/[svn]/hopm/trunk/README
ViewVC logotype

Contents of /hopm/trunk/README

Parent Directory Parent Directory | Revision Log Revision Log


Revision 5146 - (show annotations)
Fri Dec 26 14:33:31 2014 UTC (4 years, 6 months ago) by michael
File size: 3580 byte(s)
- Update documents

1 Introduction
2 ------------
3
4 HOPM (Hybrid Open Proxy Monitor) is an open proxy monitoring bot designed for
5 Hybrid based ircds. The bot is designed to monitor an individual server (all
6 servers on the network have to run their own bot) with a local operator {}
7 block and monitor connections. When a client connects to the server, HOPM will
8 scan the connection for insecure proxies. Insecure proxies are determined by
9 attempting to connect the proxy back to another host (usually the IRC server in
10 question).
11
12 HOPM is written ground-up in C language, concept derived from wgmon. It
13 improves on wgmon with HTTP support, faster scanning (it can scan clients
14 simultaneously), better layout (scalability), and dnsbl support.
15
16
17 Requirements
18 ------------
19
20 o An IRCd which presents connection notices in a format which HOPM
21 recognises (see below).
22
23 o A host with full connectivity for all the ports you wish to scan. i.e. is
24 NOT transparently proxied -- many domestic internet connections have port 80
25 transparently proxied and this produces completely unpredictable results,
26 sometimes as severe as 100% of clients being K:lined!
27
28 o A unix OS with GNU Make, a C99 compiler, etc..
29
30 o Permission from your users to portscan them for open proxies.
31
32
33 Compatibility
34 -------------
35
36 ircd-hybrid 8.2.1
37
38 HOPM is designed for ircd-hybrid based ircds. It is easily suitable for any
39 other ircd with little modification (connregex in hopm.conf). However, if an
40 ircd does not send IP addresses in a connection notice, HOPM will not be
41 effective because the time it takes to resolve a hostname would be a
42 significant factor to HOPM's efficiency.
43
44
45 Command Line Options
46 --------------------
47
48 -c <name> Config name. By default HOPM reads hopm.conf, "-c foo"
49 will cause HOPM to read foo.conf. The primary use for
50 this is to run multiple HOPMs from one directory.
51
52 -d Debug mode. HOPM will not fork, and will write logs to stderr.
53 Multiple -d increase debug level.
54
55
56 Operator Channel Commands
57 -------------------------
58
59 botnick check <host> [scanner] -- Manually scan host for insecure proxies and output all errors.
60 If scanner is not given, hopm will scan on all scanners.
61 NOTE: this will NOT add a kline (or whatever) if it finds a
62 proxy.
63
64 botnick stats -- Output scan stats, uptime and client connection count.
65
66 botnick fdstat -- Output some into about file descriptors in use.
67
68 Also if several HOPMs are present in one channel they will all respond to !all,
69 for example !all stats.
70
71
72 Rehashing HOPM
73 --------------
74
75 A /kill to hopm will cause the process to restart, rehashing the configuration file
76 and ending all queued scans.
77
78
79 Logging
80 -------
81
82 Once started, HOPM logs all significant events to a file called "hopm.log"
83 which by default can be found at $HOME/hopm/var/hopm.log. There is also a
84 config option to log all proxy scans initiated, which can be quite useful if
85 you receive an abuse report related to portscanning.
86
87 These log files, especially the scan log, can grow quite large. It is
88 suggested that you arrange for these files to be rotated periodically. An
89 example shell script is provided in the contrib/logrotate directory. If you
90 prefer to use the log rotation facilities of your operating system then you
91 should send a USR1 signal to HOPM after moving its logfiles - this will cause
92 HOPM to reopen those files.
93
94
95 Support
96 -------
97
98 * Bug Reports:
99 - bugs@ircd-hybrid.org
100 * IRC contact:
101 - #ircd-coders on irc.ircd-hybrid.org

Properties

Name Value
svn:eol-style native
svn:keywords Id

svnadmin@ircd-hybrid.org
ViewVC Help
Powered by ViewVC 1.1.26