Floods
Flood Protection
Help! This extremely obnoxious person keeps harassing me with messages/flooding me. What should I do?
Nick Flood:
The changing of nicks over and over making the channel window to be flooded with nick change notices. Luckily StarLink’s server code prevents nick floods by forcing you to wait 30 seconds to change to another nick after your first nick change.
Channel Floods:
Multiple lines of text sent to a channel. Most often people consider more than 5 lines at once to be a channel flood.
Flash Flood:
This flood only affects people using unix. This flood is when a user on a shell sends a command code that causes the other shell (another unix user) users in the same channel to have their screen codes reset so that it becomes unreadable. You can prevent this by typing ‘mesg n’ at the shell prompt BEFORE you log onto irc.
CTCP Floods:
This flood is one of the most annoying to users. Other types of floods cannot necessarily disconnect you but this one may. This flood is when a user repeatedly and rapidly (most likely by using some sort of script) sends ctcp info requests to you. The most common requests are /ping /version /time … Client programs such as mIRC, PIRCH and IRCle are automatically respond to these requests by sending back information. because your system is sending back so much information so quickly, your system can exceed its sendq buffer allowance which will cause you to disconnect. The DCC Floods: Similiar to a CTCP flood but a user is sending you repeated DCC requests for chat or files. /silence *!*user@*.address.com should prevent this.
Winnuke:
It is possible to remotely cause denial of service to any windows 95/NT user. It is done by sending OOB [Out Of Band] data to an established connection sent to a the windows user. NetBIOS [139] seems to be the most effective since this is a part of windows. Apparently windows doesn’t know how to handle OOB, so it panics and crazy things happen. I have heard reports of everything from windows dropping carrier to the entire screen turning white. Windows also sometimes has trouble handling anything on a network at all after an attack like this. A reboot fixes whatever damage this causes. Mircosoft has issued patches (fixes) for these problems. PLEASE NOTE: Winnuking is *NOT* affiliated with irc except for obtaining a ‘target’ StarLink Administration can *NOT* gline/kline or kill a user for a suspected attack. The best way to deal with a attack is to install the fixes and /ignore or /silence the user(s).
ICMP Ping:
The issue relates to Windows NT and Windows 95 machines. The issue requires the attacker to send an ICMP (PING) packet where the actual packet size and the size specified in the header do not match to a Windows NT or a Windows 95 machine. This packet causes the machine to become unresponsive. Unauthorized users cannot access any data on the affected machine(s). Resetting the system will resume normal service. Again the best way to prevent attacks are to obtain the fixes and to /ignore or /silence the user(s).