            _   _ _            ___
  ___ _ __ | |_(_) |_ _   _   / _ \    the ultimate eggdrop 1.5+ script
 / _ \ '_ \| __| | __| | | | | (_) |         (c) 1996 - 2001
|  __/ | | | |_| | |_| |_| |  \__, |  Mixter <mixter@newyorkoffice.com>
 \___|_| |_|\__|_|\__|\__, |    /_/
                      |___/              version 9.2 (1.6 optimized)

ABOUT
entity9 is an all-around script aiming to perform all important tasks
ranging from security and tcl updates to channel and botnet management,
in one big tcl add-on to eggdrop. it is reasonably stable and is one of
the oldest tcl packages for eggdrop - used and improved for over 4 years.

INSTALL
the entity setup system is designed to be as easy as possible. most values
for the eggdrop config file are preset or calculated inside the tcl by default.
the config file for an eggdrop running entity is usually not bigger than
ten lines (see conf.sample). of course, all defaults can still be changed.
to install, compile the eggdrop as usual (./configure ; make config ; make),
then extract the entity files into the eggdrop directory and run ./setup
the entity setup script asks for the default values such as channels, bot
nickname, ports, irc network and creates an initial config file and a crontab
set the crontab, if you wish, and start the bot with ./<bot's nickname>

AUTHENTICATION
entity9 comes with a default user file "userfile" that will be set up as the
bot's initial user file, so you don't have to introduce via IRC. on starting
the bot, go to irc and /msg botnick #pass <yourpassword>. your initial nick
will be "botowner", which you'll have to change to your own nickname. if this
procedure of setting a password won't work, the bot will create a user with the
nickname of the first permanent owner (config variable owner), and set his
password to a hash value derived from the tcl size. on initial startup, that
value is shown on the line "... - 0x05 - security system".
now, chat the bot or send it a ctcp CHAT to make it chat you. if you've
set "challenging" to 1 in the config file, all owners (+n) and permanent
owners (as set in the config variable) will HAVE to use a secure authentication,
to protect against sniffing. after entering your password, the bot will show:
    [entity] [security] Authorizing login for botowner on LamestBot...
    -*- Blowfish check: FiafAN33nF LOCAL Tcl size: 205191 -*-
    User Access Verification. Challenge: fvGuQAqZheSxd0RFeDrHc9XMJnOwvEl
the bot waits for the correct authentication challenge. from a shell, run the
'auth' script that needs your eggdrop executable and the encryption module to
work. it will ask you for the tcl size (which the bot gives you), your nickname
(which is initially 'botowner'), and the challenge (that the bot just gave you).
upon entering all the, the auth script gives you the correct challenge, which
you send to the bot. you're then granted access to the party line.

USAGE AND FUNCTIONALITY
entity9 comes with a large amount of functionality, most of which is used
interactively or can be configured via dcc. to get a feature overview, type
'.help' in the DCC partyline chat. you'll see a list of topics. now type
'.help <topic>', for example '.help security' to learn about all the user
commands available regarding security features.

INTERNAL SECURITY FEATURES
entity9 uses host-based and anomaly-based intrusion detection checks, and can
react differently to different severity levels of IDS events, ranging from
log entries to generating channel and botnet messages to de-linking bots.
for example, the script monitors local system files for changes, suspicious
userfile changes, irc-based direct attacks against the bot, remote session
hijacking, bogus botnet commands, etc. another security feature is that the
security system uses internal encryption, for file verification and partyline
challenge authentication, and of course userfile entries, and security can be
improved as much as with running an completely "encrypted eggdrop" package, if
just the encryption salts are changed. this will make it a lot more harder for
an attacker to even gain access to the bot, even if in possession of the script,
and the userfile. to do so, change the SALT1 and SALT2 values in blowfish.c.
paranoid people can also change values in the blowfish tables (bf_tab.h).

CREDITS
Thanks and acknowledgements go out to:
Joker (debugging, ircnet testing, new features), slennox (many security ideas
are from his scripts), mirda (debugging), eggheads/devteam (for quality
eggdrop development:), tyson, xalienx (debugging), mirda (debugging),
VietGuy (debugging), YounGoat (debugging, ideas), TheBrain (debugging, testing),
Zappa (ircnet testing), kid226 (testing, debugging), cyber, eggdrop mailing
lists (some useful ideas), R. Pointer (eggdrop :), all the tcl programmers
whose tcl's I ripped, most of eggdrop1.6/scripts/ ;)

MD5 SUMS
