egghelp.org community

[cheesegoduk]

Hello
I currently have a bot that sits about in a channel I am an operator in that I op during the day when I am the only op about, Or if trouble happens, eg botfloods. So far its proved to be quiet effective at removing most troublemakers we have had and its help keep peace in the channel

However of late we have come across a new type of attacking bot, A user signs on with a random nick for example xeohdkysm or hedcoikpl Instead of joining the channel all at once, they join about 30 seconds after each other. However they don't really do any damage apart from just sitting there idling and when one parts, Another user joins a few seconds after.
I was wondering if there was a .tcl script anywhere that would pick up these random nicks and kickban the user. Other than putting +i on the channel I can think of no otherway of removing these bots unless the person who controls the botnet gets bored(or a life) and stops.

Thanks for your help
Cheesegoduk

[ppslim]

You must see the inherant problems with this.

To a bot, all nicknames look random.

To a bot, user A could be perfectly normal, but B is one of those spamming bots. All eggdrop knows is that user A isn't user B

Just the same way you can't tell the hair colour of the person you are speaking to on a phone (provided you don't allready know ), eggdrop doesn't know unless it is told.

While Tcl scripts could be created to teckle the problem, they would be over complex and would not work right off.

Alternatives include building a list of known users (IE, the userlist). You can then kick all users that join and idle for periods of time, ignoring those that are in the userlist.
_________________
PlusNet Supported Customer - Low cost UK ISP services

[Dedan]

this is not a fix, but if you set the room +R with
a timer that would unset it in 30 minutes,
might help you until you find a better solution.
_________________
I once was an intelligent young man, now i am old and i can not remember who i was.

[Sir_Fz]

ppslim's solution is very good actually. if u collect all their hosts, u can get rid of them.

anyway, in irc there is a script which bans on random nicks, I don't know if it can be done using tcl (bu I think it can).
its like this (in mIRC) : if ( a !isin $nick ) && ( e !isin $nick ) && ( i !isin $nick ) && ( o !isin $nick ) && ( u !isin $nick ) && ( $asc($left($nick,3)) !isnum 65-97 ) && ( _ !isin $nick ) && ( ^ !isin $nick ) && ( - !isin $nick ) && ( 200 !isin $nick ) && ( ` !isin $nick ) && ($len($nick) > 3) && ( $mid($nick,1,1) != $mid($nick,2,1) ) && ( $mid($nick,1,1) != $mid($nick,3,1) ) && ( $right($nick,1) !isnum 0-9 ) && ( $asc($left($nick,1)) != 123 ) && ($nick != wyld)
_________________
Follow me on GitHub

- Opposing

Public Tcl scripts

[Dedan]

&& that's alot of &&'s
_________________
I once was an intelligent young man, now i am old and i can not remember who i was.

[caesar]

Well, I've did a lil forum search cos I've remembered I've noticed something about the random nicks and stuff and found something interesting, this post. Have a look on/over it, maybe it helps. Funny thing is that you and Sir_Fz (among with oters) replied to it..
_________________
Once the game is over, the king and the pawn go back in the same box.

[Sir_Fz]

lol yeah, but that regexp works for only one type of nicks.
and yeah I know we can do a regexp like the mirc code i posted above. even though I've read ppslim's post about regexpr in the TCL faq forum, still i don't have experiance or scripts to learn on...

so if u or somebody else can create a regexpr as the mirc code I mentioned above, it would realy be cool.
_________________
Follow me on GitHub

- Opposing

Public Tcl scripts

[ppslim]

First off, see the mirc forums, they have some greate people doing regexp work there.

Second, what is your above code supposed to do?

Due to all the &&'s, every single one of the tests must equal 1, otherwise the end result is 0.

I have placed a small test into my mIRC client, and I managed to come out with nicknames that would fail some, and some that would pass all.

Thus your code is confusing, and it does both false posatives and failure to detect.
_________________
PlusNet Supported Customer - Low cost UK ISP services

[Sir_Fz]

yeah. but with me, the probability for it to fail is 1/100. as all the nicks that I kick using this code are random and they are spammers or flooders.
_________________
Follow me on GitHub

- Opposing

Public Tcl scripts

[TsT]

[Sir_Fz]

okay thanx
a person can learn it by readin this post
_________________
Follow me on GitHub

- Opposing

Public Tcl scripts

[z_one]

TsT wrote

[Sir_Fz]

ur right about the i, but not the y.
so I guess it should be like this:

[user]

Here's a great idea which i'm about to patent:
Look the nick up in a dictionary. If not found; kick the person telling them to correct the spelling error.

Seriously though...
Have you tried using soundex? I think it would work much better than just relying on the random string not containing certain chars. I suggest using a soundex "dictionary", a list or array of soundexes based on the words from a real dictionary + common names. This dictionary could then be searched to see if the soundex of a nick == some existing word's soundex, which should weed out most random strings.

Then you could have a mechanism for re-entering the room that you tell about in the kick reason, so those not meant to be kicked can rejoin. (a /msg command or what ever)

This is of course just theory and fairly cpu/memory intensive stuff, but IMO worth a try

[Sir_Fz]

yeah, that's not a bad idea. but still there are some nicks that are not in a dictionary (as have no meaning), so it might be more messy than the regexp mentioned.
_________________
Follow me on GitHub

- Opposing

Public Tcl scripts