Book Reviews

The following book reviews are the copyright of their respective authors and no part should be reproduced without the express permission of the author. Publishers and Authors of the books reviewed may reproduce the whole or extracts of a review for their book. To request copyright permission please email webmaster@birmingham.pm.org.

All the reviews herein are the opinions of the reviewer and are not necessarily the views of Birmingham Perl Mongers and its members. If you feel a review or comment has been made in error, please contact webmaster@birmingham.pm.org to rectify the situation.

Other Books

Static Link: http://birmingham.pm.org/reviews/46

 
IRC Hacks - 100 Industrial-Strength Tips & Tools
Title:IRC Hacks - 100 Industrial-Strength Tips & Tools
Author(s):Paul Mutton
ISBN:0-596-00687-X
Publisher:O'Reilly Media
Reviewer:Jon Brookes

For years I have been tied to using Microsoft Wintel in environments where Open Source solutions can solicit confused reactions and even suspicion. This corporate world often misses out on such things as community driven relay chat and messaging services. Indeed, most of my business contacts use solely MSN messenger, if at all, as many more use just email. IRC was, therefore, until only recently, a mysterious concept to me. Thanks now to some help from an IRC expert and the book 'IRC Hacks', this situation is now reversed. I find IRC to be a much more flexible, powerful and versatile technology than MSN.

Like other works of the same series, IRC Hacks sets out to provide a rapid lookup and quick start guide. It achieves this in several ways. The total newcomer to Internet Relay Chat (IRC) will find the early sections of the book of great use. The 'hacking' approach lends itself well to getting a quick start to simple questions such as 'What client software can I use and is my OS catered for?', 'What IRC services can I connect to?', 'What are IRC channels, networks anyway?' and 'Are there search engines devoted to finding people, channels and networks?'. Wintel, Mac and Unix clients are discussed. There are also hacks that utilise cross platform solutions such as Chatzilla, a Mozilla custom plugin and Java applets that will run on any compliant browser.

There are a variety of client and server based hacks that help keep your conversations secure and private, using ssh and stunnel.

The latter two thirds of the book is aimed at the more adventurous user, even the programmer that would like to dig deeper into IRC functionality and services. The majority of these hacks cover 'bots' and IRC client extensions. Bots are, for me, the most interesting part of the IRC world. Being a Perl hack, I was pleased to find information around the use of Perl CPAN modules to write your own bot services. There are also bot hacks based on Java and Python if you find these suitable.

If you are not entirely certain what a 'bot' is and how to implement one for IRC, the introductory hack on how to connect to IRC with raw Telnet should be very enlightening. I found this hack pivotal to understanding what bots are all about.

More advanced topics such as setting up your own IRC server and services come in at the end of the book.

As my knowledge of IRC was at the outset limited, I asked a fellow hacker who has been using IRC for a long time now to look over the book. For her want of anonymity, I refer to her from here on in as 'TUX'.

TUX uses IRC bots a lot and has done for several years on her own IRC servers. TUX uses Eggdrop - a C and Tcl based bot technology. There are only about eight pages on Eggdrop in IRC Hacks so TUX wasn't altogether impressed as she prefers to use Eggdrop over, for example, custom Perl based bots. Eggdrop has been round for a long time and is respected as stable and reliable by many IRC users.

IRC security is of prime importance to TUX as she has experience of IRC network attacks in the past. TUX re-iterated to me that there are a lot of bad people on the internet (which of course we are all aware of), who may want to do bad things to your network and/or your IRC server. TUX uses a proxy or 'bouncer' - PsyBNC, which itself isn't covered in IRC Hacks. It does however look at CtrlProxy, another 'bouncer'.

Sitting behind a proxy (or bouncer), that itself connects to an IRC network on your behalf, can help protect the network you are using. An attack may initially target your IRC address. So if your bouncer is hosted on an entirely different network, it is the address of this 'other network' that is advertised by the IRC services that the proxy is connecting to. As I am often working on corporate network environments I was pleased to know of this. I do not want to take heat from my network administrators should my IRC address bring an attack to bear on the company network that I am on.

This is not to say IRC is any more or less risky to use than say, Windows XP or MSN or any other messenger based protocol such as Jabber or Yahoo messenger. There are always going to be dangers as soon as you connect to the internet. Picking up email with a windows mail client IMO can be fraught with danger. Forewarned though is forearmed in my book and using a bouncer means also that you need not lose your connection when your windows system has to reboot or shut down. You can even receive messages when you are off line, which is nice.

If there is any section missing from IRC Hacks I may conclude that aside of the hack that is already present that discusses appropriate behaviour for IRC users and bots, another section on potential dangers could have been added.

Writing bots, TUX tells me, can be a bit of a black art depending upon what your trying to do. If you were using a bot on a channel without the permission or knowledge of the Channel Operator, you may find that you get it 'kicked off' by either the Operator or even another bot that is used to look for unauthorised bots. There are techniques in the implementation of the bot that can be used to con such a 'police bot' into thinking your bot is a human when in fact it is not. It can then carry on with it's nefarious activity unmolested. Stealth robots like this, TUX tells me, are a problem if you cannot identify them quickly and get rid of them from your server. Some bots are even used, for instance, to trigger 'zombies' to start off Denial of Service (DoS) attacks or to relay spam. The fact that this sort of information is not covered in any depth by IRC hacks is arguably a good thing.

It would be unfair to try to see IRC Hacks as a complete reference on IRC. It offers a quick start and rapid answers to 'get you on the path' toward a solution. You still have to use your brain afterwards, but this is something I like. It is not a step by step tree killer and that can't be a bad thing either.

I really enjoyed getting to know IRC using IRC Hacks. I intend to carry on using both the book and IRC.

Even if you are stuck on MSN, one of the hacks towards the end of the book enables you to use an MSN to IRC gateway so as to include MSN into your IRC sessions.

So I would say, get IRC Hacks, you won't be sorry.

- Jon Brookes, © November 2004