What to do when your mush is attacked

Ashen-Shugar

Ok, I've seen people ping a few times on here asking how to go about blocking people who are attacking their game, so I'll cover TinyMUSH3, PennMUSH, MUX2, and RhostMUSH on ways to cockblock attackers on your games. Please keep in mind my knowledge on Penn, TM3, and MUX is a wee bit rusty, but I'm fairly certain I've covered the majority.

I also placed links at the end of this document to point to various tutorials on learning MUSH code, Ruby, and Python (for AresMUSH and Evennia respectively) which should prove helpful for those new to mushing.

-----------------------------------------------------------------------------------------------------------------
First, TinyMUSH3:
TinyMUSH3 allows the base set that MUX2 allows, and some additional features customized for the codebase.

Site Restrictions:
Syntax ingame: @admin <param>=<IP> <MASK>
Syntax tinymush.conf file: <param> <IP> <MASK>

Parameters:
forbid_site -- forbid the IP from connection entirely
guest_site -- allow guests from the IP
register_site -- forbid new player creation from the IP
suspect_site -- mark connections with the SUSPECT flag

Example: (assume player is from IP 12.12.20.200)

@admin guest_site=12.12.20.0 255.255.255.0

This blocks all IP's from 12.12.20.1 through 12.12.20.255 which is the preferred start for blocking since most people have DYNAMIC IP addresses and not STATIC IP addresses.
NOTE: TinyMUSH3 allows CIDR (/24 instead of 255.255.255.0) notation from TinyMUSH 3.2 on.

Keep in mind @admin is NOT persistent. When you reboot or restart your mush, those values are no longer there. To make them permanent you need to use the .conf file method.
Example:

forbid_site 12.12.20.0 255.255.255.0
forbid_site 12.12.20.0 /24

To make any .conf file change take effect, the system will have to be @restarted.

Now for Limits:
To set:

@admin command_recursion_limit=50

or in your .conf file

command_recursion_limit 50

command_recursion_limit (default 50) -- number of commands that can be nested from another command
command_invocation_limit (default 2500) -- number of commands that can be called in a single command queue
function_cpu_limit (default 60) -- amount of time, in seconds, that a command is allowed to process. Anything over this will be aborted.
function_invocation_limit (default 2500) how many functions can be called from a single command
function_recursion_limit (default 50) how many times a function can call itself
instance_limit (default 100) -- this has to do with TM3's construct feature and limits the amount of memory-based structures allowed in-game
lock_recursion_limit (default 20) -- amount of times a lock is allowed to be called
notify_recursion_limit (default 20) -- number of times notify() can be called recursively. Notify() is an internal call to TinyMUSH3 that handles the messaging bus. So it's essentially a low-level run away process handler for potential bad coding
player_queue_limit (default 100) -- total number of queue entires a player may have at any one time
player_alias_limit (default 10) -- total number of @aliases a player may have
propdirs_limit (default 10) -- PROPDIR in TinyMUSH3 is in effect a localized 'parent' you can assign an object to inherit attributes from a list of dbref#'s. Kinda silly, but there we go.
register_limit (default 50) -- amount of setq registers a player can define
retry_limit (default 3) -- number of times a player can attempt to connect to a player before being disconnected
stack_limit (default 50) -- number of stack entries allowed with push()
structures_limit (default 100) -- number of structure()'s allowed
variables_limit (default 50) -- number of unique variables (tm3-ism) allowed per target
wildcard_match_limit (default 25000) -- number of recursion attempts allowed for wildcard/regexp matching
zone_recursion_limit (default 20) -- maximum number of zones that can be chained

Commands:
@boot -- boot player from game
@nuke/@toad -- destroy/remove player from game (note: TM3 has @nuke aliased to @destroy/override)
@disable -- disable logins
@newpassword -- change target's password

Flags:
To set:

@set *player=slave

SLAVE -- When set the player can not issue any command that could potentially change the database
GAGGED - player can not talk
STOP -- Once a $command is matched, no further command searching will occur
CONSTANT -- only the #1 player (God) can set attributes on the target
WATCHER -- allows a player to monitor player connects/disconnects
NOSPOOF -- allows you to see enactor of a @pemit, @emit, say, pose, etc. Can be spammy
FIXED -- target can not teleport

-----------------------------------------------------------------------------------------------------------------
And now, MUX2/TinyMUX:
You will notice early on that MUX2 and TinyMUSH3 hale from the same parent codebase as the restrictive qualities are nearly identical minus customizations between codebases

Site Restrictions:
Syntax ingame: @admin <param>=<IP> <MASK>
Syntax tinymush.conf file: <param> <IP> <MASK>

Parameters:

forbid_site -- forbid the IP from connection entirely
guest_site -- allow guests from the IP
noguest_site -- disallow guests from the IP
nositemon_site -- stop spamming logs of connect/disconnect
register_site -- forbid new player creation from the IP
suspect_site -- mark connections with the SUSPECT flag

Example: (assume player is from IP 12.12.20.200)

@admin forbid_site=12.12.20.0 255.255.255.0
@admin forbid_site=12.12.20.0 /24

This blocks all IP's from 12.12.20.1 through 12.12.20.255 which is the preferred start for blocking since most people have DYNAMIC IP addresses and not STATIC IP addresses.
NOTE: MUX2 since 2.7 allows CIDR notation (ergo, /24 instead of 255.255.255.0)

Keep in mind @admin is NOT persistent. When you reboot or restart your mush, those values are no longer there. To make them permanent you need to use the .conf file method.
Example:

guest_site 12.12.20.0 255.255.255.0

To make any .conf file change take effect, the system will have to be @restarted.

Now for Limits:
To set in-game:

@admin function_invocation_limit=25000

To set in .conf file:

function_invocation_limit 25000

allow_guest_from_register_site -- allow guest to connect to register sites (boolean)
function_invocation_limit (default 2500) how many functions can be called from a single command
function_recursion_limit (default 50) how many times a function can call itself
lock_recursion_limit (default 20) -- amount of times a lock is allowed to be called
notify_recursion_limit (default 20) -- number of times notify() can be called recursively. Notify() is an internal call to TinyMUSH3 that handles the messaging bus. So it's essentially a low-level run away process handler for potential bad coding
player_queue_limit (default 100) -- total number of queue entires a player may have at any one time
retry_limit (default 3) -- number of times a player can attempt to connect to a player before being disconnected
stack_limit (default 50) -- number of stack entries allowed with push()
zone_recursion_limit (default 20) -- maximum number of zones that can be chained
parent_recursion_limit (default 50) -- maximum number of parents that can be chained
pcreate_per_hour (default 100) -- maximum number of player creations allowed an hour
references_per_hour (default 500) -- maximum number of @references allowed an hour
user_attr_per_hour (default 5000) -- maximum number of attributes a player can create new per hour
mail_per_hour (default 50) -- maximum number of mail allowed per hour

Commands:
@disable -- the ability to disable all logins except staff
@icmd -- disable commands based on player or room/location
@nuke/@toad -- destroy a player
@boot -- boot a player from the game
@newpassword -- change target's password

Flags:
To set:

@set *player=slave

SLAVE -- When set the player can not issue any command that could potentially change the database
GAGGED - player can not talk
SITEMON -- allows a player to monitor player connects/disconnects
NOSPOOF -- allows you to see enactor of a @pemit, @emit, say, pose, etc. Can be spammy
FIXED -- target can not teleport

-----------------------------------------------------------------------------------------------------------------
And now, PennMUSH:

You will see PennMUSH is a unique animal and has... very little to do with the TinyMUSH/MUX method of restrictions, and I may miss a few and if I do, please message me and I'll update this ASAP.

Site Restrictions:
@sitelock <args>=<parameters>

Examples, to block specific player:
@sitelock/player PLAYERNAME=RESTRICTION
Examples:

@sitelock/ban/player Buttclown
@sitelock/register/player Buttclown

First example bans (forbids) the player from his current IP
Second example disallows new players (registers) from his current IP

Examples, to block specific sites:
@sitelock IP=RESTRICTION
Examples:

@sitelock *.buttclown.com=!connect
@sitelock *.mildlyannoying.com=!register
@sitelock *.aol.com=!connect,Guest

First example bans (forbids) anyone connecting from that site
Second example registers anyone connecting from that site
Third example blocks only guests from that given site.

As you can see, it does allow hostnames unlike TinyMUSH3 and MUX, and also allows wildcarding. Which is much nicer.

Limits:
@config/set PARAMETER=VALUE (only lasts until reboot/restart)
@config/save PARAMETER=VALUE (#1/God only -- and permanent)

Examples:

@config/set max_attrs_per_object=50
@config/save max_attrs_per_object=50

max_attrs_per_object -- maximum attributes allowable per object
max_guests -- maximum number of guests allowed
connect_fail_limit -- maximum number of times in a 10 minute window someone can fail to connect to a player
startups -- disable @startups from triggering on start (useful if hackers)
player_creation -- globally enable/disable player creates at connect screen
guests -- enable/disable guest connects
safer_ufun -- enable/disable the use of safer ufunctions
function_side_effects -- enable/disable the use of SIDEEFFECT functions
player_queue_limit -- max entries a player can have in a queue
max_depth -- max recursions a @lock can have
function_recursion_limit -- max recursions a function can call itself
function_invocation_limit -- maximum functions allowed per command
queue_entry_cpu_time -- maximum cpu a queue entry is allowed
max_aliases -- maximum @aliases a player can have
max_parents -- maximum parents allowed in a chain
call_limit -- maximum depth of the stack the parser is allowed to have

Commands:
@boot -- boot the player from the game
@nuke -- destroy/remove the player from the game entirely
@newpassword -- change target's password
@disable -- disable logins

Flags:
To set:

@set *player=fixed

NO_TEL -- Stop teleporting period
FIXED -- stops from using @tel/home
SUSPECT -- Set suspect
GAGGED -- stop from talking
Z_TEL -- stops from teleporting out of the zone

-----------------------------------------------------------------------------------------------------------------
And now, RhostMUSH:

RhostMUSH is an combination of, well, everything. And because of the flexibility and customizations, can be daunting, but here we go:

Rhost allows two ways for site restrictions.
Site Restrictions
@admin PARAM=SITE IP
@admin PARAM2=WILDCARDHOST

NOTE: Since Rhost 3.2.4p13 Rhost allows CIDR notation (/24 instead of 255.255.255.0)

The first method:
Example:

@admin forbid_site=12.12.20.0 255.255.255.0
@admin forbid_site=12.12.20.0 255.255.255.0 3
@admin forbid_site=12.12.20.0 /24 3

The first example hardforbids the site from connecting.
The second example forbids the site from connecting after 3 connects have already been allowed. This allows connections but stops spamming.
Both options are available for all site parameters.

forbid_site -- forbid site from connecting
register_site -- disallow player creation from site (set to 0.0.0.0 0.0.0.0 to disable player creation entirely)
suspect_site -- set site suspect
noguest_site -- disallow guest from connecting.
noauth_site -- disallow AUTH IDENT lookups
noautoreg_site -- disallow site from auto-registration on connect screen
passproxy_site -- allow IP to bypass auto-proxy blocking
nodns_site -- don't do DNS/RDNS lookups
forbidapi_site -- don't allow API connections from site

For the second method we have: (wildcards optional)
Examples:

@admin forbid_host=*.buttclown.com *.bob.com !*.foo.com
@admin forbid_host=*.buttclown.com|3

First example blocks wildcard buttclown.com, bob.com, and removes foo.com
Second example adds buttclown.com and forbids after 3 connections.

tor_localhost -- the hosting server that will monitor and block TOR connections
noautoreg_host -- the hostname for blocking autoregistration
passproxy_host -- the hostname to bypass proxy blocking
validate_host -- disallow email from autoregistration
forbidapi_host -- hostname to forbid api
mysql_host -- hostname for the MySQL server
register_host -- hostname to stop player creation
forbid_host -- hostname to stop connections
suspect_host -- hostname to set suspect
noguest_host -- stop guests from connection
nobroadcast_host -- stop site monitor chatter for site (still logs)

The following specific other options are useful for site restrictions:
@goodsite -- attribute to set on target player to specify what wildcard IP's -are- allowed to connect from (IP only, no hostname)
@badsite -- attribute to set on target to specify what wildcard IP's are not allowed to connect from (IP only, no hostname)
NOCONNECT -- flag to set on player to stop connections
Examples:

@goodsite #1=127.0.0.1
@badsite *twink=12.12.20.*

And now, the configuration list of hell:
Examples:
Ingame:

@admin function_invocation_limit=25000

In netrhost.conf file:

function_invocation_limit 2500

authenticate -- toggle to specify authentication (AUTH) lookups
max_players -- max players allowed to connect to the mush at any time. The default for this is 40 less than the current maximum allowed based on server specifications to avoid DoS/DDoS. This ceiling is impossible to go past.
cpu_secure_lvl -- define how the mush will treat those who hit the CPU limit. 0 is just stop 1 is halt the owner, 2 sets FUBAR, 3 sets NOCONNECT and boots, 4 does all of 3 and sets register, 5 does all of 3 and sets forbid
cpuintervalchk CPU load before engaging CPU protection (default 5% system load)
cputimechk CPU time in seconds before CPU protection (default 5 seconds)
heavy_cpu_max (default 50) heavy cpu intensive features are auto-tagged this for additional cpu protection. This is how many times it can be called per 'command'
max_cpu_cycles (default 3) number of times a target can hit the CPU alert before restrictive measures via cpu_secure_lvl is enacted
max_lastsite_cnt (default 20) number of connections from a site allowed a minute
min_con_attempt (default 60) seconds to check for max_lastsite_cnt
lastsite_paranoia (0-3) sets restrictive level to use if max_lastsite_cnt is reached. 0 is take no action. 3 is forbid
max_sitecons -- (default 50) absolute maximum number of connections a specific site can have online at any time.
max_pcreate_lim -- number of connect creates allowed per minute
max_pcreate_time -- time allotted between pcreate lim checks
pcreate_paranoia -- (0-3) sets restrictive level to use if max_pcreate_lim is reached.
spam_limit -- maximum number of commands allowed by a player per minute if set SPAMMONITOR (default 60)
player_queue_limit -- maximum queues allowed per player at any time (default 100)
wizard_queue_limit -- maximum queues allowed for a wizard at any time (default 1000)
function_invocation_limit -- (default 2500) maximum functions allowed per command
function_recursion_limit -- (default 50) maximum number of times a function can call itself.
secure_functions -- switches internal permissions of old-processing functions to be more secure, but breaks backward compatibility
fascist_teleport -- players can't teleport out of anything they don't control or isn't set JUMP_OK
restrict_home -- lock down the 'home' command to specific bitlevel
restrict_home2 -- toggle enable/disable 'home' from those set NO_CODE
restrict_sidefx -- specify what bitlevel SIDEEFFECT functions will work
sideeffects -- specify what sideeffects are allowed
sidefx_maxcalls -- how many sideeffects are allowed per command
max_vattr_limit -- maximum unique user-attributes a player can create for his lifetime
wizmax_vattr_limit -- maximum unique user-attributes a wizard can create for his lifetime
vlimit -- maximum attributes allowed per object
wildmatch_limit -- maximum number of wildmatches allowed per command
lock_recursion_limit -- maximum lock recursion per command
notify_recursion_limit -- maximum notify's allowed (internal notify call)
nonindxtxt_maxlines -- maximum number of lines allowed to be read from @log
max_percentsubs -- maximum percent substitutions allowed per command
max_dest_limit -- maximum number of items that can be @destroyed by a player for a lifetime
wizmax_dest_limit -- maximum number of items that can be @destroyed by a wizard for a lifetime
safer_passwords -- enforce strict @passwords
newpass_god -- allow newpasswording #1
nospam_connect -- consolidates logs on people who attempt to keep trying to connect while forbidden
examine_restrictive -- lockdown who can examine/@decompile
ahear_maxtime -- maximum ceiling in seconds an @ahear is allowed to process
ahear_maxcnt -- maximum recursions @hears are allowed
cluster_cap -- ceiling on the number of cluster members allowed
cluster_func_cap -- recursion ceiling on the cluster function handler
includecnt -- number of times @include is allowed per command set
includenest -- number of recursions @include is allowed
lfunction_max -- maximum number of @lfunctions allowed a player
safer_ufun -- make u() become protected in evaluation
max_name_protect -- maximum number of @protect alises a player can have
float_precision -- floating point precision you want allowed. from 0 to 48
functions_max -- maximum number of @functions allowed to be defined
parent_nest_limit -- maximum parents allowed in a parent chain
imm_nomod -- is the NOMODIFY flag only allowed to immortals?
start_build -- specifies if new players will or will not start with the WANDERER flag -- This defaults to '0' meaning they have the WANDERER flag which restricts all building.
admin_object -- the @admin object that you can use to set permanent config settings in-game
file_object -- the master override for all .txt files. this allows you to either set softcode to all those .txt files (like connect.txt) or design custom commands at the connect screen.
access -- change access of various commands
func_access -- change access of various functions
config_access -- change access of various config options
flag_access_set -- set who can set flags
flag_access_unset -- set who can unset flags
flag_access_see -- set who can see flags
flag_access_type -- typecast permissions on flags
toggle_access_set -- set who can set toggles
toggle_access_unset -- set who can unset toggles
toggle_access_see -- set who can see toggles
toggle_access_type -- typecast permission on toggles
proxy_checker -- set permission restriction level on dynamic proxy detection. Please note, use this sparringly and only if you absolutely have to. The Good news: this will detect most proxies, most of the time. It does this by scanning and comparing the MTUand MSS values and scraping the TCP header for overhead. most proxies require this padding to actually, well, proxy the information out. This means that MSS and MTU values will almost always be a different size for anyone and anything that uses a proxy. Now, the Bad News. Anyone coming out from a business SOCKS server, Firewall, DMZ, or, well, just coming out of a business will likely be identified by a proxy. You use your android device to mush? That's a proxy as well since the android TCP layer is ontop of a java stack. IPhone? Same beast. Pretty much any mobile device will be seen as a proxy, which is accurate, but likely not the type of people you want to block. Sooo, again, use this sparringly. I suggest enabling it to a level to allow monitoring, and only crank it up to deny if you're being directly attacked.

Special commands to monitor/set security:
@snoop -- Yup, it exists. This is an optional log or real-time monitor of a player
@newpassword -- change target's password
@aflags -- list permissions of attributes or set up global prefix restrictions based globally, by target, by enactor, or by sub-group
@log -- control system logs
@logrotate -- rotate logs real-time or verify current status of log file
@api -- control who can set/unset/config/use the restful-like API interface
@blacklist -- load in the blacklist which is created with the script tor_pull.sh that queries and pulls down the majority of public proxy IP's
@tor -- control real time TOR proxy protection
@freeze/@thaw -- real time queue freezing and thawing for sandboxing queues live
@icmd -- control individual, room, or zone based access control of all commands a player can access
@nuke/@toad/@turtle -- destroy and/or convert a player to a non-player.
@recover -- recover a @nuked or @destroyed item from the database. This can be done until the object is @purged. Works like a recycle bin.
@snapshot -- make a live snapshot image dump of the targetted dbref# for safe keeping
@boot -- boot the player
@disable -- disable logins to all but staff
@flagdef/@toggledef -- in-game alter permissions of flags and toggles
@site -- remove site permissions set via @admin foo_site (like forbid_site, suspect_site, etc)
@limit -- assign limits (@destroy, user-attribute, or @lfunction) to target player. This has the effect of enabling, disabling, or overriding the global values for max values. so you can use this, for example, to disable a player's ability to set any user-defined attributes requiring them to only use @va-vz, @desc, and so forth.

Well, wasn't that fun. Now we get to @toggles and @set flags:
Toggles:
Example:

@toggle *player=forcehalted

CPUTIME -- returns extremely useful data on runtime values of a command that executes
FORCEHALTED -- allows you to @force something even if it's halted
LOGROOM -- log everything the room sees. This is intended for IC purposes and will notify the player that logging is going into the room
MAIL_LOCKDOWN -- stop wizards from being able to see other people's mail.
MONITOR/MONITOR_AREG/MONITOR_SITE/MONITOR_CPU/MONITOR_VLIMIT/MONITOR_etcetc -- drilldown of all the in-game broadcasts for most of the built-in game RhostMUSH monitoring. CPU overloads, attribute caps being reached, success/failed connect attempts, and so forth. Ergo, day to day monitoring needs. The MONITOR foo in Rhost is very beefy, so please refer to the wizhelp on all the MONITOR @toggles for more information.

Flags:
Example:

@set *player=slave

WANDERER -- restrictive flag. Set on all new players by default unless configured otherwise. Stops all building/creating and requires removal before building allowed.
GUILDMASTER -- first tier of staff bit
ARCHITECT -- second tier of staff bit
COUNCILOR -- third tier of staff bit
ROYALTY -- this is your vanilla Wizard on other mushes
IMMORTAL -- this is essentially #1 and 'all powerful'
BACKSTAGE/NOBACKSTAGE control flags specifying who can control things set BACKSTAGE
FUBAR -- stop from doing absolutely everything except ':' and '"'. Nothing else.
SLAVE -- this also stops ':' and '"'. Used in combination with FUBAR to make a statue.
INDESTRUCTIBLE -- nothing can destroy the target, not even #1
NO_CODE -- stops target from doing all but the most basic commands and functions
NO_CONNECT -- target can not log in
NO_EXAMINE -- target can not be examined/@decompiled except by wizards
NO_MODIFY -- target can not be modified except by wizards (or optionally just immortals)
NO_MOVE -- target can not be moved by any means
NO_TEL -- target can not be teleported, use teleport, or use home
NO_PESTER -- target can not use whisper or @pemit
NO_POSSESS -- target can not log into their player more than twice
SPAMMONITOR -- target can not issue more than 60 commands a minute

@depowers: -- These are tiered and inheritable from the player. Meaning permission levels can be decreased or removed entirely.
Example:

@depower/councilor *player=wall

WALL -- disable walling
STEAL -- disable getting items/gold
WIZ_WHO -- disable wiz who
BOOT -- disable boot
FORCE -- disable @force/@sudo
MASTER -- disable access to the master room
NUKE -- disable @nuke/@toad/@turtle
OVERRIDE -- disable overiding locks (wizards do this by default)
TEL_ANYTHING -- disable teleporting anything
POWER -- disable access to @power
MODIFY -- disable ability to modify things
CHOWN_OTHER -- disable ability to chown things you don't own
UNL_QUOTA -- disable unlimited quota (useful on staff)
GIVE -- disable the ability to give... anything...
NOGOLD -- disable the ability to give or take gold
PASSWORD -- disable ability to change passwords
PERSONAL_COMMAND -- disable the ability to use any $commands on anything you own
LONG_FINGERS -- disable all remote access features
CREATE -- disable the ability to create anything
CLOAK -- disable the overpowered wizcloaking ability from wizards
PAGE -- no page for you!!!
LOCK -- you can't pass locks. Ever. At all. Sucks to be you.
COMMAND -- you can't use any $command. Anywhere. Only hardcoded commands for you!
EXAMINE -- you can't examine/decompile or use any method to list attribs
FREE -- everything is going to cost you gold
TEL_ANYWHERE -- you can't teleport anywhere
PCREATE -- disable wizards ability to create players
QUOTA -- more more quota control for you
CHOWN_ME -- you can't chown anything to yourself
ABUSE -- you can only use $commands on things you own. Nothing else, including master room.
SEARCH_ANY -- disable all db searching tools
RECEIVE -- you can't receive anything
DARK -- you can't go dark, and even if you miraculously were set DARK it'd not work for you.

IMPORTANT NOTE: Wizards in RhostMUSH by default override all locks and have a unique ability called 'wizcloaking'. If a wizard is set DARK and UNFINDABLE then they become cloaked (like a Romulan bird of pray) and will be undetectable by any means except by another wizard. Immortals have a super-cloak ability that makes them invisible to Wizards in addition. As shown above, there is a @depower to disable cloaking if it's abused.

ABOUT IMMORTALS: Immortals treat as #1. Seriously. They can do anything and everything. They have commands at their fingertips to literally hack and edit the database live, and naturally if they don't know what they're doing, can crash the mush, because of all this raw editing capabilities. Only set Immortal those who absolutely need it or you absolutely trust. Head coders, for example, should likely have an Immortal bit. Also, Immortals by default override pretty much every restriction in the game. A player set NO_TEL? Um yea, immortal can still @teleport them. This is intentional, because it's assumed Immortal's code should just work. So keep that in mind while coding. Cheers.

For help identifying the twink, please refer to identifying the buttclown by IP

-----------------------------------------------------------------------------------------------------------------
And now, Evennia:
For help in securing up your Evennia game (Thanks Griatch!)

-----------------------------------------------------------------------------------------------------------------
And now, AresMUSH:
For help in securing up your AresMUSH game (Thanks Faraday!)

-----------------------------------------------------------------------------------------------------------------
And for those who really need to know code better I'll add some nice links here at the end.

Mush:
Central Hub
Nick Gammon's Mush Setup Tutorial
Javin's Mini-Mush Tutorial
SW1k1 Mush Tutorial
Kirra's Mush Tutorial for Beginners
David King's Tutorial
Amberyl's Mush Manual
Javelin's Guide for Mushcode gods
Algol's Mush Security Guide
Ashen-Shugar's MUSH Security Tips
RhostMUSH's in-game Coding Tutorial
Faraday's Practical Coding

Evennia:
The Basic Tutorial
Python for Beginners
CodeCademy Online Python Tutorial
Interactive Python Tutorial

AresMUSH
AresMUSH coding
Learning Ruby in 20 minutes
The Ruby Tutorial
CodeCademy Online Ruby Tutorial

** Edited: Sun March 11th, 2018 23:05 CST **

Thenomain

Step One: Upvote that post.
Step Two: Look for the three dots next to the increased number. Click on it. Click on 'Bookmark'.
Step Three: Profit. For real this time.

Rook

And people ask why I prefer Rhost over any other server... snort

Ashen-Shugar

I noticed I never covered how to actually find the twinks, so I'm covering that here, since the post would be over 32,000 characters otherwise.

-----------------------------------------------------------------------------------------------------------------
How to go about finding the twink

Ok, I just realized I never had anything covered on how to actually run down and discover the twink that's attacking you.

Let's assume the IP of the person attacking you is 172.217.4.36. For those curious, that's an IP for www.google.com. Now, you are likely curious how to go about tracing this person down and block as much as you can. So, first, let's go for the obvious.

How do I know that IP is google?
Easy, I did a reverse lookup on the IP.

$ dig -x 172.217.4.36

; <<>> DiG 9.9.10-P2 <<>> -x 172.217.4.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56859
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;36.4.217.172.in-addr.arpa.	IN	PTR

;; ANSWER SECTION:
36.4.217.172.in-addr.arpa. 21599 IN	PTR	lga15s46-in-f4.1e100.net.
36.4.217.172.in-addr.arpa. 21599 IN	PTR	ord38s18-in-f4.1e100.net.
36.4.217.172.in-addr.arpa. 21599 IN	PTR	lga15s46-in-f36.1e100.net.
36.4.217.172.in-addr.arpa. 21599 IN	PTR	ord38s18-in-f4.1e100.net.
36.4.217.172.in-addr.arpa. 21599 IN	PTR	lga15s46-in-f4.1e100.net.
36.4.217.172.in-addr.arpa. 21599 IN	PTR	lga15s46-in-f36.1e100.net.

;; Query time: 56 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Dec 04 11:50:45 CST 2017
;; MSG SIZE  rcvd: 193

NOTE online web based dig can be found at https://www.digwebinterface.com/
Make sure to select 'Reverse' as the option you want.

Hum, DNS shows corporate, but let's see if we can find anything more about it...

$ nslookup 172.217.4.36
Server:		8.8.8.8
Address:	8.8.8.8#53

Non-authoritative answer:
36.4.217.172.in-addr.arpa	name = lga15s46-in-f4.1e100.net.
36.4.217.172.in-addr.arpa	name = ord38s18-in-f4.1e100.net.
36.4.217.172.in-addr.arpa	name = lga15s46-in-f36.1e100.net.
36.4.217.172.in-addr.arpa	name = lga15s46-in-f36.1e100.net.
36.4.217.172.in-addr.arpa	name = lga15s46-in-f4.1e100.net.
36.4.217.172.in-addr.arpa	name = ord38s18-in-f4.1e100.net.

Authoritative answers can be found from:

NOTE For the online web interface for nslookup try https://centralops.net/co/
Nope, nothing much more, but that's ok...

1e100.net, if you're used to google will recognize that right off the bat, but if you are not, you can dig further...

$ whois 172.217.4.36

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#


#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=172.217.4.36?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#

NetRange:       172.217.0.0 - 172.217.255.255
CIDR:           172.217.0.0/16
NetName:        GOOGLE
NetHandle:      NET-172-217-0-0-1
Parent:         NET172 (NET-172-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS15169
Organization:   Google LLC (GOGL)
RegDate:        2012-04-16
Updated:        2012-04-16
Ref:            https://whois.arin.net/rest/net/NET-172-217-0-0-1


OrgName:        Google LLC
OrgId:          GOGL
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2000-03-30
Updated:        2017-10-16
Ref:            https://whois.arin.net/rest/org/GOGL


OrgTechHandle: ZG39-ARIN
OrgTechName:   Google LLC
OrgTechPhone:  +1-650-253-0000 
OrgTechEmail:  arin-contact@google.com
OrgTechRef:    https://whois.arin.net/rest/poc/ZG39-ARIN

OrgAbuseHandle: ABUSE5250-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-650-253-0000 
OrgAbuseEmail:  network-abuse@google.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/ABUSE5250-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#

NOTE For online whois, use http://ping.eu/ns-whois/ ... make sure to click 'full info'.

Therreeeeee we go. Notice the OrgTechName ... 'Google LLC' Yup, that's Google!
Now, let's assume this is an IP that you want to absolutely, beyond all measure block.
You have a few things you can do.

First, you can try the *.1e100.net that came from the nslookup. That should work for the RDNS blocking checks.

@sitelock *.1e100.net=!connect
@admin forbid_host=*.1e100.net

Second, you can look above from the whois output above for a section similar to the CIDR or NetRange at the start. That, my good friends, is the subnet that this person is coming from. If you block that entire subnet, you have just nailed down their entire ISP subnet that they use. Bam, gone!. Keep in mind, other users may also use this ISP, so you may want to verify anyone currently using them first.

Ways you can check on your mush

@search eplayer=match(get(##/lastsite),*.1e100.net)
@search eplayer=match(get(##/lastip),172.217.4.*)

Ok, so no one else uses that IP, it's free to block.

@admin forbid_site=172.217.0.0 /16

And done.

Now, you ask what if they're using a proxy?
Good question. There's no easy solution to that, but one thing you can do is find out what proxy group they're using, then manually go through and add every IP from that site. How do you find it?
Believe it or not, it's fairly easy.

Google search for the IP, again, we're assuming 172.217.4.36 is the attacker.
So now you would google search for:

172.217.4.36 proxy

The first one or two pages of google's search will identify public proxies (if they exist) that host that IP address. So it's your job at this point to go to those proxy sites, grab the ENTIRE list of IP addresses, and then add them to your forbid_site lists. It's painful, it's long, but as I stated earlier, blocking people who use proxies is a war of attrition. Your job is to make finding new proxies harder for them than it is for you to block. And honestly cutting and pasting the entire list of IP's from these proxy sites is not that difficult.

The only pain is before you know it, you're hitting 30,000 or more IP's blocked, but such is life.

Thenomain

@ashen-shugar said in What to do when your mush is attacked:

The only pain is before you know it, you're hitting 30,000 or more IP's blocked, but such is life.

For the curious, the Internet has a little over 4,000,000,000 addresses. Do not be afraid to block a twink.

But make sure your badsite.txt file has an address you can be reached at for false positives, but knowing that bad actors may want to spam the everloving begeezus out of it.

Lithium

@thenomain Which is ideally why you never use anything but a throw-away e-mail address for it. Cuz the bad actors will do horrible things with that e-mail address...

Thenomain

@lithium said in What to do when your mush is attacked:

@thenomain Which is ideally why you never use anything but a throw-away e-mail address for it. Cuz the bad actors will do horrible things with that e-mail address...

As long as you can catch the good actors. Don't let the bad actor turn you into a bad person.

Griatch

@Ashen-Shugar asked me to supply a similar list for Evennia. Note that all of these commands could also be prepended with @, + etc if desired.

who -- (as admin) Find the IP of a account. Note that one account can be connected to from multiple IPs depending on what you allow in your settings.
examine/account thomas -- Get all details about an account. Can also use *thomas to get the account. If not given, you will get the Object thomas if it exists in the same location, which is not what you want in this case.
boot thomas -- Boot all sessions of the given account name.
boot 23 -- Boot one specific client session/IP by its unique id.
ban -- List all bans.

+----+---------------+--------------------------+--------+
| id | name/ip       | date                     | reason |
+~~~~+~~~~~~~~~~~~~~~+~~~~~~~~~~~~~~~~~~~~~~~~~~+~~~~~~~~+
| 1  | 134.233.2.111 | Thu Dec  7 19:13:13 2017 |  Spam  |
+----+---------------+--------------------------+--------+

ban thomas -- Ban the user with the given account name
ban/ip 134.233.2.111 -- Ban by IP
ban/ip 134.233.2.* -- Widen IP ban
ban/ip 134.233.*.* -- Even wider IP ban
unban 34 -- Remove ban with id #34

cboot mychannel = thomas -- Boot a subscriber from a channel you control
clock mychannel = control:perm(Admin);listen:all();send:all() -- Fine control of access to your channel using lock definitions.

Locking a specific command (like page) is accomplished like so:

1. Examine the source of the command. The default page command class has the lock string "cmd:not pperm(page_banned)". This means that unless the player has the 'permission' "page_banned" they can use this command. You can assign any lock string to allow finer customization in your commands. You might look for the value of an Attribute or Tag, your current location etc.
2. perm/account thomas = page_banned -- Give the account the 'permission' which causes (in this case) the lock to fail.

perm/del/account thomas = page_banned -- Remove the given permission

tel thomas = jail -- Teleport a player to a specified location or #dbref
type thomas = FlowerPot -- Turn an annoying player into a flower pot (assuming you have a FlowerPot typeclass ready)
userpassword thomas = fooBarFoo -- Change a user's password
delaccount thomas -- Delete a player account (not recommended, use ban instead)

server -- Show server statistics, such as CPU load, memory usage and how many objects are cached
time -- Gives server uptime, runtime etc
reload -- Reloads the server without disconnecting anyone
reset -- Restarts the server, kicking all connections
shutdown -- Stops the server cold without it auto-starting again
py -- Executes raw Python code, allows for direct inspection of the database and account objects on the fly. For advanced users.

Below are server setttings that may be of use. These are changed in mygame/server/conf/settings.py and require a server reload.

LOCKDOWN_MODE = True -- This will turn the server into isolation mode, disabling all external connections. Useful if you need to run it to debug/test some security issue before letting others on.
MAX_CONNECTION_RATE -- Limit how many connection attempts per second the portal should accept before starting to drop connections. This is a global value, for all IPs.
MAX_COMMAND_RATE -- How many commands per second a Session may send. Note that this also includes Out-Of-Band messages between client<->server, so should not be set too low for games using OOB.
MAX_CHAR_LIMIT -- Limit how many characters can be sent in one command.
IN_GAME_ERRORS -- This will show tracebacks in the game when they happen rather than just log them and give a generic error message to the player. While very useful for development, this could be considered a vulnerability since it reveals a lot about the underlying code to the player.
GUEST_ENABLED -- Turn on/off guest access.
PERMISSION_GUEST_DEFAULT -- Which permission levels given to new guests.
GUEST_HOME -- Change guests' home location.
GUEST_START_LOCATION -- Change where guests start when logging in.
DEBUG -- This mode will show full tracebacks in the browser on HTTP errors etc. Don't use this in production, it's leaking memory like crazy (by design it stores everything).

faraday

@Ashen-Shugar suggested awhile back that I make an AresMUSH version, and I finally got around to it. See the Dealing with Trolls tutorial on the Ares website.

skew

No one should have to deal with misogynist assholes, so I'm giving this a bump.

I'll add a bit of a "quick version" for TinyMux...

@boot *Idiot would get the hypothetical horrible person off your game. You can then @newpassword *Idiot=newpassword to effectively stop them from connecting again. Though if you're feeling extra petty, you can instead give them the @Thenomain special, and do:

@boot *Idiot then @aconnect *Idiot=think Why am I like this?; QUIT

This is super fun because every time the person connects, it'll send the message after "think" to them, then they'll quit, all before they have time to do anything. If they want to waste your time, you can waste some of theirs!

Now, should said misogynstic asshole (who will remain totally nameless) think he (usually he) is particularly clever and start using VPNs and the like to change IPs and sidestep your ban, you do have the option to "require registration". To do this, you'll want to go into the netmux.conf file, just as Ashen-Shugar has outlined above, and add register_site. You should end up with something like this:

# Sitebans
#EXAMPLE: forbid_site 123.123.123.123 255.255.255.255
register_site 0.0.0.0 0.0.0.0

If you do this, the "create name password" option upon logging in will be disabled. If you do this, you should update the register.txt file located at <game>/etc/text ... this is the file players will see upon connecting. If they have an existing player/staff bit, they can log right in. Otherwise, the file will tell them to e-mail and ask for an account. You then only need to do @pcreate name=password from a wiz bit and send them that information. Yes, this is likely a hinderance to new players, but as a temporary measure it's very effective.

Finally, I just want to note that when you use who or +finger to find out the address of an individual, it often displays like 123-123-123-123-theirhost.net or something. If you're entering that IP as a ban, you need to convert that to 123.123.123.123... and JUST the numbers, not the "theirhost.net".

And as a final, final note... No one should have to deal with misogynistic assholes making threats and causing stress. PennMUSH and Rhost have active communities that are very willing to help. Ares and Evennia are still "new" and all have discord channels and test servers. If you're on TinyMUX, please feel free to reach out to me or @Thenomain. Someone you know surely has our contact information, or you can message here.

Ganymede

@Derp said in What to do when your mush is attacked:

Yeah, no. That's way too on the nose.

I'm in the crowd of people who had no idea those names actually referred to a specific person, and therefore did not act.

Chime

Enough games are run on their own VMs now that iptables is a pretty legit way to go, if you can manage it.

Ghost

@Chime This is absolutely true. Would also provide some additional security.

surreality

@Ghost Could a writeup re: how to do this be added, please?

Ghost

@surreality for using iptables? I'm sure there are online resources already existing that game owners can pick at.

Thenomain

@Ghost

How about a link to a HowTo, then? A lot of game runners don’t know where to start and mucking around in iptables could be dangerous.

surreality

@Ghost Not always time to do that mid-emergency for someone who doesn't already know.

Ghost

Genesis uses CentOS5.9, so I'm going to assume the base console is CentOS6 or older. There's no really quick way of setting iptables up (in an "emergency") because it requires some analysis. To note, this wouldn't be something configured inside od the mush code, but on the CENTOS Linux VM that the game runs on. From what I see, the rented server space looks like a cloud VM instance, and it depends on the user agreement with the host how much you can modify that virtual machine.

IPTables Essentials

IP tables for newbies

Some vids...
https://youtu.be/1PsTYAd6MiI

A playlist here...
https://www.youtube.com/playlist?list=PL0BxxFpI26FCRiFSGDvVfNyNLFiN6xiLw

Ghost

@Thenomain said in What to do when your mush is attacked:

@Ghost

How about a link to a HowTo, then? A lot of game runners don’t know where to start and mucking around in iptables could be dangerous.

Yea, you're right. IPTables is basically a firewall setup where you better control which services, ports, and incoming/outgoing connections are used. Like I said, it would require some analysis and checking which ports you're using.

I'm assuming a mush is getting attacked right now?

As much as I jabber about using ssh these days I've wondered if there is a better way to handle MU connections. SSH is more secure but doesn't answer risks of DoS.

One thing you can do is check with your MU Hosting to see if they have any software in place that can be applied to the VM to protect it more from TCP/UDP flood attacks.

Arkandel

@Thenomain said in What to do when your mush is attacked:

@Ghost

How about a link to a HowTo, then? A lot of game runners don’t know where to start and mucking around in iptables could be dangerous.

It is, but I'd arguably say not knowing the basics of networking while messing around blindly with iptables may be worse than whatever attack is happening on your game, since you're risking making it inaccessible even by yourself - say, by blocking ssh connections.

Perhaps what a kind soul could do is create and document examples of very specific things to do for common tasks - such as banning one IP, or one specific /24 range.

For example

sudo iptables -A INPUT -s 110.111.112.0/24 -j DROP

will drop all inbound traffic originating from 110.111.112.* .