I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Sam Alexander wrote to All <=-
I'm finally in a place where I can setup a new board -- probably
will just be for my own benefit and the fun of doing it. I'm
quite surprised at the barrage of connections I started getting
right out of the gate! I'm getting telnet and ssh connections
almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm
running sync at home over my broadband connection, so I guess
it's people just scanning ports and ip's.
Anyway just curious if this is quite common ... I remember it
being so last time I ran a telnet board 15+ years ago, but not to
this degree. Thanks- Sam
I'm finally in a place where I can setup a new board -- probably will
just be for my own benefit and the fun of doing it. I'm quite
surprised at the barrage of connections I started getting right out
of the gate! I'm getting telnet and ssh connections almost
constantly, about 3-5 a minute if not more. Trying randon usernames
and such. I guess this is normal now'days? I'm running sync at home
over my broadband connection, so I guess it's people just scanning
ports and ip's.
I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Thanks- Sam
---
¨ Synchronet ¨ Vertrauen ¨ Home of Synchronet ¨ [vert/cvs/bbs].synchro.net
You might want to avoid using the standard ports for telnet/ssh/rlogin.
getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I
You might want to avoid using the standard ports for telnet/ssh/rlogin.
I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.
Example, on my fairly open linux box, these are all the attempted ssh connections within 24 hours. Deal with it with fail2ban or somethingI think people are looking for filters that block countries and other miscreants.
similar - that I have but seems I need to tweak it.
I think people are looking for filters that block countries and other miscreants.
The worst thing that ever happened to me was that spurious SSH connections would jam up all of my nodes and take forever to disconnect. I did something slightly hacky with text.dat and a script to disconnect them more quickly. Can't remember the details right now.
There's stuff you can do to mitigate it a bit, but you'll also be fine if you ignore it. I mostly do, and I'm still alive.
Re: Re: Crazy BBS connections
By: Nelgin to Sam Alexander on Mon Mar 21 2022 06:48 pm
Example, on my fairly open linux box, these are all the attempted ssh connections within 24 hours. Deal with it with fail2ban or something similar - that I have but seems I need to tweak it.
I think people are looking for filters that block countries and other miscreants.
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Yup, sounds normal.
You might want to avoid using the standard ports for telnet/ssh/rlogin.
Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Mon Mar 21 2022 12:36 pm
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Yup, sounds normal.
I guess I'll need to increase the nodes from 4 to 8, at any given time 2 to 3 are tied-up with this mess, once even all four were tied-up. Can you give more details on how LoginAttemptFilterThreshold works?
Re: Crazy BBS connections
By: Sam Alexander to Digital Man on Tue Mar 22 2022 04:45 am
Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Mon Mar 21 2022 12:36 pm
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Re: Re: Crazy BBS connectionsblock countries make no sense.
By: Nelgin to Sam Alexander on Mon Mar 21 2022 06:48 pm
> Example, on my fairly open linux box, these are all the attempted ssh
> connections within 24 hours. Deal with it with fail2ban or something
> similar - that I have but seems I need to tweak it.
I think people are looking for filters that block countries and other miscreants.
---
¨ Synchronet ¨ Inland Utopia - iutopia.duckdns.org
Ragnarok wrote to Utopian Galt <=-
block countries make no sense.
use fail2ban and filter their ips that make noise on your server
On 03-23-22 12:59, Ragnarok wrote to Utopian Galt <=-
block countries make no sense.
use fail2ban and filter their ips that make noise on your server
On 03-23-22 12:59, Ragnarok wrote to Utopian Galt <=-
block countries make no sense.
use fail2ban and filter their ips that make noise on your server
I agree, fail2ban works very well, and keeps the bots at bay.
I agree, fail2ban works very well, and keeps the bots at bay.But I run Windows.
On 03-25-22 18:53, Utopian Galt wrote to Tony Langdon <=-
Re: Re: Crazy BBS connections
By: Tony Langdon to Ragnarok on Fri Mar 25 2022 08:25 pm
I agree, fail2ban works very well, and keeps the bots at bay.
But I run Windows.
You might want to avoid using the standard ports for telnet/ssh/rlogin.
On 3/21/22 15:41, dragon wrote:
You might want to avoid using the standard ports for telnet/ssh/rlogin.
I disagree... I tend to prefer the "standard" ports and just accept or blacklist the bot stuff.
--
Re: Re: Crazy BBS connections
By: Tracker1 to dragon on Fri Apr 01 2022 10:07 pm
> On 3/21/22 15:41, dragon wrote:
>
> > You might want to avoid using the standard ports for telnet/ssh/rlogin.
>
> I disagree... I tend to prefer the "standard" ports and just accept or
> blacklist the bot stuff.
> --
i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
---
¨ Synchronet ¨ ::: BBSES.info - free BBS services :::
There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?
i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
---
There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?
Re: Re: Crazy BBS connections
By: dragon to MRO on Sat Apr 02 2022 12:31 pm
> > i'm with ya on that. using non standard ports when you have users
> > is really stupid. its hard enough getting them to call.
> > ---
>
> There are hundreds of BBSes on non-standard ports in my database. Are
> all these sysops "really stupid"?
yes they are. i devoted the last 25 years of my life running services for sysops and users.
you're a bit late to the show and i assume you are one of those guys that is into this stuff for the technology aspect, and learning new things.
so yes, obviously you are doing something stupid if you make it harder for people to use your system when they can go someplace else with no hassle.
Half of the top 10 most popular sites in the voting section of my
website use non-standard ports. Perhaps you are selling the users short
or inflating the degree this is a "hassle".
I have been involved in computer technology since 1981. I ran RBBS and PCBoard multinode dialup boards for well over a decade. I was a Fidonet coordinator with a Planet Connect feed servicing a large number of downstream nodes for over a decade.
I've been managing and securing IP networks for nearly 30 years.
Since 2017 I've become re-interested in BBSes, mostly because I was
amazed to find out so many still existed. You're correct that I'm not
I've been managing and securing IP networks for nearly 30 years.
I've been managing and securing IP networks for nearly 30 years.
As they say, there's always a bigger fish.
The concept of moving to nonstandard ports is dated and not useful anymore. It
accomplishes nothing other than making it more difficult for users to connect.
For all the people that say otherwise, I'll wait to see all of the examples of exploited BBS systems that were using 22/23.
- Andre
---
¨ Synchronet ¨ Radio Mentor BBS - bbs.radiomentor.org
Re: Re: Crazy BBS connections
By: dragon to MRO on Sun Apr 03 2022 01:15 am
> Half of the top 10 most popular sites in the voting section of my
> website use non-standard ports. Perhaps you are selling the users short
> or inflating the degree this is a "hassle".
your voting section is fucking bullshit.
i've talked about this before.
> I have been involved in computer technology since 1981. I ran RBBS and
> PCBoard multinode dialup boards for well over a decade. I was a Fidonet
> coordinator with a Planet Connect feed servicing a large number of
> downstream nodes for over a decade.
>
> I've been managing and securing IP networks for nearly 30 years.
>
GOOD FOR YOU.
> Since 2017 I've become re-interested in BBSes, mostly because I was
> amazed to find out so many still existed. You're correct that I'm not
like i said, you are late to the party.
---
¨ Synchronet ¨ ::: BBSES.info - free BBS services :::
> coordinator with a Planet Connect feed servicing a large number of
> downstream nodes for over a decade.
>
> I've been managing and securing IP networks for nearly 30 years.
>
GOOD FOR YOU.
> Since 2017 I've become re-interested in BBSes, mostly because I was
> amazed to find out so many still existed. You're correct that I'm not
like i said, you are late to the party.
---
Synchronet ::: BBSES.info - free BBS services :::
Man, you're unpleasant. Where did the bad man touch you?
I've been managing and securing IP networks for nearly 30 years.
As they say, there's always a bigger fish.
The concept of moving to nonstandard ports is dated and not useful anymore. It accomplishes nothing other than making it more difficult for users to connect. For all the people that say otherwise, I'll wait to see all of the examples
of exploited BBS systems that were using 22/23.
I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.
Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Thanks- Sam
I think the reason that some sysops use non-standard ports is to cut down on bots busying their nodes (attempting logins or just waiting to timeout) and possibly denying service to legit users.
users to connect. For all the people that say otherwise, I'll wait to see all of the examples of exploited BBS systems that were using 22/23.Reducing the number of idiots and botnets trying to hammer your system is the main reason why many use non standard ports.
Reducing the number of idiots and botnets trying to hammer your system is the main reason why many use non standard ports.
Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am
> > I've been managing and securing IP networks for nearly 30 years.
>
> As they say, there's always a bigger fish.
>
> The concept of moving to nonstandard ports is dated and not useful anymore.
> It accomplishes nothing other than making it more difficult for users to
> connect. For all the people that say otherwise, I'll wait to see all of the
> examples
> of exploited BBS systems that were using 22/23.
I think the reason that some sysops use non-standard ports is to cut down on bots busying their nodes (attempting logins or just waiting to timeout) and possibly denying service to legit users.
i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?
Something doesn't become smart just because hundreds of people do it. I'm not about to eat shit because trillions of flies seem to enjoy it.
There are legit reasons for using non-standard ports - eg. your ISP prevents you from using the proper ones - but more often than not it's done for silly reasons. There are proper ways to deal with bots and hack attempts, including just ignoring them.
I disagree... I tend to prefer the "standard" ports and just
accept or blacklist the bot stuff.
i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?
Tracker1 wrote to dragon <=-
I would probably just pay for ngrok pro, a similar service, or host on
a VPS if your residential ISP won't let you use those ports.
I would probably just pay for ngrok pro, a similar service, or host
on a VPS if your residential ISP won't let you use those ports.
...
https://jerrington.me/posts/2019-01-29-self-hosted-ngrok.html
Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse
tunnelling
Ngrok is a fantastic tool for creating a secure tunnel from the
public web to a machine behind NAT or a firewall. Sadly, it costs
money and it's proprietary. If you're a developer, odds are that
you're already renting a server in the public cloud, so why not
roll your own ngrok?
It turns out that you can do it using free, off-the-shelf tools,
with no sophisticated scripting required!
On 4/3/2022 6:02 PM, Digital Man wrote:
Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am
> > I've been managing and securing IP networks for nearly 30 years.
>
> As they say, there's always a bigger fish.
>
> The concept of moving to nonstandard ports is dated and not useful any
> It accomplishes nothing other than making it more difficult for users
> connect. For all the people that say otherwise, I'll wait to see all o
> examples
> of exploited BBS systems that were using 22/23.
I think the reason that some sysops use non-standard ports is to cut down
That's actually what the original poster seemed to be asking about and
what I thought I was providing an OPTION for him to deal with it.
That may bring up the
argument that someone who wants to sneak in the building knows doors 22 or
23 are the kitchen entrance. You may have to lock those doors down and tell the caterer to use another entrance. Is this an issue? Not really if the caterer knows which door to bring the food in. That information is provided by the building manager. If you want to invite a select group of people in, you would have to advertise wherever else these people go and inform them as to which non-common door to enter from.
Sysop: | Chris Anderson |
---|---|
Location: | Murfreesboro, TN |
Users: | 2 |
Nodes: | 4 (0 / 4) |
Uptime: | 39:44:52 |
Calls: | 58 |
Files: | 3 |
Messages: | 20,289 |