1. Forum
  2. Usenet Intenat
  3. ALT.BBS.SYNCHRONET

  • Telnet Verifier

    From Mortifis@1:229/2 to All on Thursday, February 28, 2019 11:46:22
    From: mortifis@ALLEYCAT.remove-6tv-this

    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the board daily, I decided to implement a telnet verifier and restrict new users to very limited activity, especially files and message groups. It is sad that we live in an era that there are 1000:1 more attempted hack attempts and ID phishers than legitimate users :-/



    2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

    ---
    þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From MRO@1:229/2 to All on Thursday, February 28, 2019 12:46:26
    From: mro@BBSESINF.remove-obr-this

    To: Mortifis
    Re: Telnet Verifier
    By: Mortifis to All on Thu Feb 28 2019 10:46 am

    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the board daily, I decided to implement a telnet verifier and restrict new users to very limited activity, especially files and message groups. It is sad


    bots wont sign up to the bbs, it confuses them.

    you can make a simple bbs capcha that loads before the signup process and blocks them if they fail.
    ---
    þ Synchronet þ ::: BBSES.info - free BBS services :::
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Nightfox@1:229/2 to All on Thursday, February 28, 2019 11:05:36
    From: nightfox@DIGDIST.remove-ou8-this

    To: Mortifis
    Re: Telnet Verifier
    By: Mortifis to All on Thu Feb 28 2019 10:46 am

    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the board daily, I decided to implement a telnet verifier and restrict new users to very limited activity, especially files and message groups. It is sad that we live in an era that there are 1000:1 more attempted hack attempts and ID phishers than legitimate users :-/

    Yeah, any way to robustify the system to protect against hackment is good. I have restricted a lot of the things on my BBS so that the guest account can't do them (running most of the doors, for instance), and a while ago I made a simple text-based captcha that's used when new users are applying.

    Nightfox

    ---
    þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From DaiTengu@1:229/2 to All on Thursday, February 28, 2019 11:20:37
    From: daitengu@ENSEMBLE.remove-cbv-this

    To: Mortifis
    Re: Telnet Verifier
    By: Mortifis to All on Thu Feb 28 2019 10:46 am

    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the board daily, I decided to implement a telnet verifier and restrict new users to very limited activity, especially files and message groups. It is sad that we live in an era that there are 1000:1 more attempted hack attempts and ID phishers than legitimate users :-/

    The telnet connections are known worms trying to hit IOT devices and certain routers. they'll try some default usernames and passwords, but would have no idea what to do if they got logged into a BBS (and that would require an account on your board with the same username/passwords they were trying).

    My BBS is hosted at a large VPS provider that's regularly scanned by all kinds of script kiddies, trojans, worms, etc. I run everything on default ports
    and I've never had any issues other than photo.scr being uploaded before file.can was a thing. That's not to say I don't have any security on my system, I temporarily block any IP that makes more than 5 connections in as many minutes, which solved the issue of all my nodes getting tied up by a bot or two.

    DaiTengu

    ... I'm not afraid of heights. I'm afraid of widths.

    ---
    þ Synchronet þ War Ensemble BBS - The sport is war, total war - warensemble.com
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Daryl Stout@1:229/2 to All on Thursday, February 28, 2019 18:10:00
    From: daryl.stout@1:19/33.remove-zk4-this

    To: MORTIFIS
    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the M>board daily, I decided to implement a telnet verifier and restrict new users M>very limited activity, especially files and message groups. It is sad that w M>live in an era that there are 1000:1 more attempted hack attempts and ID M>phishers than legitimate users :-/

    Sad, but true. Plus, I have it set to where they must Email Feedback
    To Sysop, telling where they heard about the BBS, and what they're
    looking for in it....adding "a one word message of YO! or HI! is NOT sufficient".

    They also have to do this, and the telnet email verifier within 48
    hours of initial logon, or I zap the account. If they complete it
    quickly, then I feel they want to be a part of the BBS. Otherwise, to
    me, they're not interested.

    Yet, I run the BBS for MY enjoyment...so it doesn't bother me if I'm
    not drowning in new users. Besides, with Tornado Season in Arkansas now,
    I'm going to be offline more than usual, due to storms.

    Daryl

    ===
    þ OLX 1.53 þ JavaScript: Instructions on how to make a pot of coffee.
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Daryl Stout@1:229/2 to All on Thursday, February 28, 2019 18:12:00
    From: daryl.stout@1:19/33.remove-zk4-this

    To: NIGHTFOX
    Yeah, any way to robustify the system to protect against hackment is good. I N>have restricted a lot of the things on my BBS so that the guest account can't N>do them (running most of the doors, for instance), and a while ago I made a N>simple text-based captcha that's used when new users are applying.

    I got the CAPTCHA from Lord Blackfair, then figured out how to create
    a different numeric string, and set up batch files to copy the deal out
    every 15 minutes around the clock.

    As for the doors, the guests get the non-game and information doors only...and read only access in message board 1.

    Daryl

    ===
    þ OLX 1.53 þ Jaywalkers will be run down, and ticketed by police.
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Ragnarok@1:229/2 to All on Saturday, March 02, 2019 08:03:50
    From: ragnarok@DOCKSUD.remove-ad2-this

    To: Mortifis
    El 28/2/19 a las 11:46, Mortifis escribió:
    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the board daily, I decided to implement a telnet verifier and restrict new users
    to
    very limited activity, especially files and message groups. It is sad that
    we
    live in an era that there are 1000:1 more attempted hack attempts and ID phishers than legitimate users :-/



    2 wrongs don't make a right, but 3 left turns will get you back on the
    freeway!

    ---

    you must use fial2ban

    ---
    þ Synchronet þ Dock Sud BBS TLD 24 HS - http://bbs.docksud.com.ar - telnet://bbs.docksud.com.ar
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Plt@1:229/2 to Mortifis on Saturday, March 02, 2019 23:47:55
    From: plt@SBBS.remove-r51-this

    To: Mortifis
    I feel sorry for you

    On 2/28/19 9:46 AM, Mortifis wrote:
    I dislike doing it, but with 1000 bots and trojans attempting to 'hack' the >board daily, I decided to implement a telnet verifier and restrict new users to
    very limited activity, especially files and message groups. It is sad that we >live in an era that there are 1000:1 more attempted hack attempts and ID >phishers than legitimate users :-/



    2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

    ---
    â–  Synchronet â–  AlleyCat! BBS - http://alleycat.synchro.net:81

    ---
    þ Synchronet þ sbbs.dynu.net 2025
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From jpbock@gmail.com@1:229/2 to MRO on Thursday, March 14, 2019 08:19:18
    On Thursday, February 28, 2019 at 12:51:06 PM UTC-5, MRO wrote:
    To: Mortifis
    Re: Telnet Verifier
    By: Mortifis to All on Thu Feb 28 2019 10:46 am

    I dislike doing it, but with 1000 bots and trojans attempting to 'hack'
    the
    board daily, I decided to implement a telnet verifier and restrict new
    users
    to very limited activity, especially files and message groups. It is sad


    bots wont sign up to the bbs, it confuses them.

    you can make a simple bbs capcha that loads before the signup process and blocks them if they fail.
    ---
    ÅŸ Synchronet ÅŸ ::: BBSES.info - free BBS services :::
    --- Synchronet 3.17c-Win32 NewsLink 1.110
    * Vertrauen - Riverside County, California - telnet://vert.synchro.net

    Ha! It doesn't take much to confuse them. ;)

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)