لطفا منتظر باشید ...
Hack 84 Timestamp with the TS Protocol
Master the TS Protocol to prevent people fromexploiting the situation when servers relink after a netsplit has
broken the IRC network into separate parts.
Any large global network experiences
occasional problems. In the case of IRC, they're
seen on a regular basis. All it requires is a route flap out of MCI
in New York, a fiber-optic cable cut from SBC in Chicago, or an ATT
core router crash in London, and you've got problems
getting packets from one server to another.When a server can't talk to another, they sever
their connection and create a netsplit.
Sometimes a netsplit can affect a single server that splits from its
hub, but sometimes a netsplit is between two hubs, leaving two large
chunks of the IRC network disconnected.In either case, life goes on regardless of which side of that split
you're on. People keep chatting; mode changes keep
happening; nick changes keep occurring. The real problem comes when
the network comes back together and anything that's
changed on the other side of the split has to be reconciled and the
data resynced.The Timestamp, or TS, Protocol was first written and released by
Carlo "Run" Wood on June 28, 1993,
and was first implemented on Undernet on July 1, 1993. Its purpose
was to ease that reconciliation process and reduce the possibility of
someone taking over channels and nicks through netsplit hacks and
nick collisions.
13.8.1 Before TS
Anarchy ruled in the days before TS.
You could have whatever channel or nick you wanted, with the exercise
of resources and ingenuity. Simply wait for a netsplit (or create
your own by splitting a server), change to the nick you wanted, or
re-create the channel you wanted ops in on your side of the split,
and be ready to get your nick or perform a mass de-op when the
servers rejoined.Here's an example of a nick collision attack:
<MeanGuy> I'm going to take your nick!Then sometime later, a netsplit occurs:
<BBS> No, it's mine.
<Otherguy> That's not nice.
<MeanGjupe> This is my clone, it will help.
*** BBS has left IRC (irc.choopa.net remote.server.com)Note that the nick collision of BBS happened on both sides of the
*** Otherguy has left IRC (irc.choopa.net remote.server.com)
* MeanGjupe is now known as BBS
<MeanGuy> Haha, now my evil minion, you will sacrifice yourself in the reconnect!
*** BBS has left IRC (Killed (Nick Collision))
* Otherguy (og!some.where.com) has joined #windows
* MeanGuy is now known as BBS
<BBS> Haha! I am victorious!
<Otherguy> You really are mean :(
* RealBBS (BBS!bbs.choopa.net) has joined #windows
* MeanGjupe (mean!evil.minion.org) has joined #windows
<RealBBS> Hey! I got killed by remote.server.com for nick collision!
<BBS> You did well my evil jupe bot, this nick is now mine!
network, so the first person to grab the nick after the KILL was
issued gets the nick and can keep it.Now, on to an example of a channel
takeover:
<MeanGuy> You may have gotten your nick back, but now I will take the channel!Then sometime later, the inevitable netsplit occurs:
<BBS> This again, don't you quit?
<MeanGdeop> This is my mass de-op bot, it will help me rule the world!
*** BBS has left IRC (irc.choopa.net remote.server.com)With an automated client set to de-op everyone except its master,
*** Otherguy has left IRC (irc.choopa.net remote.server.com)
<MeanGuy> Go my minion, it's time to cycle the channel!
* MeanGdeop (mean!evil.minion.org) has left #windows
* MeanGuy (mean!doctor.evil.edu) has left #windows
* MeanGuy (mean!doctor.evil.edu) has joined #windows
* irc.choopa.net sets mode: +nt
* irc.choopa.net sets mode: +o MeanGuy
* MeanGdeop (mean!evil.minion.org) has joined #windows
* MeanGuy sets mode: +o MeanGdeop
<MeanGuy> Now we have ops on this side of the split. Prepare for mass de-op!
<MeanGdeop> Yes, my evil master.
* Otherguy (og!some.where.com) has joined #windows
* BBS (BBS!bbs.choopa.net) has joined #windows
* irc.choopa.net sets mode: +oo BBS Otherguy
* MeanGdeop sets mode: -oo Otherguy BBS
<MeanGuy> Mwahaha! The channel is now mine!
<BBS> My lord, you're mean! :(
taking the channel was child's play.
13.8.2 TS Saves the Day
Two ideas were thought up for
combating nick and channel wars. These were Delay and TS.Delay required the
individual servers to keep track of what channels and nicks were in
use during a split and set a delay before someone could re-create the
channel or use the nick. In the end, the idea was turned down for
many reasons, not the least of which was that a small leaf server
that normally handled 500 clients could, all of a sudden, be required
to track 15,000 nicks on a large network. Frankly, it was a resource
hog.The second idea, which was widely adopted, is TS, or timestamping.
Every time a nick or channel is created, it's
assigned a timestamp correlating to the time of creation. If you
started a channel on July 23, 1998, the channel was never closed, and
at least one server was always around to keep it alive, it would
retain that timestamp forever.Upon a server splitting, instead of a server having to keep track of
every nick and channel on the network, the server has to manage only
the timestamps on the local server. When the servers relink and
reconciliation is performed, the TS of the local nick/channel is
compared to the TS of the remote nick/channel, and whichever has the
older TS takes precedence.Now, let's replay the preceding
nick
collision after the implementation of TS:
<MeanGuy> I'm going to take your nick!With TS, only the newer version of BBS was killed. The original gets
<BBS> No, it's mine.
<Otherguy> That's not nice.
<MeanGjupe> This is my clone, it will help.
*** BBS has left IRC (irc.choopa.net remote.server.com)
*** Otherguy has left IRC (irc.choopa.net remote.server.com)
* MeanGjupe is now known as BBS
<MeanGuy> Haha, now my evil minion, you will sacrifice yourself in the reconnect!
*** BBS has left IRC (Killed (new))
* BBS (BBS!bbs.choopa.net) has joined #windows
* Otherguy (og!some.where.com) has joined #windows
<MeanGuy> No! My minion has been killed and I have been defeated!
<BBS> Stealing isn't the way to win MeanGuy, get your own three-letter nick!
<Otherguy> Yay! The side of good wins!
<MeanGuy> I would have succeeded if it wasn't for that meddling TS!
* MeanGuy (mean!doctor.evil.edu) has left #windows
to keep her nick and keep on chatting without having to reconnect.Now, let's take a look at that
channel takeover:
<MeanGuy> I may have failed at getting your nick, so instead I'll take yourThis time, the channel takeover never had a chance. TS did exactly
entire channel!
<BBS> This again, don't you quit?
<MeanGdeop> This is my mass de-op bot, it will help me rule the world!
*** BBS has left IRC (irc.choopa.net remote.server.com)
*** Otherguy has left IRC (irc.choopa.net remote.server.com)
<MeanGuy> Go my minion, it's time to cycle the channel!
* MeanGdeop (mean!evil.minion.org) has left #windows
* MeanGuy (mean!doctor.evil.edu) has left #windows
* MeanGuy (mean!doctor.evil.edu) has joined #windows
* irc.choopa.net sets mode: +nt
* irc.choopa.net sets mode: +o MeanGuy
* MeanGdeop (mean!evil.minion.org) has joined #windows
* MeanGuy sets mode: +o MeanGdeop
<MeanGuy> Now we have ops on this side of the split. Prepare for mass de-op!
<MeanGdeop> Yes, my evil master.
* irc.choopa.net sets mode: -oo MeanGuy MeanGdeop
-irc.choopa.net:#windows- *** Notice -- TS for #windows changed from
1078875452 to 1078875451
* Otherguy (og!some.where.com) has joined #windows
* BBS (BBS!bbs.choopa.net) has joined #windows
* irc.choopa.net sets mode: +oo Otherguy BBS
<MeanGuy> Foiled again! I hate you TS!
<BBS> The good guys win again.
<OtherGuy> Yeah, go start your own channel, evildoer!
<MeanGuy> You may have won this time, but I'll be back!
<MeanGuy> Come, my evil minion!
* MeanGuy (mean!doctor.evil.edu) has left #windows
* MeanGdeop (mean!evil.minion.org) has left #windows
what it was supposed to do, and the channel goes on its happy
existence.
13.8.3 Interesting TS Facts
You can see the
timestamp of a channel by
issuing a /mode
#channel command with no arguments:
/mode #windowsTS is based on Unix timestamps, which use a decimal number to
#windows +tnl 111
#windows created on Thu Jul 12 08:04:37 2001
represent the number of seconds that have elapsed since midnight of
January 1, 1970, GMT. IRC servers are required to use a time sync
protocol like NTP. Modern ircds
won't even link if the time on both servers differs
by more than a second.TS was not always impossible to get around. In versions of TS up
until about 2002, it was possible to join a channel at the exact
moment a network rejoin was being reconciled and be given ops in the
channel. Many channels were taken that way, or opless channels were
restored with ops.In at least one case on EFnet, a server was hacked and reintroduced
to the network after the time on the server had been rolled back to
January 1. Upon relinking to EFnet, any channel the hackers wanted
was literally handed to them by the servers that saw the hacked
server with the older TS. #twilight_zone, an old operator channel on
EFnet still has a TS of 1 from the incident:
/modeA great deal of information on
#twilight_zone
#twilight_zone +stin
#twilight_zone created on Thu Jan 1 00:00:01 1970
the technical aspects of TS can be found on Roger
Espel's site at http://www.iagora.com/~espel/ircd/Undernet-TS.
He played a major part in developing some of the later versions of
TS.If you're looking for TS for your IRC network,
it's now used in every modern
ircd. I prefer
ircd-ratbox,
which you can get at http://www.ircd-ratbox.org. Hunter Pine
