A new Eggdrop release welcomes in the new year. 1.6.8 is described as
having a lot of small fixes, read guppy's release
message for more information. You can download Eggdrop 1.6.8 from
one of the following locations:
Note that *BSD users should read this
little update for info on possible compiling errors.
22 December, 2001
An article originating from Reuters
which describes Eggdrop as a Denial of Service tool has appeared on
several news services, including CNET.
The article reports that a large number of vendors with the CCBill payment
service installed on their web servers have been hacked. Less ambiguous
articles about what happened can be found here
Following the theft of credit card numbers, hackers (or 'crackers', for
the more technically literate) have installed some form of Eggdrop onto
these web servers. The bots, which all sit on a particular IRC channel,
can then be used to coordinate distributed DoS attacks from the hacked
servers. The practice of utilising IRC bots in DDoS attacks has been
described at grc.com
(another article which ignorantly labels IRC bots as nothing more than DoS
tools, but is otherwise informative).
It is an unfortunate fact that a significant number of people have
utilised Eggdrop for malicious purposes over the years. Originally, this
was contained within the bounds of IRC itself - bots such as Eggdrop were
often used in attacks on channels and other users or bots. Today, this
abuse has expanded to have an impact outside of IRC, and ranges from
illegal distribution of software to distributed DoS attacks. Although I
consider the number of abusive users to be in the minority, it is
nonetheless a significant one and it is they who have given Eggdrop a bad
What is more significant, however, is the majority of Eggdrop users.
Eggdrop is used on thousands of IRC channels to help provide and maintain
a stable environment for people to communicate. The bot also expands
functionality of this environment by storing a list of regular users and
the time they were last seen, saving and recalling frequently-requested
information, hosting trivia games, displaying up-to-date financial
information, and so on. Many people incorporate their own additional
functions into the bot, and gain programming experience from doing so.
These things are what Eggdrop is all about, and indeed, Eggdrop itself has
never been capable of launching any type of significant attack. Rather,
abusive users take advantage of Eggdrop's IRC and botnet abilities to
avoid having to recreate this functionality, then add the abusive tools
themselves in exactly the same way one may install a copy of Microsoft
Visual Basic and create a cracking tool with it.
The existence of malicious users and their actions are not Eggdrop's
fault, nor are they the victim's fault. The responsibility lies solely
with the abusers, and it is they alone who deserve a bad reputation.
16 December, 2001
After having fallen behind with the Tcl Archive
updates once again, there's been big update today with the addition of 12
new scripts, including an important security update for LoL's TooLz users.
Although I aim for updates to the archive on a weekly basis, it is
sometimes delayed due to lack of time.
It seems as though an old MIME type problem with .tar.gz and .tgz file
downloads may be rearing its ugly head. If you have problems opening these
types of files after downloading them, please let
me know what browser you're using to help me figure out whether
there's a problem with the site or specific browsers.
9 December, 2001
Eggdrop 1.6.7 has been released! The new version is described as one of
the biggest in terms of bug fixes. For full details on this release, read
guppy's release message.
Download Eggdrop 1.6.7 from one of the following locations.
Note that I believe the new uptime module is inadequately documented
given the privacy concerns people may have about it, and the fact that it
is enabled by default. It is expected that 1.6.8 will improve the
documentation, but in the meantime, I've created a uptime
module description outlining what the uptime module does and how
to disable it if you wish to do so.