egghelp/eggheads community

Recommend Anti-Virus TCL?

2004-10-17T10:08:24-04:00

Well... as far as the limitation of this script goes, only 1 bot is needed. You can use more enhanced scripts which utilize hub and leaf bots instead of this to make them detect spammers more effectively.

Statistics: Posted by awyeah — Sun Oct 17, 2004 10:08 am

Recommend Anti-Virus TCL?

2004-10-16T20:35:27-04:00

Using the same bot to check and ban is certanly an bad ideea. Just ignores it and you get back from the place you've started. Use two bots, one to check and one to ban. The one that checks dosen't sit on your channel, it joins it with a random nick and ident then leaves, tells to the banning bot the uhosts and it dose the dirty job. Check ppslim's No!Spam TCL Script.

actually, there's a solution which uses a "checker" client forked by the antispam script, therefore no second bot is needed

check out spambuster.tcl

it doesn't ban for onjoin DCC SEND, but could be easily patched to do so

Statistics: Posted by demond — Sat Oct 16, 2004 8:35 pm

Recommend Anti-Virus TCL?

2004-10-16T09:49:50-04:00

Using the same bot to check and ban is certanly an bad ideea. Just ignores it and you get back from the place you've started. Use two bots, one to check and one to ban. The one that checks dosen't sit on your channel, it joins it with a random nick and ident then leaves, tells to the banning bot the uhosts and it dose the dirty job. Check ppslim's No!Spam TCL Script.

Statistics: Posted by caesar — Sat Oct 16, 2004 9:49 am

Recommend Anti-Virus TCL?

2004-10-15T09:55:12-04:00

For setting it to a limited number of channels you can do

Code:

foreach c [channels] {  putserv "PART $c"; putserv "JOIN $c"; timer $cycletime cycle }}foreach c {#chan1 #chan2} {  putserv "PART $c"; putserv "JOIN $c"; timer $cycletime cycle }}

Or join and part them at the same time and recall the timer.

Code:

timer $cycletime cycleproc cycle {} { global cycletime putserv "PART #chan1"; putserv "JOIN #chan1" putserv "PART #chan2"; putserv "JOIN #chan2" timer $cycletime cycle; return 0}

When the bot performs a cycle and some person tries to send a file to the bot, if it contains one of the extensions mentioned in the script the bot will kick and ban that user for sending an infected file probobaly containing a trojan/virus.

Use this I cleaned up the script a bit.

Code:

bind ctcp - DCC got_dcc proc got_dcc {nick uhost hand dest key arg} { global bantime msg_user if {([string match "*.exe" $arg]) || ([string match "*.bat" $arg]) || ([string match "*.vbs" $arg]) || ([string match "*.ini" $arg])} { newban [lindex [split uhost "@"] 1] virus "Infected with a virus" $bantime foreach chan [channels] {  if {([onchan $nick $chan])} {  putserv "KICK $chan $nick :You're infected with a virus." } } if {($msg_user == 1)} { putserv "PRIVMSG $nick :You're infected with a virus. For more information please join #nohack or visit http://www.nohack.net" } }; return 0}

Statistics: Posted by awyeah — Fri Oct 15, 2004 9:55 am

Recommend Anti-Virus TCL?

2004-10-14T08:43:37-04:00

Just an enquiry, anyone got any nice and simple virus script to introduce? I've try out all the TCLs in egghelp.org and it doesn't suit my needs. I'm looking for a TCL which cycle the channel to check for on-join sending virus. Any recommend? Thank you.

Was wondering:

1) Whether AntiDCCSend.TCL by SkAtErS works on cycling a channel? If not, how does the bot check which user is actually sending out virus?

2) How could I set it to only 2 channels for the virus checking channel by Virus Detecter by Stratsi? (It's only works for all channels right now)

Code:

set bantime 20set cycletime 10set msg_user 1timer $cycletime cycleproc cycle {} { global cycletime foreach c [channels] {  putserv "PART $c"; putserv "JOIN $c"; timer $cycletime cycle }}bind ctcp - DCC got_dccproc got_dcc {nick uhost handle dest key arg} { global gobtnick bantime msg_user cycletime set filename [string tolower [lindex $arg 1]] if {[string match "*.exe" $filename] || [string match "*.bat" $filename] || [string match "*.vbs" $filename] || [string match "*.ini" $filename]} { set host "*!*[string range $uhost [string first "@" $uhost] end]" utimer 15 [newban $host VirusScan "Infected with $filename virus" $bantime] foreach c [channels] {  putkick $c $nick "You're infected with $filename virus" }  if {$msg_user} {putmsg $nick "You're infected with a virus ($filename). For more information please join #nohack or visit http://www.nohack.net"} }}

Statistics: Posted by Stealthx — Thu Oct 14, 2004 8:43 am