[00:04] <AfterDeath> bots incoming to #ubuntu
[00:09] <PriceChild> ok
[00:10] <AfterDeath> 00:01:33 -!- ArtistePorno [n=artistep@c-69-243-251-207.hsd1.mo.comcast.net] has joined #ubuntu
[00:10] <AfterDeath> 00:01:33 -!- Dj_amtzu [n=dj_amtzu@c-69-243-251-207.hsd1.mo.comcast.net] has joined #ubuntu
[00:10] <AfterDeath> 00:01:33 -!- LaMuncBa [n=lamuncba@ool-18b8935a.dyn.optonline.net] has joined #ubuntu
[00:10] <AfterDeath> (example) ^
[00:18] <firecrotch> #ubuntu-read-topic says I should ask here to be tested...
[00:19] <PriceChild> firecrotch, did you read the bit before that?
[00:21] <firecrotch> PriceChild:  Yup.  I'm on port 8001 now
[00:21] <PriceChild> firecrotch, Thanks, you can rejoin #kubuntu
[00:22] <AfterDeath> On another note, is there a reason that #ubuntu-read-topic isn't +t ?
[00:22] <firecrotch> PriceChild:  Thank you very much.  Cheers!
[00:23] <PriceChild> A few more suspicious joins AfterDeath?
[00:24] <AfterDeath> PriceChild: yeah
[00:24] <PriceChild> How hard do we have to make it for them until they decide its just not worth the time or effort.
[00:24] <AfterDeath> basically, watch for joins in sets of 3, where each client joining has nick=realname=truncated ident
[00:25] <PriceChild> Not much I can/should do though :/
[00:25] <PriceChild> There is another three...
[00:25] <AfterDeath> yep
[00:26] <Pici> hrm
[00:26] <AfterDeath> also, it looks like they aren't registering
[00:26] <PriceChild> I guess that is something.
[00:27] <AfterDeath> and either the bots have [umode that prevents being forwarded], or they're precisely joining 3-at-a-time
[00:27] <Pici> Not much we can do until they attack though
[00:27] <PriceChild> There is 3 more
[00:27] <PriceChild> nalioth, are you around?
[00:28] <AfterDeath> again, and Adrian^34 tripped a dnsbl alert
[00:28] <PriceChild> actually they're coming in 4s....
[00:28] <PriceChild> just the 4th is always a few seconds later
[00:28] <AfterDeath> hmm, interesting
[00:29] <AfterDeath> quux seems to be around
[00:30] <tonyyarusso> PriceChild: how many is it so far?
[00:30] <PriceChild> tonyyarusso, half a dozen groups...
[00:30] <PriceChild> at least
[00:30] <tonyyarusso> Interesting
[00:31] <AfterDeath> either way, be ready to +R at an instant
[00:31] <AfterDeath> assuming the floodbots don't do that already
[00:31] <PriceChild> AfterDeath, any chance of putting me onto hilights from asm for #ubuntu please?
[00:31] <AfterDeath> yup
[00:33] <PriceChild> They're getting quicker.
[00:33] <no0tic> :S
[00:34] <PriceChild> This is getting ridiculous
[00:34] <ubotu> FloodBot2 called the ops in #ubuntu-ops-monitor (mass join)
[00:34] <ubotu> FloodBot3 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[00:34] <ubotu> FloodBot1 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[00:35] <ardchoille> I'd like to see what's going on, maybe I can learn from this
[00:35] <PriceChild> LjL, the bots just -J'd.... they shouldn't have
[00:35] <PriceChild> Why are they +J'ing?!
[00:36] <PriceChild> *-J'ing
[00:38] <PriceChild> LjL, I deopped the bots to +J, but they opped and -J'd for some reason
[00:38] <Pici> Somethings wrong with who the bots are banning too.
[00:38] <Pici> 19:36:07 <FloodBot1> Banning CTCP/NOTICE attacker vincenz (87.5.148.49)
[00:39] <PriceChild> yes he wasn't flooding...
[00:39] <Pici> Or perhaps someone is exploiting people who where in the channel
[00:39] <Pici> Or not /me shrugs
[00:40] <AfterDeath> woah, bot collaberation for faster banning is win++
[00:40] <Pici> AfterDeath: Unless its banning the wrong people
[00:40] <AfterDeath> yeah, heh
[00:40] <PriceChild> Pici, check your lastlog.... do you agree that was a legitimate user?
[00:41] <Pici> PriceChild: Definitly
[00:41] <Pici> I even remember him
[00:41] <PriceChild> Ok.
[00:41] <PriceChild> Pici, tonyyarusso I'm going to remove the bots from the access list because that's not good. Agreed?
[00:41] <PriceChild> THey set a lot of bans there and there were probably others
[00:41] <LjL> PriceChild: they -J if the detect a "netsplit", i.e. too many users quit. actually, they don't do this anymore (i changed that yesterday), but floodbot2 still does
[00:41] <LjL> i suppose it was bot2 doing the -J
[00:41] <tonyyarusso> PriceChild: for the time being, sure.  Hopefully it gets fixed though.
[00:41] <Pici> LjL: What about the bans?
[00:41] <PriceChild> ah LjL is here
[00:41] <LjL> dunno, i've just looked at this channel
[00:41] <PriceChild> please see hilights for a few issues :)
[00:41] <LjL> let me see
[00:42]  * tonyyarusso defers to him
[00:42] <Pici> Well, we only hilighted him like 10 times
[00:42]  * AfterDeath can't see why he was banned
[00:42] <LjL> don't kick bot2 unless nalioth is around
[00:42] <LjL> but feel free to kick bot1 and bot3
[00:43] <AfterDeath> Pici: what is the timestamp on this message?
[00:43] <Pici> AfterDeath: which?
[00:43] <AfterDeath> the one I just said ^
[00:43] <Pici> 19:43:02
[00:43] <AfterDeath> k
[00:44]  * PriceChild waits for LjL before doing anything
[00:44] <LjL> how wait, how many attacks were there? which attack yielded wrong bans?
[00:45] <LjL> i see an exploit attack earlier, and then now this quite huge ctcp attack
[00:45] <PriceChild> LjL, its this attack right now
[00:45] <LjL> PriceChild: the wrong bans were what? i don't see afterdeath banned for instance
[00:45] <PriceChild> there was definitely at least one wrong ban, which i just removed
[00:45] <Pici> LjL: hes not
[00:45] <AfterDeath> That's bizzare, I can't see why it banned him
[00:45] <PriceChild> 87.5.148.49
[00:46] <PriceChild> my lastlog shows nothing but normal talk from him and his ip
[00:46] <LjL> vincenz?
[00:46] <PriceChild> yup
[00:46] <AfterDeath> there's no connection between that IP and any of the attackers (such as nick, realname, ident)... and he didn't do anything
[00:46] <AfterDeath> I'll bbiab
[00:46] <LjL> PriceChild: [01:35:07] * vincenz wonders
[00:46] <LjL> it was this
[00:46] <Pici> Why?
[00:46] <LjL> if someone does a CTCP - even an ACTION - during an attack
[00:46] <LjL> it's considered part of the attack
[00:47] <Pici> ahh
[00:47] <PriceChild> Bug!!! :)
[00:47] <Pici> Understandable.
[00:47] <Pici> No.
[00:47] <Pici> What if it was an /action attack?
[00:47] <LjL> PriceChild: well, not quite. i implemented that *because* one attack (which was made while the bots were already around, but ignored ACTION) was carried out using ACTION
[00:47] <PriceChild> They really are watching these bots and adapting to them.
[00:48] <LjL> yes.
[00:48] <Pici> Its creepy
[00:48] <Pici> s/screepy/scary
[00:50] <LjL> anyway, i'll remove that, it was an ill decision
[00:50] <LjL> it's like banning on PRIVMSG, an ACTION, although it's a CTCP, isn't really different in practice
[00:50] <Pici> I think its a feature.. but whatever.
[00:50] <LjL> Pici: a side effect of banning people who wonder is not a desirable side effect
[00:50] <Pici> LjL: Will this protect against /me floods?
[00:51] <LjL> what's more serious though is the fact that i only see bot2 doing the bans
[00:51] <LjL> and, once again, very very late
[00:51] <sysdef> LjL: in what language the bots are written?
[00:51] <LjL> Pici: yes, it's intended to do that. but what if it's just a PRIVMSG flood? what difference does it make? but in the former case (CTCP ACTION), it bans the "offender", in the latter (PRIVMSG), it just sets +rR and doesn't ban anyone
[00:52] <LjL> sysdef: i'm ashamed to tell since everyone thinks it's not a language to be ever used for anything serious... but php
[00:52] <Pici> Okay.
[00:52] <sysdef> LjL: the source is open?
[00:52] <LjL> sysdef: no, it was decided to keep it closed, at least until it has stabilized.
[00:53] <nalioth> was ist los hier?
[00:53] <LjL> but wait, why did people excess flood *at all*?
[00:53] <LjL> i don't see any CTCP VERSIONs in the attack
[00:53] <LjL> i just see ACTIONs
[00:53]  * Pici looks
[00:53] <sysdef> nalioth: die bots spinnen!
[00:54] <LjL> nalioth: the bots banned a legitimate user
[00:54] <PriceChild> LjL, i think those were the bots?
[00:54] <LjL> PriceChild: eh?
[00:54] <LjL> ah
[00:54] <sysdef> nalioth: w00t. that was perfect german ;)
[00:55] <Pici> sysdef: The attackers are already savvy enough to adapt to the effects of the bots being there, its scary what would happen if they could see the source.
[00:55] <LjL> anyway, i'm still in favor of having the bot set +m briefly on such attacks.
[00:55] <LjL> you just cannot ban fast enough
[00:56] <sysdef> LjL: i guess a ctcp action aka /me sould be filtered out
[00:56] <PriceChild> Pici, hehe.... that's an argument regularly used for open source...
[00:56] <LjL> and in the case of PRIVMSG or ACTION, you just cannot ban *at all* without the risk of banning legitimate users
[00:56] <LjL> sysdef: yes, i will do that, however the bots then won't be able to stop an attack like this *at all*
[00:56] <LjL> they'd just +rR. the bots didn't much care about that. they were quite registered.
[00:56] <sysdef> LjL: the reason
[00:57] <PriceChild> I set -r
[00:57] <sysdef> LjL: the reason i ask is, maybe i can send fixes (i code also php, yes. who dont?)
[00:58] <Pici> I see some non-printable characters in one of the actions... I dont know what they are though
[00:58] <tonyyarusso> me too
[00:58] <Pici> 19:34:32 * salomeea
[00:58] <Pici> I really dont know enough about IRC to know if that could cause an issue though.
[00:58] <LjL> who cares
[00:58] <LjL> nah
[00:58] <LjL> at worst it might be something that tries to exploits mIRC clients.
[01:00] <sysdef> LjL: what about counting the ctcp actions? if you detect a ctcp action flood you can catch them. this will minimize the collateral damage
[01:00] <no0tic> Pici, it prints "SHIT"
[01:01] <LjL> sysdef, that's precisely what is done, but it's not counted *per user* (that would be a bit tricky to do, the way the code is organized. also, if it were counted per user and people only banned after a certain amount has been sent from them, the bans would come very late)
[01:01] <Pici> no0tic: nice, two hilights at once.  What do you mean?
[01:01] <LjL> (i mean, they came very late *anyway* in this case, but i'll have to check why they did that)
[01:01] <no0tic> Pici, salomeea and the others bot printed non-printable charachters like ▄▄█▀▀ █▬█ █ ▀█▀
[01:02] <LjL> no0tic, nope, there were *other* messages sent that printed something else
[01:02] <Pici> no0tic: nono, There was one bot that printed some control characters.
[01:02] <LjL> like this: Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â„Ã¢Â–Â„Ã¢Â–ÂˆÃ¢Â–Â€Ã¢Â–Â€ Ã¢Â–ÂˆÃ¢Â–Â¬Ã¢Â–Âˆ Ã¢Â–Âˆ Ã¢Â–Â€Ã¢Â–ÂˆÃ¢Â–Â
[01:02] <jdong> O_O
[01:02] <no0tic> ah
[01:02] <Pici> 19:34:32 * salomeea Ã¢â€“â€žÃ¢â€“â€žÃ¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â‚¬ Ã¢â€“Ë†Ã¢â€“Â¬Ã¢â€“Ë† Ã¢â€“Ë† Ã¢â€“â‚¬Ã¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â€žÃ¢â€“â€žÃ¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â‚¬ Ã¢â€“Ë†Ã¢â€“Â¬Ã¢â€“Ë† Ã¢â€“Ë† Ã¢â€“â‚¬Ã¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â€žÃ¢â€“â€žÃ¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â‚¬ Ã¢ï¿½@SË†Ã¢â€“Â¬Ã¢â€“Ë†  Ã¢â€“Ë† Ã¢â€“â‚¬Ã¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â€žÃ¢â€“â€žÃ¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â‚¬ Ã¢â€“Ë†Ã¢â€“Â¬Ã¢â€“Ë† Ã¢â€“Ë† Ã¢â€“â‚¬Ã¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â€žÃ¢â€“â€žÃ¢â€“Ë†Ã¢â€“â‚¬Ã¢â€“â‚¬ Ã¢â€“Ë†Ã¢â€“Â¬Ã¢â€“Ë† Ã
[01:02] <Pici>  â–ˆ â–€â–â–€â–„â–„â–ˆâ–€â–€ â–ˆâ–¬â–ˆ ˆâ–ˆ â–€â–ˆâ–€â–„â–„â–ˆâ–€â–€ â–ˆâ–¬â–ˆ â–ˆ â–€â–ˆâ
[01:02] <no0tic> I read those like pici
[01:03] <Pici> I specifically meant �@S
[01:03] <Pici> That doesnt print correctly here, but it might just be something my font doesnt handle
[01:04] <Pici> �   used to replace an incoming character whose value is unknown or unrepresentable in Unicode
[01:04] <AfterDeath> PriceChild: wrt adaptation, I think the key is that a spammer usually is communicating a message of some sort
[01:04]  * Pici shrugs
[01:04] <holotone> can I please be tested
[01:04] <holotone> so that I can join #ubuntu
[01:04] <LjL> sure
[01:04] <Pici> holotone: stand still plesae
[01:04] <holotone> LjL:
[01:04] <holotone> thanks
[01:05] <holotone> aye, thanks
[01:05] <Pici> Are we giving people the benefit of the doubt when they ask to be tested?
[01:05] <LjL> hm?
[01:05] <LjL> i tested him.
[01:05] <PriceChild> LjL, floodbot is copying your unbans?
[01:05] <Pici> Well, if I was banned for bad behavior, I'd come in here and ask to be tested.
[01:05] <PriceChild> Pici, we check the ban we're removing :)
[01:06] <LjL> Pici: if you were banned for bad behavior, you won't have a ban saying pici!*@*!#ubuntu-read-topic
[01:06] <Pici> I always check on the bantracker, since I dont have a way to search the bans on irssi
[01:06] <Pici> Okay :)
[01:06] <AfterDeath> LjL: is the source code for floodbot available?
[01:06] <LjL> no
[01:06] <PriceChild> AfterDeath, see above
[01:06] <Pici> Unless of course, someone would be willing to share an irssi plugin that could help me.
[01:07] <LjL> PriceChild: that's a bug i introduced yesterday i think... you'll have noticed that, when you -r'd, the bot -r'd too. that's to prevent desync. i guess the regex is wrong though
[01:07] <AfterDeath> ah
[01:07] <PriceChild> LjL, yup
[01:07] <PriceChild> LjL, what with bans being mode changes
[01:07] <LjL> Pici, i always ban using nickname!*@*!#ubuntu-read-topic for exploit victims. most other ops do the same.
[01:07] <Pici> Arelis: how can we help you?
[01:07] <Arelis> Pici: I was just checking. an xmonad developer wants it packaged into Ubuntu
[01:07] <Pici> LjL: as do I.. not that I've gotten the chance since the bots have been doing a great job of that.
[01:07] <Arelis> so i checked if he could ask it here
[01:07] <Pici> !newpackage | Arelis
[01:07] <ubotu> Arelis: The packaging guide is at http://wiki.ubuntu.com/PackagingGuide - See https://wiki.ubuntu.com/UbuntuDevelopment/NewPackages for information on getting a package integrated into Ubuntu - Other developer resources are at https://wiki.ubuntu.com/UbuntuDevelopment - See also !backports
[01:08] <PriceChild> Arelis, /topic
[01:08] <Pici> Arelis: #ubuntu-motu is the place you want to be :)
[01:08] <Pici> or not.
[01:08] <LjL> PriceChild: well, i'm checking for something like "-[^ ]*(r|R)", it shouldn't in theory catch unbans... i'll look
[01:09] <PriceChild> LjL, could you also check out why it opped to +J when I had -J'd it?
[01:09] <LjL> PriceChild: isn't that vice versa?
[01:09] <PriceChild> pardon?
[01:09] <PriceChild> gah
[01:09] <LjL> PriceChild: didn't you mean -J when you had +J'd?
[01:10] <PriceChild> could you also check why it opped itself to +J when I deopped it and -J'd the channel?
[01:10] <PriceChild> gah
[01:10] <PriceChild> other way around still
[01:10] <PriceChild> could you also check why it opped itself to -J when I deopped it and +J'd the channel?
[01:10] <AfterDeath> heh
[01:10] <PriceChild> Why was it -J'ing in the first place even?
[01:10] <LjL> PriceChild: because it thought there was a netsplit. too many people had parted.
[01:11] <PriceChild> ahh gotcha, you'd already explained that one too sorry :)
[01:11] <LjL> PriceChild: remember the priority when writing them was making sure that they would *always* remove the limit on splits
[01:11] <AfterDeath> LjL: You know there's an easier way to track netsplits, right?
[01:11] <PriceChild> any chance we can get it to recognise netsplits by the server name in the quite message?
[01:11] <LjL> AfterDeath: looking at the quit message does the trick mostly
[01:11] <PriceChild> *quit
[01:11] <LjL> PriceChild: it does
[01:12] <LjL> PriceChild: it *also* checks for excessive difference between users and limit, however.
[01:12] <PriceChild> so why'd it decide that was a netsplit?
[01:12] <LjL> it checks both ways.
[01:12] <AfterDeath> LjL: right, so can't you just look for large number of quits that are QUIT somedude :blah.freenode.net alsoblah.freenode.net or w/e
[01:12] <PriceChild> does it need to check for it being too low?
[01:12] <LjL> AfterDeath: i look for even just *one* quit like that.
[01:12] <AfterDeath> ah
[01:12] <LjL> PriceChild, it most likely doesn't.
[01:12] <LjL> i introduced that redundancy to make *absolutely sure* it would -J on netsplit
[01:13] <LjL> remember it was +l originally, and setting the wrong +l is quite bad, much worse than setting the wrong +J
[01:13] <PriceChild> indeed
[01:13] <LjL> i can probably remove that check now
[01:13] <AfterDeath> actually, I don't believe +J usually matters on a netsplit
[01:13] <LjL> but then don't balme me if they miss server deaths :P
[01:13] <PriceChild> AfterDeath, yeah but on server death...
[01:13] <AfterDeath> if the server actually dies . ^
[01:13] <AfterDeath> but server death is extremely rare
[01:14] <PriceChild> AfterDeath, its sods law.... #ubuntu +J's, freenode dies.
[01:14] <LjL> AfterDeath: well, it is the reason we stopped using +J in the first place, though.
[01:14] <AfterDeath> PriceChild: :D
[01:14] <AfterDeath> hrm
[01:15] <AfterDeath> you might be able to avoid reacting if the number of quits isn't large when you eliminate nicks that have spammed in the past X seconds/minutes
[01:16] <LjL> AfterDeath: i don't keep track of nicks who have spammed though... i could i guess, that's just a bit of code to add
[01:16] <LjL> but perhaps i really can just remove that check
[01:17] <LjL> or make the threshold much bigger, anyway
[01:17] <AfterDeath> either way works
[01:17] <AfterDeath> but keeping temporary track of nicks that cause triggers can be useful
[01:19] <AfterDeath> how often does #ubuntu get flooded with completely random nicks?
[01:20] <AfterDeath> Oh, hey, idea.
[01:20] <AfterDeath> LjL: Want the nicklist the spammer was using?
[01:21] <LjL> AfterDeath: this is mine http://paste.ubuntu-nl.org/49370/
[01:22] <AfterDeath> heh
[01:23] <AfterDeath> this is w00t's: http://dl0x.org/~icxcnika/wl/
[01:23] <AfterDeath> In this case I think he was using nicks.txt
[01:25] <AfterDeath> I don't think he uses moarnicks2 or word_list
[01:26] <LjL> AfterDeath: why wouldn't people just generate the nicknames randomly using a syllabic generator?
[01:26] <LjL> i would do that if i had to join bots.
[01:28] <AfterDeath> Because of the degree of sophistication necessary, because of the lack of knowledge of math that would be needed to do that, and because the parameters of the "random" generation can be identified.
[01:28] <AfterDeath> or simply, "effort, stupidity, and imperfection"
[01:30] <ardchoille> The parent dir is filled with questionable things, including newfloodbots.txt
[01:30] <AfterDeath> yeah, that's one of his scripts.
[01:30] <LjL> AfterDeath: they're putting quite a bit of effort into doing attacks that elude my bots, though. yesterday they did PART #ubuntu :DCC CHAT blah
[01:30] <LjL> which, of course, was the only way to do a DCC exploit without triggering the bots.
[01:31]  * AfterDeath frowns at the fact that his parent directory was readable D:
[01:33] <AfterDeath> I'll make a directory with the various flood scripts I've acquired, though
[01:37] <AfterDeath> http://dl0x.org/~icxcnika/floodscripts
[01:41] <AfterDeath> LjL: Think you can make use of either of those? :)
[01:43] <LjL> i think so
[01:45] <AfterDeath> k
[01:46] <AfterDeath> LjL: Do the floodbots do geco checking or dnsbl lookups?
[01:47] <LjL> AfterDeath: none of that. the bots's bulk just sets a limit for +l (although the actual +l'ing is not done). attack detection was an afterthought.
[01:47] <AfterDeath> ah.
[01:48] <AfterDeath> Geco checking would be fairly useful for use with the nicklists, because usually nick=ident=geco
[01:49] <AfterDeath> although sometimes (if the bots have been told to change nicks before joining), ident=geco, ident will be in the nicklist, and nick will be in the nicklist, but nick!=ident
[01:55] <AfterDeath> heh, snoopy people :<
[02:04] <AfterDeath> Anyways, see if you can use that stuff, and if there's anything else I could get you / help you with, ask
[02:07]  * LjL will, currently though he's busy fixing the bots' little problems
[02:07] <AfterDeath> LjL: you should get someone to help you with that :)
[02:08] <LjL> perhaps. but sharing the source is a decision i would have to take together with other people
[02:10] <AfterDeath> well, the help is certainly offered, do with that what (you/"other people") will
[02:13] <AfterDeath> LjL: does ubuntu get flooded with completely-random-nick bots regularly?
[02:14] <LjL> AfterDeath: i honestly couldn't say how often they look completely random
[03:22] <LjL> anyway... i do suggest you people monitor the bots channel. that attack was foreseeable minutes before it actually happened, if one just looked at the clones warnings
[03:30] <tonyyarusso> LjL: question though - if we know one is coming, but don't know when and can't really prove from whom, what do we do?
[03:31] <elkbuntu> tonyyarusso, if it's obvious enough, the staff will act
[03:31] <LjL> tonyyarusso: well, if you see many clones detected by the bots, +q them, for a start - +q them first, ask questions later. and if it looks bad, you can +rR, although i somehow suspect that all future attacks will come from registered bots
[03:31] <tonyyarusso> hmm
[03:32] <AfterDeath> If you think you can be close enough to "completely sure" start banning the bots yeah
[03:32] <AfterDeath> LjL: they already do, when necessary
[03:32] <LjL> AfterDeath: indeed.
[03:34] <AfterDeath> And I'd use antispammeta's db to try to find woot, but I think he's been getting more clever about things
[03:35] <AfterDeath> i.e. using proxies rather than his bell.ca ip, and maybe different clients for different channels
[03:45] <Jack_Sparrow> anyone here..
[03:46] <elkbuntu> maybe
[03:46] <Jack_Sparrow> I have a problem with theeagle in ubuntu..  HE has been fishing all day for ways to do things in others computers without them knowing...  HE has been wartned several times
[03:47] <Jack_Sparrow> HE started off about wanting programming help on virus's
[03:47] <Jack_Sparrow> HE has been warned repeatedly
[03:47] <Jack_Sparrow> by myself and others
[03:47] <Jack_Sparrow> It is time for a more stern approach
[03:50] <Jack_Sparrow> Hope he listened.. thanks.
[04:56] <ubotu> In ubotu, ajmorris_ said: !bla is bla
[04:56] <ubotu> In ubotu, nikoPSK said: !helpers is The volunteers here at the IRC and at on the ubuntu beginenrs team consist of many members, to view or growing list of contributors visit http://ubuntuforums.org/showthread.php?t=469546
[10:22] <Gary> flooding in #ubuntu btw
[10:23] <martinw> Ah someone beat me to it.
[12:58] <blazemonger> i cant send msg on #ubuntu dont know what i did wrong
[13:01] <blazemonger> hey im having trouble sendin txt to #ubuntu
[13:02] <Gary> do you get any message back
[13:02] <blazemonger> nope
[13:02] <blazemonger> im using pidgeon
[13:02] <blazemonger> i m trying to figure out why im getting scrollkeeper parser errors
[13:03] <Gary> what happens when you try to /join #ubuntu
[13:03] <blazemonger> and why i shoulede pay for a os which gives errors on updates
[13:05] <blazemonger> how can i as a graf. artist help out ubuntu?
[13:05] <blazemonger> i can do gueilla marketing :)
[13:05] <blazemonger> i can do graf art :)
[13:06] <Gary> best speak to the marketing team
[13:07] <blazemonger> gary:i could do some brilliant marketing
[13:07] <blazemonger> i'm all up for promoting thge cause of capitalism and making a buck :)
[13:07] <Gary> this channel is for ubuntu irc operations blazemonger not for marketing ideas, thanks :-)
[13:11] <jpatrick> blazemonger: if you're into marketing why not join #ubuntu-marketing ?
[13:11] <Gary> ahh, I knew it was something like that
[13:30] <blazemonger> im on the #
[13:30] <blazemonger> thanks folks
[13:52] <blazemonger> http://rafb.net/p/HrapwJ32.html\
[13:57] <ubotu> FloodBot3 called the ops in #ubuntu-ops-monitor (mass join)
[14:05] <LjL> ok how is this regex wrong: -[[:alpha:]]*(r|R|m|i)
[14:06] <LjL> oh. nevermind. i've had the epiphany.
[15:13] <LjL> !no vmware is <reply> VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player", not available for Gutsy, only Feisty and Edgy), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. Instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
[15:13] <ubotu> I'll remember that LjL
[15:50] <michalski> !vmware
[15:50] <ubotu> VMWare Player is in Ubuntu's !Multiverse repository (package "vmware-player", not available for Gutsy, only Feisty and Edgy), and http://www.easyvmx.com/easyvmx.shtml can create VMs for it. Instructions can be found at https://help.ubuntu.com/community/VMware - See also !virtualizers
[15:51] <nalioth> michalski: can we help you?
[15:51]  * michalski slowly walks away
[15:51] <michalski> no sorry
[15:56] <jussi01> nalioth: do you still have a repo?
[15:57] <jussi01> if not, perhaps we should remove !nalioth ?
[15:57] <nalioth> jussi01: if you like.
[15:57] <nalioth> how many times has it been called in the last 6 months?
[15:58]  * jussi01 checks
[15:58] <jussi01> 11
[15:58] <LjL> !no nalioth is <reply> Sorry, nalioth's repository is no longer available.
[15:58] <ubotu> I'll remember that LjL
[15:59] <Myrtti> !myrtti
[15:59] <ubotu> Sorry, I don't know anything about myrtti - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
[15:59] <Myrtti> phew
[16:00] <LjL> ¡myrtti is <reply> down with women on IRC
[16:00] <jussi01> Myrtti: just be glad you dont have one like !jdong
[16:01] <ubotu> FloodBot1 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[16:01] <Myrtti> !jdong
 jdong: yes, but you're FULL OF CRACK!
[16:01] <Myrtti> errrf yes
[16:02] <ubotu> FloodBot3 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[16:02] <LjL> erm sorry, i forgot to remove ubotu
[16:02] <Myrtti> LjL: No pony for you
[16:03] <jussi01> !pony | LjL
[16:03] <ubotu> Sorry, I don't know anything about pony - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
[16:03] <LjL> !pony-#ubuntu-offtopic | ljl
[16:03] <jussi01> oh, where did pony go?
[16:03] <jussi01> ahhh
[16:04] <Myrtti> ponies
[16:04] <Myrtti> mmmmm good
[17:31] <LjL> are they fooling around? hm
[17:33] <jussi01> LjL: ?
[17:33] <LjL> jussi01: nothing, three italians in about 10 seconds.
[17:34] <jussi01> LjL: heh, ok
[17:43]  * jdong thinks of all the jokes he could make that last line into.
[17:43] <jdong> ok done, that was fun.
[17:43] <LjL> look only 9 seconds?
[17:43] <LjL> took
[17:44] <jdong> LjL: :) I've gotten really good at bad jokes
[18:03] <jussi01> !omgjdong
[18:03] <ubotu> jdong: You're going to hell.
[18:27] <jussi01> hmmm, all the -#ubuntu-effects factoids could be removed correct??
[18:31] <jussi01> !search #ubuntu-effects
[18:31] <ubotu> Found: working_link-#ubuntu-effects, hotkeys-#ubuntu-effects, extra desktop-#ubuntu-effects, keys-#ubuntu-effects, transset-#ubuntu-effects, shortkeys-#ubuntu-effects, shortkey-#ubuntu-effects, artifacts-#ubuntu-effects, alt-gr-#ubuntu-effects, amd64-#ubuntu-effects
[18:32] <ubotu> FloodBot1 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[18:32] <ubotu> FloodBot3 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[18:32] <ubotu> FloodBot2 called the ops in #ubuntu-ops-monitor (CTCP/NOTICE)
[18:33] <PriceChild> LjL, the bots are being a bit annoying.... reinforcing *all* modes
[18:33] <LjL> PriceChild, you prefer that servers are left desynced?
[18:34] <PriceChild> That's a risk whenever any mode is changed.
[18:34] <PriceChild> the servers eventually sync on their own?
[18:35] <LjL> PriceChild: but r and R are pretty sensitive modes, and if we kick people from -unregged while the servers are still desynced, it's not good - we lock people out. it happened, i think you remember.
[18:35] <PriceChild> Indeed.
[18:36] <LjL> PriceChild, after all setting -rR is (hopefully) not something that happens so often... so is having three MODE lines instead of just one so huge a problem?
[18:36] <nalioth> locked in the twilight zone, between haven and darkness
[18:37] <ubotu> In ubotu, jussi01 said: cinelerra is a video editor and compositor. Install instructions can be found on http://cvs.cinelerra.org/getting_cinelerra.php#ubuntu
[18:37] <jussi01> grrr
[18:37] <jussi01> sorry
[18:38] <ubotu> In ubotu, jussi01 said: !cinelerra is <reply>cinelerra is a video editor and compositor that cannot be included in Ubuntu for legal reasons. Install instructions can be found on http://cvs.cinelerra.org/getting_cinelerra.php#ubuntu
[18:39] <LjL> !cinelerra is <reply> Cinelerra is a video editor and compositor that cannot be included in Ubuntu for legal reasons. Install instructions can be found on http://cvs.cinelerra.org/getting_cinelerra.php#ubuntu
[18:39] <ubotu> But cinelerra already means something else!
[18:42] <jussi01> LjL: I just added the legal reasons bit
[18:42] <LjL> jussi01: what are they anyway? wikipedia says it's GPL, and i can't find a license on their site
[18:46] <Pici> I think that we should change the 'legal reasons' bit in the factoids to 'license issues'
[18:46] <LjL> well, whatever, what are they?
[18:46] <Pici> I mean not just the Cinelerra one, just in general.. but anyhoo, I'm out for a bit.
[18:46] <jussi01> LjL: there are quite a few different bits and peices, fonts and other stuff - the whole thing is a mess
[18:47] <jussi01> LjL: I agree with Pici
[18:48] <jussi01> LjL: the ubuntu studio team would love to have it included, but we just cant
[18:48] <jussi01> and its not for lack of trying...
[18:49] <LjL> jussi01: well but the restricted bits could be taken out with some patience, no?
[18:50] <jussi01> LjL: I am of the understanding this is not the case - it take a mountain of work. however, this is only what ive been told, not first hand experience.
[18:52] <jussi01> LjL: if you can wait a moment, I can grab more info.
[18:52] <LjL> was just wondering... i'm not going to do it myself :)
[18:56] <jussi01> LjL: cool - I just asked a friend, it seems that not all of the files have licence headers and they ship a modded ffmpeg
[18:57] <LjL> ah.
[18:57] <LjL> files randomly missing headers is not good.
[18:57] <jussi01> yeah, not real fun at all.
[18:58] <jussi01> !-brokenkde4
[18:58] <ubotu> brokenkde4 has no aliases - added by LjL on 2007-11-21 01:19:56
[18:58] <jussi01> LjL: I assume that is still current?
[18:59] <LjL> jussi01: not mine even though it shows my name. ask stdin. i think so though.
[18:59] <jussi01> LjL: ahh, cool :)
[19:03] <ardchoille> Final resolution behind those irseek logbots is here btw: http://blog.freenode.net/?p=68
[19:06] <nalioth> i'd not call it final, but 'current'
[19:09] <ardchoille> Ok. That info was obtained from tomaw, just FYI
[19:09]  * tomaw hides
[19:10] <ardchoille> I found a broken link on the wiki (Site map), to whom do I report this?
[19:10] <LjL> Ariel_Eran, i suppose you're here about that?
[19:10] <PriceChild> ardchoille, the wiki is a wiki?
[19:10] <ardchoille> PriceChild: D'oh! You're right.
[19:11] <tomaw> hehe
[19:11] <LjL> well not really
[19:11] <LjL> that link isn't editable
[19:11] <ardchoille> I don't think I'm skilled enough to write an entire Site Map, tho
[19:11] <LjL> should be webmaster@ubuntu.com
[19:11] <ardchoille> Thanks
[19:11] <PriceChild> what link is it/where?
[19:11] <PriceChild> and btw maybe a wiki admin would be better?
[19:11] <PriceChild> or launchpad bug
[19:11] <LjL> PriceChild: bottom of any page of wiki.ubuntu.com
[19:12] <ardchoille> PriceChild: Bottom of https://wiki.ubuntu.com/Ardchoille2 , the Site Map link
[19:12] <PriceChild> ardchoille, LjL you can change that
[19:13]  * PriceChild looks for a suitable page
[19:14] <PriceChild> ah... /sitemap isn't a normal wikipage
[19:14] <LjL> duh :P
[19:14] <LjL> it's www.ubuntu.com
[19:14] <PriceChild> I thought it'd point to some sort of list of useful topics
[19:15] <ardchoille> Me too
[19:15] <LjL> it pointed to the www.ubuntu.com sitemap, before it was (apparently) removed
[19:15] <ardchoille> I was looking for the wiki "how to" to learn how to post an image on my page
[19:17] <LjL> ardchoille: add « attachment:filename » to the wiki, then "More Actions" -> "Attachments" from the main toolbar
[19:17] <LjL> (or vice versa, the order doesn't quite matter)
[19:20] <ardchoille> LjL: Where do I add attachment:filename? To the end of my wiki page url?
[19:21] <jussi01> pros922: how can we help?
[19:22] <pros922> Hello all, can anyone unban me from #ubuntu? Not sure how it happened
[19:22] <LjL> ardchoille: to the place you want the image to appear at
[19:23] <ardchoille> Got it, thanks LjL
[19:25] <LjL> pros922, it happened because you were spamming.
[19:26] <LjL> by the way, that ban i did now was because [20:24:13] [Notice] -rangerguy39- Syntax for | sam_
[19:26] <pros922> It won't happen again. I'm not sure, but I think someone might have had access to my terminal.
[19:26] <pros922> Anyway, I'll leave it up to you guys. Much appreciated
[19:31] <pros922> ty, I'd really like to rejoin. Thanks.
[19:57] <LjL> bah i'll unban
[20:00] <LjL> mneptok: it was your ban, what do you think? i'd unban just for being civil and not whiny in here. the offense he was banned for was relatively serious, though.
[20:51] <jussi01> jpatrick: sigh
[20:51] <jpatrick> aha, you're here :)
[20:51] <jussi01> jpatrick: lets hope it ends there...
[20:51] <jpatrick> yeah
[20:52] <jpatrick> and it doesn't!
[20:59] <jussi01> jpatrick: sigh... hopefully now we actually get some support q's...
[21:00] <jpatrick> jussi01: yeah, kubuntu's so good there are hardy any q's..
[21:02] <jpatrick> jussi01: woah..
[21:02] <jussi01> jpatrick: support q's ftw!!
[21:02] <jussi01> :P
[21:03] <jpatrick> jussi01: i've just been insult on #kubuntu
[21:04] <jussi01> jpatrick: ?
[21:04] <jpatrick> jussi01: nm
[21:29] <ubotu> In ubotu, Schuenemann said: !sch is nothing
[21:29] <ubotu> Flannel called the ops in #ubuntu (Dsit)
[21:31] <ubotu> In ubotu, Dr_willis said: training is  Classroom Books on Ubuntu (400+ Pages) Free at https://wiki.ubuntu.com/Training - in PDF format.  Well worth reading for new linux users.
[21:36] <jklock> Could someone test me?
[21:38] <jussi01> ok, Im off... ardchoille jpatrick have fun with those crazies in #kubuntu.
[21:38] <jpatrick> later jussi01
[21:38] <ardchoille> See ya :)
[21:38] <jussi01> bye
[21:42] <PriceChild> You may rejoin now jklock.
[21:43] <jklock> thanks
[21:48] <PriceChild> Gary, shiny :)
[21:48] <Gary> hehe
[21:48] <Gary> isn't it just
[21:49] <PriceChild> lol :)
[21:49] <PriceChild> You did that one quickly.
 Palomides: It's hard to explain, One way of saying it is "I want to join the ranks of the ops" another, "I want to be in charge when needed"; If you get what I mean