Hi, Many people that IRC on Dalnet have scripts which automatically identify their nicknames via "/msg nickserv identify your_password" This works fine, however,if you also IRC on Undernet you can run into a problem. Undernet has no nickserv so if someone on Undenet decides to use the nick "nickserv" they will be exposed to countless passwords from all the people that automatically identify themselves. Once the evil user has these passwords they can jump on Dalnet and steal that person's nick and change the password. With a bit of brain power, and I won't go into how, they can also abuse op in any channels that person has op access in. Dalnet has been advised and starting on April 15th, you'll need to identify to NickServ using /msg NickServat_private IDENTIFY instead of just using /msg NickServ IDENTIFY. All the other IRC networks that I tested have a nickserv bot which halts the abuse mentioned above. Regards Nelson
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:39:57 PDT