#robotics Logs
Oct 01 2018
#robotics Calendar
07:26 PM rue_mohr: Tom_L, should I run up my bot group to see if I can catch the spammers?
07:30 PM rue_mohr: technically, i just have to flip the switch
07:40 PM orlock: hmm
07:54 PM mrdata: rue_mohr, catch how?
07:55 PM orlock: with a net
07:55 PM orlock: and pitchforks
07:57 PM flav0r: high voltage
07:59 PM rue_mohr: has anyone seen this new spam?
07:59 PM rue_mohr: is #freenode still not answering anything and have the whole channel silenced?
08:00 PM orlock: rue_mohr: i havent.. only the very occasional "spam is offtopic" kline
08:02 PM rue_mohr: yea, its an internal admin infight for sure
08:02 PM rue_mohr: the spammer must be a freenode admin
08:03 PM orlock: not the oldcoder guy still?
08:03 PM orlock: trying to push his view that freenode staff are corrupt
08:04 PM rue_mohr: never heard, could be
08:05 PM rue_mohr: was he inline to get major control of freenode when ____ passed away?
08:07 PM orlock: https://haggishell.com/topics/general/internet_history.html
08:12 PM rue_mohr: huh
08:12 PM mrdata: i have seen the spam
08:13 PM mrdata: this wave of spam is basically from logged conversations
08:13 PM orlock: rue_mohr: Yeah, dont read too much of it
08:13 PM mrdata: on the various channels
08:13 PM rue_mohr: so
08:13 PM mrdata: so the matter of how to tell it is spam, is significant
08:13 PM rue_mohr: this goes back to me saying that freenode needs to identify the spammers as they connect
08:13 PM mrdata: yet they cant always do that
08:13 PM rue_mohr: so, how long do they hang out before they barf logs?
08:14 PM orlock: rue_mohr: i think they were going or did start doing some basic proxy tests
08:14 PM rue_mohr: its getting harder
08:14 PM mrdata: they scan your IP when you connect, but if you use NAT, then the router rejects a bunch of known vulnerabilities
08:14 PM rue_mohr: the slow responce to the spammers gives them lots of time to evolve
08:14 PM mrdata: so it isnt always possible to tell
08:14 PM rue_mohr: the ssh hackers are focusing on root logins
08:15 PM rue_mohr: they have a THICK dictionary they are throwing at ssh
08:15 PM rue_mohr: oh, and its 1 hacker
08:15 PM rue_mohr: I can tell cause of the alphabetical order
08:15 PM mrdata: yes
08:15 PM orlock: rue_mohr: you mean its orchestrated
08:15 PM rue_mohr: its one source behind all the hacking
08:16 PM rue_mohr: thru different machines
08:16 PM orlock: yeah - but team maybe, not one person
08:16 PM rue_mohr: its 1 dictionary
08:16 PM rue_mohr: I'm betting 1 person
08:17 PM rue_mohr: and its related tot eh irc attacks
08:17 PM rue_mohr: the ssh hacks are to build botnets, the botnets can be used against irc
08:17 PM rue_mohr: which is halarious
08:17 PM mrdata: most of the conversation was logged from tech forums
08:17 PM rue_mohr: cause their USING irc to tonctrol the botnets
08:17 PM mrdata: which is easy to spot as off topic in some forums
08:17 PM mrdata: perhaps not as easy on others
08:18 PM rue_mohr: these irc channels or just tech forums
08:18 PM mrdata: it's easy to spot off topic chatter
08:19 PM mrdata: especially if the spammer addresses a nick who is someone not in the channel
08:19 PM mrdata: but freenode isnt going to share how they discover that a nick is spam, if doing so could tip off the spammer
08:20 PM rue_mohr: thats been happening for 16 years now
08:20 PM mrdata: so it becomes an adversarial game
08:20 PM rue_mohr: thats been happening for 16 years now
08:20 PM rue_mohr: :)
08:23 PM mrdata: but mainly, they monitor users behaviour and if that matches a pattern the user gets booted
08:23 PM mrdata: several legit users have been swept away by this
08:24 PM mrdata: happened to me, too; but i managede to get on #freenode and tell them
08:24 PM mrdata: and they removed that pattern
08:31 PM orlock: been scad'ing up a new dovetail bracket and guidescope mount
08:32 PM orlock: to connect camera and secondary camera to my telescope mount
08:33 PM orlock: designing it with threaded hollows so i can insert a few lengths of M8 to hopefully increase rigidity