DALnet - Open Proxies and Compromised Hosts

When you connect to DALnet

When you connect, DALnet servers automatically perform several checks on your IP address to detect possible security issues. We do this to block connections that are often used for spamming, flooding, and other abuse on IRC. The vast majority of abuse on our network comes from insecure computers.

By connecting to DALnet, you are giving tacit authorization for DALnet to scan your computer to ensure it is not a potential security risk. If you do not wish to be scanned, you are free to disconnect. Attempting to bypass these security checks will result in your computer being blocked from accessing the network.

We currently do direct scans for the following types of security problems on common ports. The specific ports scanned change depending on what is commonly being abused.

open WinGate proxies
open SOCKS (4 and 5) proxies
open HTTP (CONNECT and POST) relays
router login prompts

In addition, DALnet also uses third-party "blacklist" services that record IP addresses recently used for abuse, due to installed open proxies or various types of trojan/worm infections.

If you are banned

If you have received a message telling you to visit this page, the sections below give reasons for the ban and what you can do to fix the problem.

If you run a proxy server

An "open proxy" is a proxy that allows anyone on the Internet to connect through it. An open proxy is not secure, and can be used by other people for abuse (spamming, flooding, etc). DALnet does not allow connections from IPs with open proxies.

To connect to DALnet, you must secure your proxy so that only your computers can use it. You can usually do this with an access list, or by setting a password. For more information, see this page.

After you have secured your proxy, wait 30 minutes for the ban to expire, then try to connect to DALnet again.

If you run a web server or web cache

If a web server or web cache is not configured properly, it can act as an open proxy, allowing anyone to use your connection for abuse — not just access web pages. For a web cache such as squid, the most common problem is that it allows anyone on the Internet to connect through it. For a web server, the problem is usually having the HTTP proxy enabled by mistake. DALnet does not allow connections from IPs with insecure web servers or web caches.

To connect to DALnet from an IP with a web cache, you must configure the cache so that only your computers can use it. Do not accept connections from the Internet in general.

To connect to DALnet from an IP with a web server, you must configure the server to only allow HTTP POSTs to itself, and to not act as an HTTP proxy. Do not allow it to relay data to other servers.

For more information about specific server configurations, see this page.

After you have secured your web system, wait 30 minutes for the ban to expire, then try to connect to DALnet again.

If you don't know the problem

There are many trojans and viruses that use your computer for proxies, spamming, flooding, and other abuse. Your computer is probably infected.

To scan and clean your computer, please use these tools:

1) Go to Microsoft Windows Update to update your computer and get patches for security problems. On that page, click the Express (Get high-priority updates) button, wait for it to scan your computer, then follow the instructions to install all critical updates. After it finishes, it will ask you to restart your computer. Do that and return to this page (you can save it in Favorites / bookmarks).

2) Use the Panda ActiveScan online virus scanner to check your computer for viruses and trojans. On that page, click the Scan your PC button and follow the instructions to install and run the scanner.

After you have cleaned your computer, wait a few hours for the ban to expire, then try to connect to DALnet again.

Software to keep your computer clean

To help keep your computer free of infection, here are some free tools you can install. They are always running and automatically update themselves to block the latest threats.

Microsoft Windows Defender detects and removes spyware.
Avast! Antivirus detects and removes viruses and trojans. The Desktop -> Home edition is free.

When you're on DALnet, you can also talk to the people in #NoHack to find out what tools will work best.

Latest News

- new IX server: nibiru
- Bahamut 2.2.4 release
- In Memory of CaeSpock

View archive

User Account Login

Chat Now

Thanks for flying DALnet!

Tip of the day

Make sure your nick's email address is still valid so you'll be able to recover your password if needed. /NickServ HELP SET EMAIL