Javascript spam

January 17th, 2010

You may have noticed some unusual amounts of spam over the past few days, which has had an impact on a number of channels.  This spam is the result of some malicious javascript being distributed on a number of webpages which causes visitors to these pages to make a connection to freenode and send spam.  While we are doing what we can to mitigate the spam, we would ask that you take a careful look at any unusual sites or URLs you might visit in the near future to be sure you are not being tricked into visiting such a site.

If you have been banned from the network after clicking on one of these links, please email klines@freenode.net with your internet-routeable IP address. Visit http://myip.dk/ and include both the IP address and hostname provided on this site.  It’s also helpful if you let us know what nick you were using at the time.  We will address these requests as quickly as possible, but please be patient.

It is of course never a good idea to visit a link that’s not from a trusted source.  If you must do so, look into using a browser with limited or no scripting support (wget from the command line is a great solution here on linux, as is links) or using something like no-script for firefox.

If you run a channel on freenode, you might want to consider setting +R to prevent unregistered users from sending to the channel as the spambots described here will not be registered.  If you do so please consider being proactive about contacting unregistered users joining your channel to ensure they get the help they need, and feel free to send them to #freenode so network staff can help them register.

For users, now is an excellent time to register your nickname and setup your client to auto-identify.  You can find information about registering here.  Configuring your client to auto-identify varies depending on the client, but one easy way is setting up your client to send the nickserv password as your server password. Most clients have an option for this.

It is also worth noting we will be moving to a new ircd in just 13 more days, as described here.  This new ircd provides a number of exciting new capabilities including improved capability to deal with spam of all kinds, including this most recent type which is entirely mitigated by improvements in seven.

Posted in freenode, technical | 9 Comments »

ircd Migration Sat Jan 30th 2010

January 14th, 2010

In the coming weeks, we will be migrating freenode to our new ircd, ircd-seven.  Presently, freenode uses hyperion and efforts have been underway for some time move us off this platform for reasons of stability and functionality.  We are now almost there.

As users please be aware that during the migration all clients will be temporarily disconnected and will need to reconnect in order to move over to the new servers. For most of you this will happen as the old servers are shut down.

Please Note: While we will copy over channel modes and topics for registered channels (there will be no changes to the services database, all nick and channel settings with services will stay the same) we are unable to do so for channels NOT registered with ChanServ. If your project utilises non-registered channels for whatever reason, please make note of the topics and modes so you can make a manual transfer of these yourselves. For more information on registering a channel, see this post.

If you operate a channel on freenode and have any concerns, feel free to stop by #freenode to discuss any issues you might have.  If you run any channel utility bots, you may want to test them on the current testnet.  More information can be found here.

Important Changes

There are several significant changes users should be aware of in ircd-seven:

Channel quiets are no longer a modified version of bans but are now on their own list, queried with “mode #channel q”, and as such do not appear on the normal banlist.

After the migration, we will have ssl access available on the production network.

Identifying upon connection works as before but there are two new ways to do so: specifying username:password in the server password field will allow you to login to a specific account, and SASL authentication is also available.  Using SASL varies by client and is not supported in all clients.

The CAP command:

A brief summary:

  • The CAP LS command will list all client capabilities that are available to the client.
  • The CAP REQ :<cap1> <cap2> <...> command can be used to request one or more capabilities. The response to this will be either CAP ACK :<cap> <...>, or CAP NAK :<cap> <...>, depending on whether the request was successful.
  • A CAP name token can be prefixed by - to disable that capability. This was not available with hyperion’s CAPAB command.
  • CAP negotiation can take place either during connection and registration (as is required for SASL), or afterwards, to enable identify-msg.

For those implementing support for it, a full specification is at http://www.leeh.co.uk/draft-mitchell-irc-capabilities-02.html.

The IDENTIFY-MSG capability still exists but there is a new way to activate it.  It is now part of the CAP mechanism.   A script for irssi that understands both hyperion’s and seven’s identify-msg capability is available at http://adipose.attenuate.org/~stephen/ircd-seven/format_identify.pl.

The n= and i= prefixes are not used, instead ~ is prefixed to a non-identd username as is common in most other ircds.

For further information on changes that might impact you please visit http://freenode.net/seven-for-hyperion-users.html

As always, thank you for using freenode, and see you on the other side!

Posted in development, freenode | 7 Comments »

Happy New Year 2010

December 31st, 2009

The New Year is arriving in various parts of the world, and we’d like to take this opportunity to thank the people who continue making freenode possible.

Our very dedicated and generous hardware and bandwidth sponsors, for whom the tail end of 2009 have been a particularly challenging time, we’re very grateful for the extra manpower you’ve all put in to help with the recent DDoS attacks the network has been experiencing. While we’ve lost some sponsors due to the costs involved over the attacks, we’d like to thank those for the time they were able to continue supporting our services and express our complete understanding for the decisions they’ve had to make in choosing to discontinue the support. For those of our sponsors who have been able to continue providing hardware and bandwidth we’d like to thank you for your generousity and for the patience while the attacks have been ongoing.

We’d like to thank all the PDPC supporters for their donations, Canonical Ltd and the Gallery project for their generous donations, as well as those donations from indiviual users which in 2009 enabled us to purchase some additional hardware and bandwidth and we hope that the support continues throughout 2010 and that we’ll be able to start making some progress with the work on our upcoming freenode live conference. Your support is invaluable to us and we’re grateful for the continued support. Should you wish to become a donor; you may make a donation here.

We’d also like to thank the freenode staff volunteers, past and present, for administering the network and putting in a lot of time to help both projects and end users with their freenode experience.

And finally, we’d like to thank the most important people of all — the many projects and users who make freenode what it is. 2009 saw us passing the 60,000 concurrent users mark and it’s fantastic to see that so many people use and contribute to the various FOSS projects on the network. Thank you all for using freenode.

We’d like to wish you all 12 months of happiness, 52 weeks of fun, 365 days of success, 8760 hours of good health, 52600 minutes of good luck and 3153600 seconds of joy! Have a very happy New Year!

Posted in community, different, freenode, pdpc, social | 2 Comments »

December 15th DDoS

December 15th, 2009

We are currently experiencing heavy DDoS against several locations at which some of our servers are hosted. The attack is ongoing and cause a lot of disruption, both to users of the network and unfortunately to projects/companies/individuals whose infrastructure is hosted at the same locations as us. Our sponsors and our sponsors’ upstreams are working hard to try curb the attacks as best they can.

We will try keep this page updated with any significant information as and when we receive it, however, users of the network will also be able to receive (infrequent) status updates via global notice and slightly more frequent updates via wallops for those who have chosen to go +w (/umode +w or /mode yournick +w) will enable wallops in your irc client should you wish to see these. Global notices do not work on a opt-in basis, and are restricted to information we deem important, however for those of you who have absolutely no interest in what’s going on with the network you may /ignore *!*@freenode/staff/* notices in order to prevent global notices from displaying in your client.

We apologise for the inconvenience this no doubt causes for you and your project(s) and we would like to thank you all (in particular, our very generous and dedicated sponsors) for the patience and support while the issues are still ongoing.

Posted in Uncategorized | No Comments »

December 8 2009 Connectivity Issues and Netsplits

December 8th, 2009

As you are probably aware, we’ve been facing some fairly major splits today as there have been issues between some of our major hubs. We’ve rerouted these and are working on tracing down the cause of any other splits.  Please be aware, our staff are already hard at work on these issues and will resolve them as quickly as possible. Included here are 2 global notices about this matter.
-christel(i=christel@freenode/staff/exherbo.christel)-
[Global Notice] Hi all, we appear to be having some
connectivity issues with our main US hub, as a result of
this we are temporarily without  services, if this affects
your channel please contact staff in #freenode for
assistance. We’re looking into the issues as we speak. Thank
you for your patience.

-christel(i=christel@freenode/staff/exherbo.christel)-
[Global Notice] Hi all, we’re having some major issues with
connectivity at the DC hosting one of our hidden hubs, I’m
going to re-route around it,  which will cause about twice
as much noise as the splits already made. Apologies for the
inconvenience.

These and other issues are a large part of the reason for the upcoming migration to ircd-seven, and we still need your help in that regard.  We are still in need help testing the new ircd and working out the bugs.  If you would like to help out, have a look at this posting for information on how you can test the new ircd.

Thank you for using freenode, and have a great day!

Posted in Uncategorized | 1 Comment »

DCC spam, and how to handle it.

November 20th, 2009

We are aware of the recent DCC spam attempts, and we are working on this issue.  In the meantime, please do not paste the full DCC text you recieve in #freenode (or any other channel) as in many cases it can cause you to appear as a problem yourself.

Instead, feel free to report it by first verifying (using  the /whois command) that the sender is still online, and then reporting the sender in #freenode.  Please be aware that #freenode is a general help channel and we need to keep it clear of general chatter in order to support the many users of freenode.  If you wish to discuss anything other than an immediate support request, please find a more appropriate channel for the topic.

On this topic, please be sure to only accept DCC requests from trusted users and to be cautious about them at all times.  You may wish to consider filtering out the DCC requests using your clients ignore functions, or enabling umode +C to prevent CTCP messages from being received. If you would like help with these topics feel free to stop by #freenode or your clients support channel.

As always, thank you for using freenode.

Posted in Uncategorized | 2 Comments »

Testing the nets

November 9th, 2009

We’re in the late stages of testing our new ircd, ircd-seven, which is intended to replace our current hyperion ircd, and we need your help!

While we have been testing it regularly against some basic loads, nothing really replaces users, and we need as many as possible to connect, try it out, and report back with any issues.  Please note that ircd-seven differs from our current software; hyperion — and some bits of behaviour may differ, if your project/channels rely on the use of bots on the production network we encourage you to also test these on the testnet!  We would really like to stress, there are some significant changes in the new ircd so please do test the full functionality of any bots you require at this time, as we’ll be moving forward with this new ircd in the future.

To connet, use testnet.freenode.net for ipv4 or ipv6. Port 9002 listens for regular connections, while 9003 listens for SSL.

We want a lot of traffic, and while we don’t normally encourage it — you are welcome to bring bots and drones en-masse! So bring in the bots, simulate traffic, join your regular channels, talk or spout nonsense. You can find us all in #freenode when you’ve connected to the testnet.

To connect from irssi: “/connect -ssl testnet.freenode.net 9003″ for ssl and “/connect testnet.freenode.net 9002″ for non-ssl.
To connect from xchat, first open a new tab, then “/server -ssl testnet.freenode.net 9003″ for ssl and “/server testnet.freenode.net 9002″ for non-ssl.

Thank you for using freenode and for helping us out, and freel free to drop by #freenode on either network to report any issues you might have with the testnet.

–update–

Some of you are asking about user and channel modes, many of which will have changed.  You can get a listing of the user and channel modes and what they mean with “help umode” and “help cmode” respectively.  Some clients will allow this directly, using “/help umode” or “/help cmode” but in many you will need to instead use “/quote help umode” or “/quote help cmode”  Some clients also use /raw in place of /quote.

Posted in Uncategorized | 4 Comments »

When bots go bad..

November 1st, 2009

First off, allow me to apologise to all users affected by the recent “client killing” rampage of our utility bot; Syn. She appears to have gotten into the Halloween spirit a bit too much!

You may have noticed a large number of people disconnecting from freenode with the reason ‘Nick collision from syn.’ We feel we should explain what happened.

For those of you not already familiar with her, syn is a utility bot that, amongst other duties, regulates gateway access to the network. This could be web gateways such as CGI:IRC or our own webchat, NAT gateways, or some conferences and shell services. One of the things that she does, for web gateways in particular, is to match the reported IP address (hex-encoded in the ident field) against network bans, and deny the connection if a match is found.

It was this particular part that had an unfortunate pair of bugs resulting in the incident you observed. Firstly, in using sscanf() to detect a hex-encoded IP address in the ident field, the validation was not quite strict enough — any ident that *began* with a series of valid hexadecimal characters (the digits 0-9 and letters a-f) would result in a number being decoded. In normal circumstances, this would be relatively harmless as the resulting IP is clearly invalid — in most cases, it would begin 0.0.0., and not match any network bans.

Unfortunately, there was a second bug introduced more recently as part of a performance fix. This meant that in certain cases, a K:line whose host part contained wildcards would incorrectly match against these invalid IP addresses.

Each of these, taken in isolation, would be relatively innocuous, and so they slipped under the radar and made it into production. The combination of the two, however, had rather disastrous results.

We apologise, and welcome you to castigate our developers and staff for our incompetence and for allowing these bugs to make it into production.

Posted in Uncategorized | 3 Comments »

Free as in freenode

September 15th, 2009

Most of you are probably familiar with the various freedoms that are frequently stated, such as freedom of speech or expression.  While freenode does exist to promote communication amongst free and open source projects, it is not an open forum for all to use in any way.

The purpose and goals of freenode are simple, but often misunderstood.  Freenode is a privately operated special purpose irc network, aimed at improving communication between developers, and users, and others interested in free and open source software.  These people and their ability to communicate efficiently are our primary concern and focus.  The “free” in freenode in intended to indicate this goal, and our commitment to providing a collaboration platform for those with an interest in free and open source software, rather than “freedom of speech or expression”.

As a private network, we do reserve the right to limit the sort of content allowed on freenode.  Some of things considered on and offtopic are outlined here.

Hopefully this clears up a little about what the “free” in freenode actually stands for (and what we do, as well).

Posted in community, free software, freenode, philosophy, social | 8 Comments »

Web chat updates

July 26th, 2009

Over the last few  weeks we have had quite a bit of feedback from our new web chat client.  As a result of this we’ve been able to feed back requests to the qwebirc developers who have been able to add many requested features:

  • Optional Nick colour support
  • Optional join, part and quit message hiding
  • Optional last position indicator to track which content is new since you last focused on IRC
  • CSS changes to highlight messages from yourself
  • https support
  • NickServ authentication

Some of the optional features are disabled by default, but can be enabled in the option pane, accessible from the menu (top left).

Posted in development, free software, freenode, open source, webchat | 6 Comments »

« Older Entries
Newer Entries »