post subject: Re: Telnet connection flood ignores |
|
|
| NewzNZ wrote: |
...
Have tried using +ignore but they eventually time out - is there a way to place a perm ignore on an address or set of addresses...such as that first 185 one or the steadfastdns.net one?
...
|
Some months ago, I was getting it on a couple bots, too. Not that bad though - it never caused a timeout.
I discovered that if I put the address on ignore for about a week, that was enough. By the time the ignore expired, they had stopped. One day was not enough.
Anyway - just experimented with the ignore command, and it seems that 364 days is the maximum it will keep an ignore active.
Try it. Give it 1000 days. It will save the ignore with 364.
The question for you is: Isn't that enough? 
Also, look in eggdrop.conf.
Find:
| Code: |
# Define here how many telnet connection attempts in how many seconds from
# the same host constitute a flood. The correct format is Attempts:Seconds.
set telnet-flood 5:60
|
This will cause the bot to automatically put them on ignore. I just tested it - it works.
What I don't understand is ( if you have left it at the default settings as shown above) why - with the volume of telnet attempts and frequency of them that you have described - why the bot is not automatically putting them on ignore all by itself.
Check that setting. Maybe you have it off ?
And set it to something that you feel is appropriate.
The length ot time before such an ignore expires is controlled by:
| Code: |
# Set the time in minutes that temporary ignores should last.
set ignore-time 15
|
If you want automatic ignores to be longer, that's where you change that.
I hope this helps.
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia ! |
|
| Back to top |
|
|
willyw
Revered One
Joined: 15 Jan 2009
Posts: 1175
|
| Posted: Sat Aug 03, 2019 7:52 am Post subject: Re: Telnet connection flood ignores |
|
|
Do you own the server that the bot is on? Are you root?
If so, do you know how to use iptables ?
I have only barely scratched the surface with iptables, and that was some time ago. It is very powerful, and highly configurable. You can easily make a mess of it, and block people that you don't want to be blocked, including yourself.
However, if you study it, it is a very useful tool.
With it, I'm thinking that you can block an ip or range of ips. If you do it at this level, the bot won't even ever see the incoming traffic at all.
Just a thought....
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia ! |
|
| Back to top |
|
|
caesar
Mint Rubber
Joined: 14 Oct 2001
Posts: 3741
Location: Mint Factory
|
| Posted: Sun Aug 04, 2019 3:31 am Post subject: |
|
|
Open up your eggdrop.conf file and at 'BOTNET/DCC/TELNET' section tell us what did you set on the 'listen' line? 'listen 3333 all' or something like this?
_________________
Once the game is over, the king and the pawn go back in the same box. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
