Hi folks!

I was wondering if there were any plans to get the IRC restrictions imposed by your ISP changed, so that you can at least allow outgoing client connections ? This is the one and only thing holding me back from getting one of your rockin' packages :D

Cheers,

midget

p.s do you ever plan to put any servers in european datacenters ? That'll double rock for us europeans :p

Once there was a buzz about getting another provider without the anti-IRC ToS requirements. I eagerly await it, but I have been for a while. right? :D :cool: :rolleyes: ;)

It is on the list, much must be done with ARIN regarding OrgID, ASN, Subnet delegation, etc. We will bring on Cogent and force all IRC to go through that link.

I'm really looking forward to the day I can ssh into my VPS and access a screen holding my IRC session from work.

For now... I sit and wait. We moving at all yet Matt?

[QUOTE=jadamhall]I'm really looking forward to the day I can ssh into my VPS and access a screen holding my IRC session from work.

For now... I sit and wait. We moving at all yet Matt?[/QUOTE]

Do you have access to a *nix home box? I keep a screen session running at home, so I can disconnect from one place, SSH in and re-connect to the same session from the other. Dynamic DNS is a big help there too.

Any news on whether this might be changed soon?

All I want to run really is a screen session for an irc client. Would be nice if I could do that.

[QUOTE=tlavoie]Do you have access to a *nix home box? I keep a screen session running at home, so I can disconnect from one place, SSH in and re-connect to the same session from the other. Dynamic DNS is a big help there too.[/QUOTE]

Actually, the point of me buying my VPS was to eleminate some of the boxes I have at home. So while, yeah, this is how I do it now... I've migrated everything to my shell *except* my IRC session because of this pretty cruddy filter thats in place. To be honest, I'm starting to wonder if I can justify it versus just going to some other random provider to host my web services. It'd be a hell of a lot cheaper (I'm not complaining about price, the VPS is priced well for what'd you _should_ be able to do with the system) and I'd be no worse off than I am now.. this one, lonely box, sitting around to do nothing but hold my IRC sessions open.

IRC was so high on my priorities (guess I must be a sad git) that I hunted down another VPS provider. I guess I shouldn't say who provides for me on this forum (its not cricket really is it! :D) but for anyone interested, you're welcome to PM me. Its UK based, Xen based, super cheap, allows IRC clients (but not daemons), and has really nice people running the show.

Ciao for now :)

Correct me if I am wrong, but if someone is experincing a DOS attack on their virtual server, everyone who has a VPS account on that server is affected. I kinda like the idea that the next guy on the system's flame war on irc is not going to effect me. I have a shell account for irc access and it seems once a week there is some sort of DOS attack the box my account is on. I think that is a headache the admin at unixshell would rather not have.
I can think of at least one other vps provider who would let you use IRC. But they warn you they would rather you not.

[QUOTE=charowl]Correct me if I am wrong, but if someone is experincing a DOS attack on their virtual server, everyone who has a VPS account on that server is affected.[/QUOTE]

Correct. It should be pointed out however that DoS attacks can be used on any service; IRC just gets a bad name due to botnets.

I kinda like the idea that the next guy on the system's flame war on irc is not going to effect me.

I point you to the definition of a flame war, which has nothing to do with DoS attacks:

When an online discussion degenerates into a series of personal attacks against the debaters, rather than discussion of their positions. A heated exchange.

IRC clients such as irssi and BitchX don't open service ports and are therefore unsusceptible to DoS. Bouncers such as psybnc and ezbounce do open service ports, and certain versions of bouncers have security/DoS issues.

I have a shell account for irc access and it seems once a week there is some sort of DOS attack the box my account is on. I think that is a headache the admin at unixshell would rather not have.

I don't disagree with you there, and I was only asking my original question because its a big factor in my choice of provider.

I can think of at least one other vps provider who would let you use IRC. But they warn you they would rather you not.

Yes, and I have found such a provider. :)

Cheers.

We do lose some customers who _require_ IRC it would seem, but I bet we keep a lot more by having great network uptime. Our current monitoring shows 100% since 9/28/2005, but that is because we switched to a new router (and new IP). Previous to that we had Alertra monitoring of our network for 1 1/2 years past and the uptime was 99.98%+

Even so, IRC is banned by our upstream provider and there are plans to bring in a Cogent link to push all IRC traffic out of within the next few months.

Count me in as one of the ones who feel that NOT allowing IRC is a reason why I'll stay here. Uptime is everything. My previous webhost was VERY restrictive on what was allowed and what was not allowed. They were also very inexpensive, and I stayed with them for three years because my site was always up, unlike so many other low-priced services. The only reason I moved here was because I wanted more control over my own account, and because the uptime so far has been very good, and on the rare occasion my VM has gone down, the matter has been resolved within a totally acceptable timeframe. I would not welcome anything that would add more instability or network congestion to the situation. I may or may not be speaking for others here, but to me, uptime and reliability is everything.

Is this one of those perpetual "sometime in the future" dealies? I've been here three/four months and it's either "right around the corner" or "in a couple months"... I'm dying, mother g-d fscking dying without IRC here.

I used to survive. School shell account, home server. But I no longer have a home system, no more school. Its me, my car, the road and a laptop. This lack of persistent IRC is frakking killing me! Even just sitting in coffee shops, I'll get dropped every fifteen minutes and have to reconnect.

Upstream is still very strong, quite formidable, great bursting, but downstream bandwidth sometimes feels weak. I rarely top out at or over 40k/s on the ftp.us.debian.org ftp-pool, and I'm usually running 100+k/s at coffee shops w/ my laptop. Perhaps the time for more bandwidth is now?

Fud alert! Fud alert! :mad: :eek:

Count me in as one of the ones who feel that NOT allowing IRC is a reason why I'll stay here. Uptime is everything. My previous webhost was VERY restrictive on what was allowed and what was not allowed. They were also very inexpensive, and I stayed with them for three years because my site was always up, unlike so many other low-priced services. The only reason I moved here was because I wanted more control over my own account, and because the uptime so far has been very good, and on the rare occasion my VM has gone down, the matter has been resolved within a totally acceptable timeframe. I would not welcome anything that would add more instability or network congestion to the situation. I may or may not be speaking for others here, but to me, uptime and reliability is everything.

Dont be like this guy, dont pretend like you're the only one that matters, dont respond out of fear for yourself without even spending a thought as to what the risks actually are. Your comment would be fine if you removed the first line and made it a seperate post entitled "I want good uptime", but it is 101% irrelevant to the topic of IRC, entirely unsubstaniated. IRC poses no new uptime dangers. Your opinion is welcome, but I am compelled to point out that you actually have no point on the topic of IRC.

Your system is no more likely to go unresponsive cause people start running IRC. If this was uml-linux or some other half-breed virtual machine system, you might have a nut to crack, but with Xen you're garunteed to get your system CPU. Past that the problem is network resources.

And the deal with network resources is, assuming you're CPU is already taxed (that happens fairly quickly in a flood), it doesnt really matter what the other guys are trying to feed your machine. It doesnt matter if you are trying to process the packet or not. They can just as well flood you over SMTP, random packets, or IRC to the same effect, the only goal is to saturate the network pipe (be it the pipe to the outside world or the ethernet on the machine). It doesnt simply doesnt matter.

At this stage, uptime is only garunteed through proper dedicated anti-DoS gear and cooperation with upstream providers to block the senders.

Whats running on your own system is irrelevant, the network pipe is flooded beyond your use. Assuming a reasonably setup host kernel (one where heavy ethernet traffic does not cause enough interrupts to blast the system), your system will remain perfectly responsive and active during even the worst DDoS attack. Thats the wonder of Xen. The downside is the internet pipe is effectively out of commision, so you've really got absolutely no way of communicating with your system, even though its up and running. The only barrier against IRC is the internet connections Matt's got us hosted on, none of his service providers will allow Irc at this time.

There's no delicate way to say this, you have no idea what you are talking with and and responding out of simple fear and uncertainty, and in the process of doing so you are condoning the infinite pain of poor suffering users. Irc poses no danger which we do not already face. I welcome you to begin a new post explaining what your priorities are and why you are using unixshell, to fully elaborate your background, but this information does not belong in a thread regarding IRC, much less under the guise of some kind of plea/request against something other users need very very badly.

For Unixshell's and our own sake I hope there are some decent flood control measures in place already. :cool:

And son-of-a-mother do I want my IRC!

In general IRC servers and clients are both target of Denial of Service attacks. For servers it will be to takeover a channel, irc wars, et al. For the client, in some situations someone will anger a user and that user will respond by sending 1Gbit/s to the hostname they are IRC'ing from.

These 2 reasons are why IRC leads to poorer network uptime. We fully enjoy IRC personally, but we do it from our ISP connection -- not our servers. It is a shame the minority foolish have caused this, but it is the fact that IRC can really hurt network uptime.

Except for your ISP's TOS, I really cant see it as a legitimate issue for clients to connect to irc servers, there's no excuse behind 'someone might get pissed off and try and DoS'... nearly any service has that potential... ICQ, web servers, &c &c. Just seems ludicrous to pick on IRC alone.

Again, by requisite, this should be broadly guarded against; whether or not IRC is allowed. The presence of IRC should make no difference on whether or not there are some DoS countermeasures. DDoS is tough, you might have some excuse, but you have to be hanging out on the wrong side of the tracks and doing something truly god awful to get your ass DDoS'd for pissing someone off on IRC. Any kind of IRC DoS attack would be prompted by nothing but spite, merely to bring down the target as a temporary nuissance, launched at great legal risk to the attacker.

IRC servers are notoriously riotous places, I suppose thats true. Many attacks are inherent DDoS, so they are very difficult to ward against.

I'm glad you've got someone else's nice servers somewhere you can run IRC on, but you are my @#@#$@#$ connection matt, the only stable point I have on the net, and I'm pretty damned pissed I still dont have a reliable IRC connection available to me. Many of the coffee shops I habitate have problems with nat+ident and wont let me sign on at all.

I hope you understand that I and a number of my friends have joined under the impression that we will be able to run our irc clients through our servers at some point, that there was an impending change on the IRC ToS... you are our point of connection to the world, and we can do everything but talk with the world.

Let me redirect this here a bit, may I be so bold, but I dont actually think the dangers of IRC clients is even up for discussion here.

I'm a pretty laid back user, I know I'm getting a good deal, I appreciate the service, I can deal with hickups without freaking out. I enjoy being on unixshell, its great, and I've spread good word of mouth to bring you numerous other users. I'm not trying to be incidndiary, its just that on this one point I honestly feel like I'm being lied to. You mentioned in this thread (http://unixshell.com/forum/showthread.php?t=500&highlight=irc) on 10-26 that plans were in palce for an IRC link. Five months later and I'm still hearing the words "plans for irc", and still 'one of these months' with every update...

I, and I suspect many others, would be infinitely more happy to have you define the word "plans";

there are plans to bring in a Cogent link
-October 26, above-linked thread

The esoteric rule of buisnesses is that the buisness leaders are acting in good faith for their stakeholders, that they are harboring no purposeful ill intent against them. I understand technical difficulties plenty, I can excuse some of the comunication breakdowns ok, but I refuse to be led around like a rabbit chasing a carrot on a stick, refuse to sit around waiting for lies to materialize. And thats all I can assume, given the purpetual three months off status.

At some point there's going to be some actually fed up pissed off people unless we get a little communications here, get told whats up, unless something actually happens. As far as we know, Cogent linkup is still literally nothing more than a glimmer in your eyes. Straight up, what is the deal matt? Five months and nothing seems to have changed.

rektide

The official stance I will give you right now is that it is an idea only. If we brought in Cogent for IRC and forced the IRC ports through it, when that user is DoS'ed the attack will come on all our pipes. I was misunderstood at first and posted before thinking. Technically, I _could_ get this setup completed in 1-2 weeks after dealing with ARIN.

The problem arises is that our network uptime is spectacular and many companies (especially larger businesses) will not host on a network that encourages/allows IRC. You must not forget that unixshell# and TekTonic share the same network infrastucture and TekTonic definitely targets the larger companies.

unixshell# still provides a great (the best?) value for the price. If the IRC is such an issue a shell account could be bought for <$5/mo that is built for this.

Seeing as I have decided IRC will never be allowed on the main BGP mix, I could bring in my own connections to providers and have that be an "IRC only" network. I'd simply setup a rack with it's own switch, IP's, and uplink. This is also only an 'idea' as it costs money to do this. Money that may not be made back as only a handful of users require, or even want, IRC. There are much smarter places to throw money at right now.

I'm also not personally sure if I want to be paged throughout the night with high blood pressure due to someones online fight. While we have quite a few competent system engineers, I am still the sole network engineer.

This is by no means a 'no IRC' declaration, just my explaination and that nothing is in process yet so it is nothing more than an idea. Something such as allowing IRC client access, but no servers is an idea that may reduce DoS attacks. Another option is a monthly fee to be on the "IRC" network with no uptime guarantee.

thats kinda shitty, but about what i had started expecting. thanks for coming clean, trust me its better this way.