The InspIRCd Project
Home | Developers | Wiki | Forums | Bug Tracker | SVN | Download | Blog
Personal tools
InspIRCd - 10,000 revisions reached!

Modules/cloaking

From the makers of InspIRCd.

(Redirected from Hostmask Module)
Jump to: navigation, search


Description
Masks user hostnames in the style of CLOAKEDHOST.Network.cloak, for example, 0284D4C2C220AFC6.TEST.cloak.
Configuration Tags
If you specify the m_cloaking.so module, you must define a set of cloak keys, and optionally a cloak prefix as shown below. When using cloaking, the cloak keys are MANDATORY and must be included. However, if prefix is not included, it will default to your networks name from the <server> tag. 
<cloak key1="-543241423"
        key2="5378410432"
        key3="1143242382"
        key4="9504324581"
        prefix="mynet">

Please note that the key values will accept any positive number between 0 and 2147483648, and should be large numbers. Using small numbers such as "7" or "1924" will seriously weaken the security of your cloak.

The cloak keys should be identical on all servers!

Additional Modes
User mode: +x - Cloaks hostname. This mode will not be set automatically on users upon connect, to do this you must use m_conn_umodes.so.
Additional Commands
None
Special Notes
The hostname will be cloaked by taking the first portion of the hostname (before the .) and replacing it with a hash of the entirety of the hostname (hashed as a string), prefixed by the network name, for example "ChatSpike-0DF3269C". Because the hash is built from the entire hostname and not the ip address, the hash generated when the user does not resolve is different from the hash generated when the user does resolve. Also because the length of the hashed result is considerably shorter than the actual hash, a lot of data is purposefully lost in the process, meaning that there is no way to reverse the cloaking process on a hostname and retrieve the users IP address. This means that the cloak key's only use is to make cloaked hosts unique to your network, as it is simply not a reversible algorithm in any way, shape or form. Please note that a potential risk may exist if an attacker knows all possible hostnames on your network, and it is a very small network, as the attacker may guess at which hostname you are using. This risk exists on all host-cloaking IRCd software.


Dependencies
The MD5 Service Provider Module
Retrieved from "http://www.inspircd.org/wiki/Modules/cloaking"
head
Advertisement
head
head