From c4e96cafe35d30f7a14c5fc4db197a58653fa7f2 Mon Sep 17 00:00:00 2001 From: Neale Pickett Date: Thu, 31 Jan 2013 13:56:11 -0700 Subject: [PATCH] modbot html --- doc/2013-02-TF5/modbot.html | 105 ++++++++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 doc/2013-02-TF5/modbot.html diff --git a/doc/2013-02-TF5/modbot.html b/doc/2013-02-TF5/modbot.html new file mode 100644 index 0000000..20c3d15 --- /dev/null +++ b/doc/2013-02-TF5/modbot.html @@ -0,0 +1,105 @@ + + + + IRC Moderation + + + +

IRC Moderation

+ +

+ Due to the unexpected popularity of this event, + and in order to accomodate all of our registrants, + we have set the channel #netarch to "moderated mode". + This means that, + unlike a normal IRC channel, + only the instructors will be able to broadcast messages. + Questions will be gathered by our Tracer Fire Moderation Fairy, + and answered in the channel as the instructors are able. +

+ + +

How to ask questions

+ +

+ If you are in the Network Archaeology course as an auditor, + you will not be able to ask questions of your own. + General, unrestricted chat is available in the #tf5 channel, + however, and you may find someone in your course who is able to help you. +

+ +

+ If you qualified to participate fully in Network Archaeology, + you will have recieved a token from the Tracer Fire Registration Fairy. + Present this token to netarch-moderator to place your question in the queue. +

+ +

+ For example, if your token is 39AF2B83 + and you would like to know how to determine which version of + Python you have installed, you would type: +

+ +
/msg netarch-moderator 39AF2B83 How can I find my Python version?
+ +

+ netarch-moderator will reply with a message indicating success, + and the current length of the question queue. + If you do not recieve a reply from netarch-moderator, + your token was not recognized as valid. +

+ +

+ If you are having trouble, + you can ask for help in #tf5. + But do not give anyone else your token, + or they could use it to impersonate you and get you blocked + from asking further questions! +

+ + +

Rationale

+ +

+ It costs us nothing to allow people to audit: + we pay no money for the IRC network, + the YouTube video hosting, + or the web server + (generously donated by Linode). + But even after restricting active participation to US Government and Critical Infrastructure, + we still had over 100 participants in the Network Archaeology course. + In order to present a readable flow of questions and answers in the channel, + we chose to implement this moderation process. +

+ +

+ We would have liked to make the moderator reply with helpful usage information + if your token was invalid or if you asked it for help. + But the IRC servers limit how many lines any connected client can send in a period of time, + and disconnect any clients that are sending too much text too quickly. + This is done to prevent people spamming IRC users or channels. + If the moderation bot responded to every message it got, + it would be easy for 5 people to send it messages as quickly as they could, + and cause the bot to trigger the server's disconnection with too many replies. + This sort of situation, where several computers "gang up" on a server + to prevent it having enough resources to respond to anyone else, + is called a "Distributed Denial of Service Attack" or a DDoS. +

+ +

+ In order to make the moderation bot more resilient to DDoS attacks, + we realized we had to program it to only respond to properly-crafted + questions with tokens on an approved list. + This web page is our attempt to mitigate the diminished user-friendliness + that results from this design decision. +

+ +