modbot html

This commit is contained in:
Neale Pickett 2013-01-31 13:56:11 -07:00
parent aa27dc8899
commit 7dad559bbd
1 changed files with 105 additions and 0 deletions

105
doc/2013-02-TF5/modbot.html Normal file
View File

@ -0,0 +1,105 @@
<!DOCTYPE html>
<html>
<head>
<title>IRC Moderation</title>
<style type="text/css">
body {
max-width: 40em;
}
pre {
background-color: silver;
border: solid black 3px;
}
</style>
</head>
<body>
<h1>IRC Moderation</h1>
<p>
Due to the unexpected popularity of this event,
and in order to accomodate all of our registrants,
we have set the channel <samp>#netarch</samp> to "moderated mode".
This means that,
unlike a normal IRC channel,
only the instructors will be able to broadcast messages.
Questions will be gathered by our Tracer Fire Moderation Fairy,
and answered in the channel as the instructors are able.
</p>
<h2>How to ask questions</h2>
<p>
If you are in the Network Archaeology course as an auditor,
you will not be able to ask questions of your own.
General, unrestricted chat is available in the <samp>#tf5</samp> channel,
however, and you may find someone in your course who is able to help you.
</p>
<p>
If you qualified to participate fully in Network Archaeology,
you will have recieved a token from the Tracer Fire Registration Fairy.
Present this token to <samp>netarch-moderator</samp> to place your question in the queue.
</p>
<p>
For example, if your token is <samp>39AF2B83</samp>
and you would like to know how to determine which version of
Python you have installed, you would type:
</p>
<pre>/msg netarch-moderator 39AF2B83 How can I find my Python version?</pre>
<p>
<samp>netarch-moderator</samp> will reply with a message indicating success,
and the current length of the question queue.
<b>If you do not recieve a reply from <samp>netarch-moderator</samp>,
your token was not recognized as valid.</b>
</p>
<p>
If you are having trouble,
you can ask for help in <samp>#tf5</samp>.
But <b>do not give anyone else your token</b>,
or they could use it to impersonate you and get you blocked
from asking further questions!
</p>
<h2>Rationale</h2>
<p>
It costs us nothing to allow people to audit:
we pay no money for the IRC network,
the YouTube video hosting,
or the web server
(generously donated by <a href="http://linode.com/">Linode</a>).
But even after restricting active participation to US Government and Critical Infrastructure,
we still had over 100 participants in the Network Archaeology course.
In order to present a readable flow of questions and answers in the channel,
we chose to implement this moderation process.
</p>
<p>
We would have liked to make the moderator reply with helpful usage information
if your token was invalid or if you asked it for help.
But the IRC servers limit how many lines any connected client can send in a period of time,
and disconnect any clients that are sending too much text too quickly.
This is done to prevent people spamming IRC users or channels.
If the moderation bot responded to every message it got,
it would be easy for 5 people to send it messages as quickly as they could,
and cause the bot to trigger the server's disconnection with too many replies.
This sort of situation, where several computers "gang up" on a server
to prevent it having enough resources to respond to anyone else,
is called a "Distributed Denial of Service Attack" or a DDoS.
</p>
<p>
In order to make the moderation bot more resilient to DDoS attacks,
we realized we had to program it to only respond to properly-crafted
questions with tokens on an approved list.
This web page is our attempt to mitigate the diminished user-friendliness
that results from this design decision.
</p>
</body>
</html>