If you know nothing about bncs, a bnc is short for a 'bouncer.' A bnc acts as a proxy for irc, allowing you to hide your real IP address and use a vhost (vanity host - something like 'this.is.a.l33t.vhost.com'). What are the advantages of this? Well, mainly there's just one important one: It'll stop stupid packet kiddies from trying to knock you off the network. Everyone hates getting disconnected, and with a bnc on a decent shell, you should be pretty immune. Remember though: the kiddies can still nuke you, but it is assumed that the shell provider has a high-bandwidth line that allows it to withstand the numerous packets. If your shell is on a 56.6, you'll still be screwed.

So... why psybnc? There are a variety of other open source bnc's available for you to download, most notably EZBounce and plain-ol BNC. Both of these do the exact same basic thing as psybnc: hide your real host. But that's about where the similarity ends. I've been using psy for a long time now, and I love with all the features that it offers. To name a few:

There are tons more features, but you can just download the source and view the README.

Now... for the first part of this tutorial, the Basic section, I assume you have little or no experience with shells/irc. For the Intermediate section, though, I assume you can hold your own. For most users, the Basic is as far as they need to go, but all the fun stuff is a bit more complicated.

onfiguring and Compiling

Hopefully you have already downloaded the source. If not, you can find it here: http://www.psychoid.lam3rz.de. After you have downloaded that, fire up your favorite ftp client and upload it to the root directory of your shell. You could also get the source by using lynx or wget. Example wget command:

The next step is to decompress this file (.tar.gz is kinda like a .zip file for all you windoze ppl out there). To do this, type:

Notice that it's case-sensitive. Everything in unix is case-sensitive. Keep that in mind for everything in the future.

If you typed the correctly, you should have a psybnc directory on your shell. Change to it and see what you have!

Now, this next part is where it gets a bit harder. psyBNC includes a GUI for configuring the bnc. However, this requires ncurses to be installed on your shell, something a bunch of shells do not have. In my experience, most flavors of linux have it installed, but some others don't. So, give it a whirl. Type:

If you get a GUI, congrats: the configuring process is much easier. If not, well, welcome to my world ;) With menuconfig, the GUI is very easy to follow: obviously an [X] denotes that the option is selected, while [ ] indicates it's not.

For all those stuck doing it by hand, after each option I explain how to set it. For all the compiling options, everything is placed in the file config.h, which is found in the psybnc directory. Just open that file with your favorite editor on the shell (I use and recommend pico - You can edit the file by typing:

In this file, if you want something added, it has to be defined. Example: #define INTNET adds support for the internal network.

The key for the section below is as follows:

 

Compiling options

 

Once you have all these options set, you have two choices: If you're using menuconfig, skip to the next step. If you're doing it manually, this is where you actually want to compile your bnc. It's very easy to do. In the psybnc directory, simply type:

It won't take long to compile. If you have compiled with SSL enabled, you'll have to create a self-signed certificate at the end of the compilation process. Simply follow the prompts that you are given. The most common error is to specify a wrong Common Name. According to certificate standards, the common name must be a FQHN: Fully Qualified HostName, i.e: psybnc.mydomain.com. Since the certifcate is simply being used a an encryption seed and not as a validation of identity, this is not really important - the cert is not being signed a real CA anyway!

Configuring options

If you're using the GUI, all these options are accessable under the Bouncer-Config part of the menu. If you're not using the GUI, all these options are in psybnc.conf, which is created in the psybnc directory after it is compiled. To edit these options manually, just edit this file. The Appendix has the proper syntax for each option. The rest of this section will cover the GUI method.

Before going through these options, do the following: know the IP of your shell. for example, if you connect to l33t.shell.com open up a console (or command prompt in Win) and ping the hostname. You should see something like this:

So if your shell was www.efnet.org (which I can guarantee it is not!), the corresponding IP would be 193.45.36.242.

Also, choose a port for the bnc. Check the Terms of Use of your shell - some companies require you to use a certain port range. And if you're on a *nix shell, the port will have to be higher than 1024 (unless you run the bnc as root, which is certainly not recommended!). Ok, on to the options, same basic format as the compiling options.

 

Congrats, your setup is complete. If you haven't done so already, it's time to compile your bnc by typing "make" at the shell prompt in your psybnc directory. Then type "./psybnc" to start the bouncer. Hopefully everything went smoothly and you're ready to jump into the next section.

 

Setting up your Account

The first thing you need to do is connect to your bnc. In your irc client, open up the connect dialogue box and add in another server. Name it My BNC or something like that, enter the IP and port, and enter the password that you chose (either through menuconfig or in the conf file). Now make sure that your ident is set to your username. It's also a good idea to set your e-mail address to username@whatever.com. If psy can't get an ident response from you, it checks your e-mail addy as verification of the username. If everything goes well, you'll see this when you connect:

Now you need to get connected to irc: first, you need to select your vhost. To see what vhosts are available, at your shell prompt type:

This command is only available if your shell provider has created such a function, but in my experience 99% have. For security reasons (?), there is no way to view the vhosts in psy. After your vhost is selected, you'll need to add in some irc servers, and set a few other options. the commands follow below. All commands appear like this /mycommand, everything else after it is an explanation. All brackets are for my purposes, don't use brackets in any command!

/bvhost [vhost] -- (this command used to be /vhost) -- [vhost] is your vhost in alpha form (ie, this.is.a.cool.vhost.com and not 127.0.0.1)
/addserver [server] :[port] -- server can be in alpha or numeric form...
 

Once you add in the server, psy will auto-connect to it in a short while. You can add in more servers so that if one goes down, psy can reconnect to a different one. Just use the command above again. For server managment:

/listservers -- lists all the servers you have added
/delserver [n] -- deletes the server with #[n] (as shown by the listservers command)
/jump -- disconnects you from your current server and attempts to connect to the next server in your list
/bquit -- disconnects you from the server until you force it to connect
/bconnect -- connects you to irc
 

Now, remember that psy will keep you connected to irc even when you're not connected to the bnc. So, these commands are helpful:

/setaway [message] -- psy will display this message to all channels you're on when you quit the bnc. It will NOT repeat this message (since that's gay). To remove the message, just type /setaway
/setawaynick [nick] -- when you quit the bnc, psy will auto-change your nick to the nick you set here. When you reconnect, it'll auto change it back to what's shown in the mirc nick.
 

  OK, now for some more commands that ppl find useful. Remember that ALL commands are in the README file that came with psybnc. I'm not going to repeat all of them.

/playprivatelog -- plays the log of all messages sent to you when you were disconnected from the bnc. The log will be opened in a window called -psyBNC.
/eraseprivatelog -- erases the aforementioned log.
 

psy has a damn cool feature in that it allows encryption. You can encrypt text sent to a channel or a person. Each person needs to have the same key to view the text. This is helpful if you're paranoid, or if you want to have a private conversation in a public channel. (Why you wouldn't just pm is beyond me ;) It also makes you look l33t lol.

/encrypt [password] :[channel/person] -- make sure everyone you want to speak with has the same key. And they need to be using psybnc as well. duh.
/listencrypt -- lists your current encryptions
/delencrypt [n] -- deletes encryption #[n] as shown by the listencryption command.
 

 

User Management

Obviously, if you have your bnc compiled as singleuser, this section is pointless for you. But for everyone else, I'm sure you want to add in other users, delete them, etc... Here's the commands to do it:

/adduser [user] :[real name] -- the [user] is what the person will have to set their ident to. The [real name] part is what ppl will see when doing a /whois. for example:

will show this in the first line of a whois:
 

/deluser [user] -- deletes the user.
/password [new pass] -- changes your password. If you're an admin, you can change other ppl's passwords:/password [user] :[pass]
/madmin [user] -- makes a user into an admin (choose your admins carefully!)
/unadmin [user] -- removes admin rights from a user.
/bwho --- see who is added to your bouncer. Also shows if they're connected, what server they're connected to, and what their IP is.
 

I recommend you secure your bnc even more by restricting what IPs can connect to it:

/addallow [IP or mask] --- lets whatever IP or mask you specify connect to the bnc. IPs can be definite, ie. 12.12.12.34 or masked, 12.12.12.*. You can also use hostnames and masks such as *.myisp.com.
/listallow --- lists the allowed connections.
/delallow [n] --- deletes allow #n as shown by listallow.
 

 

DCC Stuff

This section assumes that you compiled your bnc with DCCFILE and DCCCHAT. If you did not, then you can do all your dcc stuff as you normally would in your irc client, but remember that your real IP will be revealed by doing this. Like I stated before, the benefit of psyBNC is that it hides your IP during DCC sessions, but in order to do this, your life gets a bit harder. First, let's go over the basic DCC commands:

/dccchat [user] --- opens a dcc chat session with the user you specify.
/dccsend [file] :[user] --- sends a file to the person you specify. The file MUST be in ~/psybnc/downloads/USERx (where USERx is your user #. Not sure what your user # is? do a /bwho
/dccanswer [user] --- if someone sends you a dcc chat request, psy will inform you through a notice. You must then type this to accept the request.
/dccget [file] :[user] --- gets a file that was dcc'd to you by someone. This file will be stored in the ~/psybnc/downloads/USERx directory.
/dccsendme [file] --- tells psy to send you the file you specify. Use this after you get a file from another user and then want to get it from your shell. This is the only way people without shell access can get their files.
/listdcc --- lists all dcc's
/dcccancel [n] --- cancels dcc # n as shown by /listdcc
 

If you wish to use SSL encrypted DCC sessions, precede the value of the command with "S=" ie: /dccchat S=l33th4x0r - Note that the other person must have an SSL capable client.

Now for the cool stuff :) my favorite feature of psy is its ability to stay permanently connected to a bot through a DCC, and to ask this bot for ops. As anyone who has experience with running a botnet knows, one of the easiest ways for a channel to be taken over is to have some idiot /msg [bot] OP [password], when the bot's nick was taken by someone else. With psy, however, the askop request can be done two ways: through the partyline when a DCC is initiated, or through a msg that first checks the mask of the person being sent the request. Sweet, eh? So, the commands to do it:

/adddcc [botname] [username] [password] :[host]:[port] --- The botname is obviously the name of the bot, The username and password are your personal l/p that you use to gain access to the bot's partyline. The host is the host of the bot. It can be either the alpha-form, or the actual IP address. I prefer the actual IP address, since it's possible DNS can be down. And finally, the port is the port that the bot listens on for user connections. Some bots listen for other bots on one port and for users on another, so make sure you get the right one :)
/listdcc --- lists all dcc's
/deldcc [n] --- deletes dcc # n as shown by /listdcc
 

Now, for the askops part: This part assumes you added in a DCC to the bot as shown above. If you don't have partyline access, you can still add an askop, but I'll get to that later.

/addask [#chan] [password] :-[botname] --- The chan is the channel you want to get ops on, the password is your password, and the bot's nick, preceded with a :-, is the bot which you have a dcc enabled to.
/listask --- lists all the askops you have
/delask [n] --- deletes askop # n as shown by /listask
 

Now, if you don't have partyline access, you can add the askop in this way:

/addask [#chan] [password] :[bothost] --- where chan is the channel you want to be opped on, your password is your password (duh), and the bothost is the bot's hostmask. A hostmask, for the uninformed, is formed like this: username!ident@host. Since a bot is set to use a different nick if someone takes their default, set the host for something like: *!mybot@damn.cool.vhost.com.
 

 

Multiple Networks

One of my other favorite things about psyBNC :) Do you have a bunch of channels you hang in on efnet, but also one or two channels on dalnet that you like to go to? If you're like me, you do...but you alo hate having multiple mirc sessions open. Fret no more! psyBNC can solve your problems by allowing you to connect to more than one network with the same mirc client. For this section I'll assume that you're familiar with most of the commands in psy. If not, get familiar with them before you try to do this. Ok, let's get into the commands.

The first thing you need to do is add in another network:

/addnetwork [name] --- adds in a network with the name you specify. Keep in mind that network names are case-sensitive. Furthermore, you'll be typing the name a lot, so if you're adding in dalnet, use the name dal or dn or something similar.
 

Once you have the network added, you need to choose your vhost for that network. If you don't choose one, it'll default to the IP the bnc is on, usually something gay like "my-shell-company.com". So:

/bvhost [network]~[vhost] --- sets your vhost on the network you specify.
 

See this command? This is the format for all commands used on multiple networks. Simply prefix the syntax of the command with [network]. So, to give some other examples:
/addserver dn~irc.dal.net:6667 --- adds in the server irc.dal.net with port 6667 to the dn network.
/join dn~#fxp --- joins #fxp on network dn. (btw, I hear that some freaky ppl hang in this particular channel ;)
/msg dn~joeschmoe beeyatch --- sends the message "beeyatch" to the user with the nick joeschmoe on network dn.

Now, some weird things about multiple networks:
· Your nick in the nicklists for channels on other networks will show the nick you're using on your primary network. So, even if you do: /nick dn~TwatMuffin, even though other ppl will now see you as TwatMuffin in their list, you'll see yourself as jestrix, or whatever nick you use.
· If you get opped/voiced in a channel, you won't see it in the nicklist. You'll just appear to be a regular schmoe.
· Let's say JoeSmith is in #chat on efnet, your primary network. You head over to dalnet, and he's there in #fxp. Everyone else in #fxp will look like dn~BobJones, but JoeSmith will be just JoeSmith. If you try to msg him by dbl-clicking on his nick int he dalnet channel, you'll really be sending a msg to him on efnet. You have to use dn~JoeSmith to talk with him on dalnet.

Some final things. Maybe you don't always want to be on more than one network. I prefer to always be on efnet, and then head to my other networks when I want to talk with ppl there.

/bconnect [network]~ --- connects you to the network you specify (assuming you have servers added for that network)
/bquit [network]~ --- quits you from that network. You'll still be connected to your primary network. Note, if you do /bquit, you'll be quitted from all your networks.
/switchnet [new network] :[current network] --- This command will let you switch your primary network. By doing this, you won't have to prefix all your commands with the ~net syntax.
For example, let's say that you are on EFNet and DalNet. Efnet is your primary network (you dont need to prefix anything with the ~ format) and DalNet is added as ~dn. If you currently did /msg jestrix, you would be messaging jestrix on efnet.
If you do /switchnet dn :ef your current network will be assigned to dn - DalNet. Now if you /msg jestrix you will get jestrix on DalNet. To msg him on EFNet, you would have to do /msg ef~jestrix - since ef was the prefix you assigned in the switchnet command. To switch back to your original config, you'd do: /switchnet ef :dn
 

OK, multiple networks also includes the psy internal network. Think of it as an ircd inside your bnc. By using the network name int you can create private channels that only ppl connected to your bnc can access.
For example, /join int~#partyline will have you join the internal channel #partyline. You can set modes/ops/topic in the internal channels just like you would on a normal channel. do a whois on someone in an internal channel, it looks neat ;)
You can also privately msg other people connected to your bnc: /msg $[nick]. Prefix it with a $ and psy will send it directly to the person on the bnc; it will not pass through the irc server. (So if you both are on SSL-enabled clients/bncs - the message is perfectly secure in transit!)

 

Linking

A cool aspect of psy is the ability form a psy-net through the linkage of multiple psybncs. The benefit of this is to create a private internal network secure from snooping, and secure from takeovers! Furthermore, you can let ppl on other bouncers use your machine's vhosts if you wish. As you should have realized by now, preceding an IP with S= creates an SSL port.

So, to create a link to another bouncer:
/linkto [name of other bnc] :[IP]:[port]

The other bouncer would have to do the following:
/linkfrom [name of other bnc] :[IP]:[port]

To view all your links:
/listlinks

I love to have everything encrypted, including my links. To create an encrypted link:
/setlinkkey [link #] :[password]
After doing this on both psy's, do:
/relink [link #] on either bouncer to reset

To enable the sharing of vhosts:
/relaylink [name of other bnc] :n --- where n=0 to disable vhost sharing; 1 to enable it.

Final note: If you use hostmasks to restrict connections to your bnc, you must add the other bnc's IP as an allowed host!!

 

Appendix

For one reason or another, you might want to edit your psybnc.conf (especially if menuconfig doesn't work for you). So, here are the applicable lines and what they mean. I'm sure I've missed a few lines, so if you find anything and know what it does, please email me at jestrix(at)jestrix(dot)net. Note that all the variables in psybnc.conf are CAPITALIZED and that there are no spaces on either side of the equal sign.

Variables are shown in this style.
 

 

###SYSTEM SETTINGS###
PSYBNC.SYSTEM.PORT1= The port your bnc is going to listen on. use a PORTx variable if you want multiple ports.
PSYBNC.SYSTEM.ME= The name of your bouncer.
PSYBNC.SYSTEM.HOST1= The IP your bnc is going to listen on. Use HOSTx for multiple hosts. If you want an SSL port, Put an 'S=' before the IP.
PSYBNC.SYSTEM.DCCHOST= The IP that will be used for DCC sessions.
PSYBNC.HOSTALLOWS.ENTRY0= The first IP that will be allowed to connect to your bouncer. Use *;* for everyone. This can include masks. The first * indicates the IP, not sure what the * after the ; denotes... can't find anything anywhere about it.
 

 

###USER SETTINGS###
(note that USERx can be substituted for USER1 where x is an integer)
USER1.USER.LOGIN= The login name for the user (ident)
USER1.USER.NICK= The nick the user will use on irc.
USER1.USER.USER= The 'real name' of the user (what appears in the whois)
USER1.USER.PASS= The password of the user (this will be shown in encrypted form; if you change the password in psybnc, then restart it, the password will become encrypted.)
USER1.USER.RIGHTS= 0-not an admin; 1-an admin
USER1.USER.ACOLLIDE= 0-disable anti-collide; 1-enable anti-collide
USER1.USER.SYSMSG= 0-Do not show system messages to the user; 1-Show them
USER1.USER.VHOST= The user's vhost
USER1.USER.AWAYNICK= The user's away nick
USER1.USER.AWAY= The user's away msg
USER3.USER.LEAVEMSG= The message shown when you disconnect from the bnc
USER1.USER.VLINK= (0/1) Not sure what this does (default =0)
USER1.USER.PPORT= (0/1) Not sure what this does (default =0)
USER1.USER.PARENT= (0/1) Not sure what this does (default =0)
USER1.USER.QUITTED= 0-User is connected to irc; 1-User is quitted
USER1.USER.DCCENABLED= 0-dcc is diabled; 1-dcc is enabled.
USER1.USER.AIDLE= 0-anti-idle is disabled; 1-it's enabled.
USER1.USER.LEAVEQUIT= 0-when the user disconnects from the bnc, they stay on all their channels; 1-when they quit, they leave all the channels, but still stay connected to irc.
USER1.USER.AUTOREJOIN= 0-if you get kicked when not on the bnc, psy will not rejoin the channel; 1-psy sill rejoin the channel for you if you get kicked.
USER1.USER.LASTLOG= (0/1) Not sure what this does (default =0)
USER1.SERVERS.SERVER1= The first server of the user.
USER1.SERVERS.PORT1= The port for server number 1.
USER1.CHANNELS.ENTRY0= The first channel the user wants to sit on.
USER1.CHANNELS.KEY0= The key for the first channel. (This is encrypted as of version 2.3.0)
USER1.INTCHANS.ENTRY0= An internal channel the user wants to sit on.
USER1.AOP.ENTRY1=Entry for someone to get ops from your client in the form of hostmask;password. (not covered in this tutorial)
 

 

###LINKAGE STUFF###
LINKS.LINK1.PORT= Port for link 1
LINKS.LINK1.NAME= name of the otehr bnc
LINKS.LINK1.IAM= name of the other bnc (redundant?)
LINKS.LINK1.HOST= IP of the link
LINKS.LINK1.PASS= Password for the link (used only by the bncs)
LINKS.LINK1.ALLOWRELAY= 0-Do not share vhosts; 1-Allow the sharing of vhosts
LINKS.LINK1.CRKEY= Key set by negotiation between the bncs
LINKS.LINK1.TYPE= 0-Your bouncer links to theirs; 1-Their bouncer links to yours.
 

 

###DCC AND ASKOP STUFF###
(note: I don't recommend editing any of these variables through psybnc.onf -> use the commands in mirc.
USER1.DCC.ENTRY0= Stuff pertaining to DCC #0
USER1.ASK.ENTRY0= Stuff pertaining to AskOp #0