From e3ffe49bbee924f904edcceb0aadad841200555d Mon Sep 17 00:00:00 2001 From: w00t Date: Sun, 21 Oct 2007 18:05:22 +0000 Subject: Add a 10 second penalty on failed oper-up. This may seem a little extreme, but people shouldn't be failing anyway, so I think this is a legitimate thing to do. Helps prevent brute-forcing of oper logins. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@8265 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/cmd_oper.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cmd_oper.cpp b/src/cmd_oper.cpp index 1af42fffa..8fa5d9382 100644 --- a/src/cmd_oper.cpp +++ b/src/cmd_oper.cpp @@ -125,7 +125,10 @@ CmdResult cmd_oper::Handle (const char** parameters, int pcnt, User *user) if (!match_hosts) fields.append("hosts"); } + + // tell them they suck, and lag them up to help prevent brute-force attacks user->WriteServ("491 %s :Invalid oper credentials",user->nick); + user->IncreasePenalty(10); snprintf(broadcast, MAXBUF, "WARNING! Failed oper attempt by %s!%s@%s using login '%s': The following fields do not match: %s",user->nick,user->ident,user->host, parameters[0], fields.c_str()); ServerInstance->SNO->WriteToSnoMask('o',std::string(broadcast)); -- cgit v1.2.3