CTCP flood protection optionsProtection against CTCP flooding
|Here, you can configure the CTCP flood protection system.
The CTCP engine in IRC clients may be subject to an attack, called "CTCP flooding".
Basically, the attackers (usually there is more than one offending client) sends a stream of CTCP requests to the victim's client, and the client attempts to respond to all requests by sending a stream of replies to the server, which causes the server to disconnect the user due to "excess flood" for sending too many messages before the server can process them.
Many user defined scripts choose to completely ignore all the CTCP requests in order to prevent such attacks.
KVIrc offers an alternative method that allows you to take advantage of the CTCP protocol and at the same time prevent the flood attacks.
The method is really simple: The client will only respond to a limited number of CTCP requests within a specified time interval.
The "Use flood protection" option enables this protection method.
In the "Allowed up to" field you should enter the maximum number of CTCP requests that KVIrc should respond to within the interval of time defined in the second field.
A strong protection against floods would be replying to 4 requests every 20 seconds.
The minimum effective setting is about 3 messages every 6 seconds.
Please note that 3 messages every 6 seconds is NOT the same as 10 messages every 20 seconds; the first setting would allow 3 requests within one second, but the client would ignore all the requests for the next 5 seconds, the second setting would allow 10 messages within one second and ignore everything for the next 19 seconds. Therefore, 3/6 is a safer setting.
The maximum protection you can set is 0 messages within any number of seconds; in that case any CTCP request will be considered a flood and ignored.
You can also decide to ignore specific CTCP requests. For example, if you don't want to reply to PING requests, just select "PING" under the "Ignored Requests" section.
Some specific protection options can be set also in other CTCP options sections: see the ctcp avatar protocol options and ctcp dcc protocol options.