Setting More Specific Channel Bans

Last week, I explained how to set a simple channel ban that takes care of most situations. Occasionally, you need a stronger or different kind of ban. This week I’ll explain the more complicated channel bans that you can use. Check the Extended Ban tutorial for additional options.

First, you need to understand the different parts of a person’s connection information, which you can find using the WHOIS command. This is the way that information is included in a ban:

nick!ident@specific-hostmask.domain-info

Here is what that information means, with examples from the WHOIS information for LordBaconCheeseburger, which is ~TFlash@protectedhost-BACONYUM.hsd1.ga.comcast.net:

  • nick = the user’s nickname
    LordBaconCheeseburger in our example

  • ident = the user information, either set by the client or set by the user in the client’s settings
    TFlash in our example

  • specific-hostmask = the unique part of the person’s network connection information
    protectedhost-BACONYUM in our example

  • domain-info = the more general information about the network connection
    hsd1.ga.comcast.net in our example

You can set a ban using any of this information. The basic format stays the same. You simply vary the unique information necessary to identify a person. I’ll provide examples for several options below:

To ban someone who uses a specific nick: /mode #channel +b nick!*@* For example, to ban anyone using the nick LordBaconCheeseburger from the channel #topgear, you would use this command: /mode #topgear +b LordBaconCheeseburger!*@*

To ban someone whose nick changes slightly: You can also use the * as a wildcard in the nickname. Say the person has a habit of adding endings to the nickname (like |away, |home, and |work). Just add a wildcard at the end of the nickname to ban all the different versions. Your command would look like this:
/mode #topgear +b LordBaconCheeseburger*!*@*

To ban someone who always has the same ident: /mode #channel +b *!ident@* Because this information can by set by the client, be careful with these bans. In the case of web-based clients like GeekShed’s Flash client or Mibbit, the ident is the same for everyone. For example, this command: /mode #topgear +b *!TFlash@* would ban everyone using GeekShed’s Flash client from the channel #topgear.

To ban everyone who uses a specific network connection: /mode #channel +b *!*@*domain-info. You can make this ban as specific as you like. Here are some examples, using the information for banning LordBaconCheeseburger from the channel #topgear:
      /mode #topgear +b *!*@*comcast.net bans everyone using Comcast
      /mode #topgear +b *!*@*ga.comcast.net bans everyone in Georgia using Comcast
      /mode #topgear +b *!*@*hsd1.ga.comcast.net bans everyone using the Comcast hsd1 server in Georgia

To combine bantypes: You can also combine these different banning techniques. For instance, you have had a lot of trouble with people using the GeekShed Flash client who connect from Georgia using Comcast. To ban them all from the channel #topgear, use this command: /mode #topgear +b *!TFlash@*ga.comcast.net

Before you try any of these bans, of course, be sure to check the information against others in the channel to avoid accidentally banning someone. Be sure that you have set the appeal information for your channel, so that people know what to do if they are banned accidentally.

Finally, for more details on how these bans work, check out the Bans & Mask Type Definitions from the Undernet website.

—posted by Tengrrl/Bunny

 

What Is A Hostmask?

When you connect to GeekShed, the server reads information from your client and sets a hostmask that is used to identify you on the network. Perhaps obviously, your hostmask hides (or masks) some of the specifics about your connection (in other words, your host). Your hostmask will take this general format:

nick!user@host 

For example, here’s the hostmask for the LordBaconCheeseburger:

LordBaconCheeseburger!~TFlash@protectedhost-DC62ACB5.hsd1.va.comcast.net

For that example:

  • nick = LordBaconCheeseburger
    It’s whatever nickname the person is using.

  • user = ~TFlash
    It’s the name set in your client. If there’s a leading tilde (~), the client is not running identd.

  • host = protectedhost-DC62ACB5.hsd1.va.comcast.net
    It’s the masked hostname of your connection. Your unmasked hostname is never publicly available.

You may have noticed that some people have vhosts, a virtual hostname, which hide their real connection’s name. On the GeekShed network, you can be assigned a vhost if you donate to the site or if you have been registered for 90 days or longer. If LordBaconCheeseburger donated $5 to the network, for example, his hostmask could change to LordBaconCheeseburger!~TFlash@nickel.supporter.geekshed.net. If someone has a vhost, you can still see the person’s actual hostmask with the command, /userip <nick>.

 

 

—posted by Tengrrl/Bunny

Can People on GeekShed See My IP Address

Every now and then, a question that arises in #help is if people can see the IP address of another individual. Since GeekShed encrypt users’ IP addresses and hostmasks the short answer is no, other people can not see your IP address.

The long answer is the following:

The only people that can see a user’s IP address is the user, and network staff. Anyone else will see an encrypted version of the IP address, or an encrypted version of the hostname if the IP address was able to be resolved.

Examples:

  • Instead of seeing host127-68-124-93.range127-124.virginmedia.com, other users will see protectedhost-A8B9B24A.range127-124.virginmedia.com
  • Instead of seeing 134.65.154.12, other users will see AD171E0.223C44F1.789AD83A.IP

Some users claim that they are able to see the IP address of other users. This is incorrect. What they are seeing is the IP address of the page they see when they try to visit a domain that does not resolve.

Examples:

  • If they claim to know the IP address of a staff member, with the geekshed.net vhost, the IP they really see if that of the server the geekshed.net website resides on.
  • If a user of OpenDNS claims to know the IP address of the virginmedia user (from the previous example), what they will really see is 208.69.36.132, which actually resolves to hit-nxdomain.opendns.com.
  • Some clients may resolve the “primary” domain name itself, in which case the user would see 212.250.162.12 for virginmedia.com

Disclaimer: this all goes out the window if the user unsets usermode x, which is the mode that hides their IP address/hostmask. This mode is set by default on connect and is removed either by doing “/umode2 -x” or “/hs off”. If umode x ever gets unset it can be turned back on with “/umode2 +x”