diff options
| author |   William Heimbigner <william.heimbigner@gmail.com> | 2012-02-27 03:43:24 +0000 |
|---|---|---|
| committer | William Heimbigner <william.heimbigner@gmail.com> | 2012-02-27 03:43:24 +0000 |
| commit | 49db3ff82276a08185a1528acd299137645586ba (patch) | |
| tree | 161189a96e104363ba3de73d23380fcd4087d9eb /config-default | |
| parent | fdf8435a6e7d1ad9f5b1f55e38c5ea7506fe7de1 (diff) | |
maintenance checkin and some new/tweaked rules
Diffstat (limited to 'config-default')
| -rw-r--r-- | config-default/channels.xml | 86 |
1 files changed, 69 insertions, 17 deletions
diff --git a/config-default/channels.xml b/config-default/channels.xml index f13fe2a..4a68575 100644 --- a/config-default/channels.xml +++ b/config-default/channels.xml @@ -1,5 +1,7 @@ <channels> - <channel id="##English" /> + <channel id="##English"> + <hilights></hilights> + </channel> <channel id="##asb-debug" monitor="no"> <hilights></hilights> </channel> @@ -24,14 +26,19 @@ <hilights></hilights> <msgs></msgs> </channel> - <channel id="##english" op="no" silence="yes" /> + <channel id="##english" op="no" silence="yes"> + <hilights></hilights> + <msgs></msgs> + </channel> <channel id="##hamradio" silence="yes"> <hilights></hilights> <msgs> <debug>##hamradio-ops</debug> </msgs> </channel> - <channel id="##hamradio-ops" op="no" /> + <channel id="##hamradio-ops" op="no"> + <hilights></hilights> + </channel> <channel id="##linux" silence="yes"> <hilights> <disable>ST47</disable> @@ -143,6 +150,7 @@ <low>PriceChild</low> <low>werdan7</low> <low>dax</low> + <low>D[_]</low> <medium>ompaul</medium> <medium>mrmist</medium> </hilights> @@ -163,6 +171,10 @@ <info>#ubuntu-ops-monitor</info> </msgs> </channel> + <channel id="#haskell" op="no" silence="yes"> + <hilights></hilights> + <msgs></msgs> + </channel> <channel id="#httpd"> <hilights></hilights> <msgs></msgs> @@ -191,12 +203,19 @@ <debug>#wikimedia-ops</debug> </msgs> </channel> + <channel id="#noisebridge" op="no" /> <channel id="#osdev"> <hilights> <low>tomaw</low> </hilights> <msgs></msgs> </channel> + <channel id="#persian" op="no"> + <hilights></hilights> + </channel> + <channel id="#persians" op="no"> + <hilights></hilights> + </channel> <channel id="#reddit"> <hilights> <debug>KyleXY</debug> @@ -217,7 +236,10 @@ <debug>#reddit-priv</debug> </msgs> </channel> - <channel id="#reddit-priv" op="no" /> + <channel id="#reddit-priv" op="no"> + <hilights></hilights> + <msgs></msgs> + </channel> <channel id="#rubyonrails"> <hilights></hilights> <msgs></msgs> @@ -234,15 +256,33 @@ <info>#ubuntu-ops-monitor</info> </msgs> </channel> + <channel id="#ubuntu-fr" op="no"> + <hilights></hilights> + <msgs> + <info>#ubuntu-fr-ops-log</info> + </msgs> + </channel> + <channel id="#ubuntu-fr-ops-log" op="no"> + <hilights></hilights> + </channel> + <channel id="#ubuntu-fr-ops-logs" op="no"> + <hilights></hilights> + </channel> <channel id="#ubuntu-ops-monitor" monitor="no"> <hilights></hilights> <msgs></msgs> </channel> + <channel id="#wikia"> + <hilights> + <info>charitwo</info> + </hilights> + </channel> <channel id="#wikia-dev"> <hilights></hilights> </channel> <channel id="#wikileaks"> <hilights></hilights> + <msgs></msgs> </channel> <channel id="#wikimedia" silence="yes"> <hilights> @@ -256,6 +296,8 @@ <debug>Thehelpfulone</debug> <debug>Tanvir</debug> <debug>jeremyb</debug> + <info>charitwo</info> + <info>log</info> </hilights> <msgs> <debug>#wikimedia-ops</debug> @@ -268,6 +310,7 @@ <debug>Tanvir</debug> <debug>log</debug> <debug>Thehelpfulone</debug> + <debug>Snowolf</debug> <low>Kanonkas</low> </hilights> <msgs> @@ -286,6 +329,7 @@ <debug>Logan_</debug> <debug>jeremyb</debug> <debug>AfterDeath</debug> + <info>charitwo</info> <low>slakr</low> </hilights> <msgs> @@ -313,11 +357,19 @@ </msgs> </channel> <channel id="#wikimedia-stewards"> - <hilights></hilights> - <msgs></msgs> + <hilights> + <debug>Barras</debug> + <debug>PeterSymonds</debug> + </hilights> + <msgs> + <debug>#wikimedia-ops</debug> + </msgs> </channel> <channel id="#wikimedia-tech" silence="yes"> - <hilights></hilights> + <hilights> + <debug>Thehelpfulone</debug> + <debug>Snowolf</debug> + </hilights> <msgs> <low>#wikimedia-ops</low> </msgs> @@ -461,6 +513,7 @@ <low>KFP</low> <low>chzz</low> <low>Gfoley4</low> + <low>sonia</low> </hilights> <msgs> <debug>#wikimedia-ops</debug> @@ -474,8 +527,8 @@ </channel> <channel id="default" /> <channel id="master"> - <event id="advflood" class="advsplitflood" reason="advanced distributed flooding" risk="debug" type="public,part,caction">5:3</event> - <event id="ahbl" class="dnsbl" reason="host $evhost is in dnsbl.ahbl.org ( $xresult )" risk="info" type="join" xresult="Open proxy cat 1">dnsbl.ahbl.org</event> + <event id="advflood" class="advsplitflood" reason="advanced distributed flooding" risk="low" type="public,part,caction">5:3</event> + <event id="ahbl" class="dnsbl" reason="host $evhost is in dnsbl.ahbl.org ( $xresult )" risk="info" type="join">dnsbl.ahbl.org</event> <event id="anontalk1" class="re" reason="anontalk.com spam" risk="medium" type="public">(?i)w(.?)w\1w\1?.\1?a\1n\1o\1n\1t\1a\1l\1k\1?.\1?c\1o\1m</event> <event id="autoremove" class="re" reason="on chanserv autoremove" risk="info" type="part">^requested by ChanServ</event> <event id="blacklist" class="strbl" reason="sending message containing blacklisted content" risk="low" type="public,part,quit,caction">blah</event> @@ -488,15 +541,16 @@ <event id="dcc-topic" class="re" reason="setting a bad topic" risk="medium" type="topic">\bDCC SEND </event> <event id="debugme" class="re" reason="sending a string designed to trigger a debug test alert, disregard this" risk="debug" type="public">debugantispambotdebug</event> <event id="dronebl" class="dnsbl" reason="host $evhost is in dnsbl.dronebl.org ( $xresult )" risk="info" type="join">dnsbl.dronebl.org</event> - <event id="efnetbl" class="dnsbl" reason="host $evhost is in rbl.efnetrbl.org ( $xresult )" risk="info" type="join" xresult="Open proxy">rbl.efnetrbl.org</event> + <event id="efnetbl" class="dnsbl" reason="host $evhost is in rbl.efnetrbl.org ( $xresult )" risk="info" type="join">rbl.efnetrbl.org</event> <event id="genspam1" class="re" reason="generic spamming" risk="debug" type="public">([^ ]{4,} +)\1{5,}</event> <event id="genspam2" class="re" reason="generic spamming v2" risk="debug" type="public,caction">^(?:([A-Za-z0-9,.])(?!\1\1)){30,}$</event> + <event id="gnaa-topic" class="re" reason="setting a GNAA topic" risk="medium" type="topic">(?i)\bgnaa\b</event> <event id="gnaaquit" class="re" reason="quitting with a GNAA message" risk="medium" type="quit">(?i)\bgnaa\b</event> <event id="joinflood" class="floodqueue" reason="join flood (5 joins in 20 seconds)" risk="medium" type="join">5:20</event> <event id="keylogger" class="re" override="keylogger-medium" reason="using the norton start-key-logger exploit" risk="high" type="public">^startkeylogger$|^stopkeylogger$</event> <event id="keylogger-medium" class="re" reason="using the norton start-key-logger exploit" risk="medium" type="public">\bstartkeylogger\b|\bstopkeylogger\b</event> <event id="last_measure_regex" class="re" reason="posting what appears to be a last measure link" risk="high" type="public">(?i)(http://(\S+\.)?on\.nimp\.org|http://(\S+\.)?feenode.net|http://wikipaste\.eu|http://(\S+\.)?bioghost\.com|http://(\S+\.)?on\.zoy\.org|http://(lastmeasure|dirtysanchez|doom3|freeipods|halflife2|halo2|lastmeasure4|lastmeasureunified|softmeasure|traceroute)\.zoy\.org)</event> - <event id="levenflood" class="levenflood" override="flood-5to3" reason="levenshtein flood match" risk="debug" type="public">contentisuseless</event> + <event id="levenflood" class="levenflood" override="flood-5to3" reason="levenshtein flood match" risk="low" type="public">contentisuseless</event> <event id="massflood" class="splitflood" reason="distributed flooding" risk="high" type="public,part,caction">4:4</event> <event id="nickspam" class="nickspam" reason="nickspamming" risk="high" type="public">60:10</event> <event id="njabl" class="dnsbl" reason="host $evhost is in dnsbl.njabl.org ( $xresult )" risk="info" type="join">dnsbl.njabl.org</event> @@ -506,15 +560,13 @@ <event id="proxybl" class="dnsbl" reason="host $evhost is in dnsbl.proxybl.org" risk="info" type="join">dnsbl.proxybl.org</event> <event id="redarmyoflol" class="re" reason="parting with 'red army of lol'" risk="low" type="part">RED ARMY OF LOL</event> <event id="sms_spam" class="re" reason="spam link / virus" risk="low" type="public">\.com/sms.exe</event> - <event id="sorbsbl" class="dnsbl" reason="host $evhost is in dnsbl.sorbs.net ( $xresult )" risk="info" type="join" xresult="HTTP Proxy">dnsbl.sorbs.net</event> + <event id="sorbsbl" class="dnsbl" reason="host $evhost is in dnsbl.sorbs.net ( $xresult )" risk="info" type="join">dnsbl.sorbs.net</event> <event id="suckmynick" class="re" reason="using a potentially offensive nick" risk="low" type="join">(suck.*dick)</event> <event id="wikifags2" class="re" reason="saying 'sure are a lot of wikifag'..." risk="low" type="public">(?i)^sure are a ?lot of .*fags? in here</event> - <event id="xchatexploit" class="re" reason="using an x-chat for windows unicode exploit" risk="high" type="public,part,quit,caction" xresult="1">󠁟</event> + <event id="xchatbroad" class="re" reason="using an x-chat for windows unicode exploit (broad detection version, may be error prone)" risk="low" type="public,part,quit,caction">[ð-÷][€-¿]{3}</event> + <event id="xchatexploit" class="re" override="xchatbroad" reason="using an x-chat for windows unicode exploit" risk="high" type="public,part,quit,caction">󠁟</event> <hilights> - <debug>ST47</debug> - <debug>pctony</debug> - <debug>SeJo</debug> - <debug>Corey</debug> + <info>Corey</info> <low>marienz</low> <low>mrmist</low> <medium>dave2</medium> |