EFnet IRC Network Forum

Hey, just curious about EFNet and spoofing. Obviously admins now have the ability to add spoofs to their ircd configuration but what about spoof exploits? I recall years ago there being exploits that allowed end users to spoof hosts and I had originally thought that was cleared up. Recently I have heard more and more about users once again being able to spoof. I was just wondering how truthful this was and if so how come these servers are allowed to remain linked if they are in anyway exploitable?

exploits? no

1. using ipv6 while also resolving the host 'on ipv4' to someone elses ip
2. changing/removing the ip your host resolves to after connecting. while the ip will be cached in the nameservers the ircd is using for some time.. it will eventually go away. which is why some ircds now show the ip a user connected from in whois-output.

prefect wrote:exploits? no

1. using ipv6 while also resolving the host 'on ipv4' to someone elses ip
2. changing/removing the ip your host resolves to after connecting. while the ip will be cached in the nameservers the ircd is using for some time.. it will eventually go away. which is why some ircds now show the ip a user connected from in whois-output.

Yeah I'm aware of adding an A record along with an AAAA record to trick people into believing your IP is different.
And as for the whole change A record after connection that was a lot more useful back when nobdy knew about it, surprised it took as long as it did to catch on.

I suppose I've just been hearing lame rumors; glad this is the case. I enjoy using autoop in non-public channels.

Thanks

are you talking about that spoofing exploit that used to exist on dalnet ircds? there is a program called dr spoofee or something similiar that used to exploit that.