$Id: BOTNET,v 1.21 2006-03-27 06:48:58 wcc Exp $

Botnet Sharing and Linking
Last revised: June 4, 2002
    _____________________________________________________________________

                         Botnet Sharing and Linking


  The purpose of this document is to show you what a botnet is and how it
  could be useful to you. It also covers botflags userfile sharing.

  Contents:
    1. Terms
    2. What is a botnet?
    3. Adding and linking bots
    4. Using botflags
    5. Making bots share user records


  1. Terms

    The following are some common terms used in this document:


      Botnet
        A botnet consists of one or more bots connected together.


      Link
        Link is the term used to describe a bot connecting to another bot.


      Hub
        A bot is described as a hub-bot if one or more bots are linked to
        it.


      Leaf
        A leaf is a non-hub bot connecting to a hub-bot. A leaf has only
        one other bot connected to it, its hub. Leaf bots can be assigned
        the "l" botflag to prevent other bots from linking to them.


      Link Bot
        A link-bot is a bot that is linked to another bot. It may or may not
        be a hub-bot.


      Share
        Share is the term used to describe the sharing of user records.


      Share Bot
        A share-bot is a bot which shares user records with one or more
        linked bots.


      Aggressive Share
        Aggressive share is a term used to describe the direction of sharing
        user-files. Aggressive share bots will SEND userfiles to another passive
        bot.


      Passive Share
        Passive share is a term used to describe the direction of sharing
        user-files. Passive share bots will accept userfiles from an aggressive
        share bot.

        Example bottree:

          BotA
            |-+BotB
              `-+BotC

          BotB is linked to a master sharebot, BotA, and a slave sharebot,
          BotC. BotB shares passively with [receives from] BotA and shares
          aggressively with [sends to] BotC.


      Bot Flags
        Flags are attributes that determine what a bot can or is allowed to do.
        Flags can be either global (such as +s) or channel specific (such as
        |+s #lamest). See '.help botattr' for help with setting these flags.

        The following is a list of valid bot flags:

          s   share aggressively (SEND userfile to a passive bot)
          p   share passively (ACCEPT userfile from an aggressive bot)
          g   global share (share all channels)
          h   hub (automatically link to this bot)
          a   alternate (automatically link to this bot if the hub bot can't be
              linked)
          l   leaf (bot is not allowed to link in other bots)
          r   reject (bot will not be allowed to link)
          i   isolate (isolate the party line across a bot link)
          0-9 user defined flags



      Address
        The physical address, containing the address and port of the bot.
        For example: lame.org:3333. You can change a bot's address with
        ".chaddr <botname> <hostaddress:botport[/userport]>".


      Relay Port
        The relay port number of the bot is defined in the config file. Note
        that you can define one port for bots and another for user connections.


      Relay
        A relay connection is used to relay (jump) to another bot via telnet
        or DCC chat. You can relay to another bot even if the remote bot is
        not linked. You can use ".relay <botname>" to relay to another bot.


      Port
        The telnet port is used by the bot to communicate with other bots
        and/or users. Note that you can define separate ports for user and
        bot connections.


  2. What is a botnet?

    A botnet consists of one or more bots linked together. This can allow
    bots to op each other securely, control floods efficiently, and share
    user lists, ban lists, exempt/invite lists, and ignore lists (if sharing
    is enabled).


  3. Adding and linking bots

    With the common terms out of the way, we can start with the process of
    linking two bots. Before you start, you need to know the address and
    port of each bot you wish to link.

    Here is an example scenario:

      BotA is on lame.org listening on port 3333, and BotB is on irc.org
      listening on port 4444. First, you have to add each Bot to the other's
      userfile. On BotA, you would type '.+bot BotB irc.org:4444'. If BotB is
      on a common channel with BotA, BotB's hostmask is automatically added.
      Otherwise, you have to add the hostmask manually with the '.+host'
      command. On BotB, you would type '.+bot BotA lame.org:3333'.

      At this point, you can link the two bots by typing '.link BotA' on BotB (or
      '.link BotB' on BotA). The bots will now give themselves random passwords
      which are *not* stored encrypted in the userfile. Note that you can link as
      many bots as you wish to your botnet.


  4. Using botflags

    Botflags are needed to assign special functions and tasks to your bots.
    Bot flags are set with the '.botattr' command. See '.help botattr' for
    help with this command. The following is a list of botflags and their
    functions:

      "h" (hub)
        If you want your bot(s) to automatically link/relink, you can assign
        the +h botflag each bot's hub. Note that if you set multiple bots +h,
        the bot only attempts to link to one.


      "a" (alternate)
        If your bots are, for some reason, unable to link to their hub, they
        will attempt to connect to an alternate hub. You can assign a bot as
        an alternate hub by giving it the +a botflag.


    "l" (leaf)
      This flag, assigned to a link bot, will prevent the link bot from linking
      other bots to your botnet.


      "r" (reject)
        If you assign this flag to a link bot, the link bot will not be allowed
        to link to the botnet.


      "i" (isolate)
        This flag isolates a link bot's partyline from the rest of the botnet.
        Anything said on the link bot's partyline won't appear on the rest of
        the botnet.


      "s" (SEND userfile to)
        +s   Giving a link bot this flag will make the bot share aggressively
             with the link bot. See 'Aggressive Share' in section 2 of this
             document for more information on aggressive sharing.

        |s     +s bots need this flag for each channel you want to share.


      "p" (ACCEPT userfile from)
        Giving a link bot this flag will make the bot share passively with
        the link bot. See 'Passive Share' in section 2 of this document for
        more information on passive sharing.


      "g" (global share)
        This flag allows the sharing of all channels with a link bot.


      "0-9" (user-defined)
        These 10 flags are user-defined can be used by scripters.


  5. Making bots share user records

    Before you start preparing your bots for sharing, make sure that
    you've loaded the transfer and share modules. You also have to ensure
    that each channel you wish to share is set +shared (see '.help
    chanset' and '.help chaninfo').

    By using specific botflags, you can cause your bot to share
    aggressively with some link bots, and passively with others. For
    sharing to work, flags must be set properly on both the passive and
    the aggressive bots. An aggressive  bot will not share userfiles with
    another aggressive bot; a passive bot will not share userfiles with
    another passive bot.

    First off, let's say we have two bots we want to link. We will
    call one Lamestbot, and the other Lameshare. The first thing that needs
    to be done is each bot needs the other bot added to its user record.
    Your botnet should have a hub bot. This will have them connect
    automatically whenever they are started. Without a hub, you would have to
    manually link them with the .link command. For this situation we will
    make Lamestbot the hub for our small botnet. Let's also use a channel
    called #eggdrop as the one we want to share user channel flags with. Do
    the following:

      On Lamestbot:

        .+bot Lameshare eggdrop.com:3333 (This command adds a user record to
        Lamestbot for Lameshare. Lameshare is running from eggdrop.com and is
        on port 3333. If Lameshare were to have a separate port for users/relays
        we would just add a '/' and the port number, i.e. 3333/5555.)

        .botattr Lameshare +s (This tells us that Lamestbot will only send
        user files to Lameshare; Lameshare will not send them to it.)

        .botattr Lameshare |s #eggdrop (this sets up sharing of the channel
        flags for #eggdrop between the bots. Without this, they will not share
        channel flags only global flags for the users.)

      On Lameshare:

        .+bot Lamestbot best.com:3333/5555 (Again this will add a user on
        Lameshare called Lamestbot with the domain of best.com. The bot has
        two ports, 3333 for bot communications and 5555 for users/relays.)

        .botattr Lamestbot +hp (This command sets Lamestbot as the hub and
        also as a passive share, which means Lameshare will accept user files
        from Lamestbot.

        .botattr Lamestbot |s #eggdrop (This sets #eggdrop as a share channel.)

      Our botnet:

       Lamestbot
         `-+Lameshare

      Let's add a third bot called beldin to this scenario:

      On Lamestbot:

        .+bot beldin llama.com:3333

        .botattr beldin s|s #eggdrop (Notice how i piped (the | character)
        the channel flag also saving time.)

      Also note that you don't have to add beldin on Lameshare. Since
      they are already sharing, it was added automatically. The one thing that
      you should note is that no bot flags will be shared. If you set beldin as
      +s (Aggressive share) on the hub (Lamestbot) he will not be set on the
      other bots as that. The same with the channel +s flag. All other flags
      will be shared such as the o, f, etc. Now that we have three bots, we
      can also set up one as an alternate hub. The alternate hub is the bot
      that the bots will auto-connect to in the event the hub goes down or
      is unreachable.

      Let's make beldin an alternate hub for our little botnet.

    On Lameshare:

      .botattr beldin +a

    That's all there is to it. Again, since bot flags are not shared,
    you would have to add the bot flag +a for beldin on them all. The only
    ones you would not have to do this on are beldin and the hub (Lamestbot).
    Of course, if you had more bots, you would have to add beldin as a +a on
    them, but you would not do it on the hub or beldin.

    Our botnet:

      Lamestbot
        |-+beldin
        `-+Lameshare
    _____________________________________________________________________

  Copyright (C) 1999 - 2006 Eggheads Development Team