ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/hopm/releases/1.0.3/README
Revision: 5134
Committed: Thu Dec 25 18:50:02 2014 UTC (9 years, 3 months ago) by michael
Original Path: hopm/trunk/README
File size: 3593 byte(s)
Log Message:
- propset svn:keywords "Id"

File Contents

# User Rev Content
1 michael 5052 Introduction
2     ------------
3    
4 michael 5060 HOPM (Hybrid Open Proxy Monitor) is an open proxy monitoring bot designed for
5     Hybrid based ircds. The bot is designed to monitor an individual server (all
6     servers on the network have to run their own bot) with a local operator {}
7 michael 5104 block and monitor connections. When a client connects to the server, HOPM will
8     scan the connection for insecure proxies. Insecure proxies are determined by
9     attempting to connect the proxy back to another host (usually the IRC server in
10 michael 5052 question).
11    
12 michael 5060 HOPM is written ground-up in C language, concept derived from wgmon. It
13 michael 5052 improves on wgmon with HTTP support, faster scanning (it can scan clients
14     simultaneously), better layout (scalability), and dnsbl support.
15    
16    
17     Requirements
18     ------------
19    
20 michael 5060 o An IRCd which presents connection notices in a format which HOPM
21 michael 5052 recognises (see below).
22    
23     o A host with full connectivity for all the ports you wish to scan. i.e. is
24     NOT transparently proxied -- many domestic internet connections have port 80
25     transparently proxied and this produces completely unpredictable results,
26     sometimes as severe as 100% of clients being K:lined!
27    
28 michael 5060 o A unix OS with GNU Make, a C99 compiler, etc..
29 michael 5052
30     o Permission from your users to portscan them for open proxies.
31    
32    
33     Compatibility
34     -------------
35    
36 michael 5060 ircd-hybrid 8.2.1
37 michael 5052
38 michael 5108 HOPM is designed for ircd-hybrid based ircds. It is easily suitable for any
39     other ircd with little modification (connregex in hopm.conf). However, if an
40     ircd does not send IP addresses in a connection notice, HOPM will not be
41     effective because the time it takes to resolve a hostname would be a
42     significant factor to HOPM's efficiency.
43 michael 5052
44    
45     Command Line Options
46     --------------------
47    
48 michael 5060 -c <name> Config name. By default HOPM reads hopm.conf, "-c foo"
49     will cause HOPM to read foo.conf. The primary use for
50     this is to run multiple HOPMs from one directory.
51 michael 5052
52 michael 5060 -d Debug mode. HOPM will not fork, and will write logs to stderr.
53 michael 5052 Multiple -d increase debug level.
54    
55    
56     Operator Channel Commands
57     -------------------------
58    
59     botnick check <host> [scanner] -- Manually scan host for insecure proxies and output all errors.
60 michael 5060 If scanner is not given, hopm will scan on all scanners.
61 michael 5052 NOTE: this will NOT add a kline (or whatever) if it finds a
62 michael 5060 proxy.
63 michael 5052
64     botnick stats -- Output scan stats, uptime and client connection count.
65    
66     botnick fdstat -- Output some into about file descriptors in use.
67    
68 michael 5060 Also if several HOPMs are present in one channel they will all respond to !all,
69 michael 5104 for example !all stats.
70 michael 5052
71    
72 michael 5104 Rehashing HOPM
73 michael 5052 --------------
74    
75 michael 5060 A /kill to hopm will cause the process to restart, rehashing the configuration file
76 michael 5052 and ending all queued scans.
77    
78    
79     Logging
80     -------
81    
82 michael 5060 Once started, HOPM logs all significant events to a file called "hopm.log"
83     which by default can be found at $HOME/hopm/var/hopm.log. There is also a
84 michael 5052 config option to log all proxy scans initiated, which can be quite useful if
85     you receive an abuse report related to portscanning.
86    
87     These log files, especially the scan log, can grow quite large. It is
88     suggested that you arrange for these files to be rotated periodically. An
89     example shell script is provided in the contrib/logrotate directory. If you
90     prefer to use the log rotation facilities of your operating system then you
91 michael 5060 should send a USR1 signal to HOPM after moving its logfiles - this will cause
92     HOPM to reopen those files.
93 michael 5052
94    
95     Support
96     -------
97    
98 michael 5060 * Bug Reports:
99     - bugs@ircd-hybrid.org
100     * IRC contact:
101     - #ircd-coders on irc.ircd-hybrid.org

Properties

Name Value
svn:keywords Id