I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Thanks- Sam

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Crazy BBS connections
By: Sam Alexander to All on Mon Mar 21 2022 12:33 pm

I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.

Yup, sounds normal.
--
digital man (rob)

This Is Spinal Tap quote #23:
David St. Hubbins: I envy us.
Norco, CA WX: 75.9øF, 19.0% humidity, 9 mph SSW wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Crazy BBS connections
By: Sam Alexander to All on Mon Mar 21 2022 12:33 pm

I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

uh. yeah. it's the internet.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Crazy BBS connections
By: Sam Alexander to All on Mon Mar 21 2022 12:33 pm

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.

It was the same back then. Just bot scans looking for systems with default passwords, misconfigurations, or unpatched exploits.


- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org

Sam Alexander wrote to All <=-

I'm finally in a place where I can setup a new board -- probably
will just be for my own benefit and the fun of doing it. I'm
quite surprised at the barrage of connections I started getting
right out of the gate! I'm getting telnet and ssh connections
almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm
running sync at home over my broadband connection, so I guess
it's people just scanning ports and ip's.

Anyway just curious if this is quite common ... I remember it
being so last time I ran a telnet board 15+ years ago, but not to
this degree. Thanks- Sam

Yes, it is common/normal.

There is this page on the Wiki, which may offer some help with it:

http://wiki.synchro.net/howto:block-hackers


... If it weren't for Edison we'd be using computers by candlelight
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

On Mon, 21 Mar 2022 12:33:52 -0700
"Sam Alexander" <sam.alexander@VERT> wrote:

I'm finally in a place where I can setup a new board -- probably will
just be for my own benefit and the fun of doing it. I'm quite
surprised at the barrage of connections I started getting right out
of the gate! I'm getting telnet and ssh connections almost
constantly, about 3-5 a minute if not more. Trying randon usernames
and such. I guess this is normal now'days? I'm running sync at home
over my broadband connection, so I guess it's people just scanning
ports and ip's.

very common.

Example, on my fairly open linux box, these are all the attempted ssh connections within 24 hours. Deal with it with fail2ban or something
similar - that I have but seems I need to tweak it.

unknown (122.187.114.134): 50 Time(s)
unknown (104.42.148.242): 40 Time(s)
unknown (80.248.67.11): 33 Time(s)
unknown (13.77.174.169): 29 Time(s)
unknown (45.173.207.238): 29 Time(s)
unknown (157.245.139.92): 26 Time(s)
unknown (20.101.118.63): 26 Time(s)
unknown (40.113.243.220): 26 Time(s)
unknown (161.35.111.48): 25 Time(s)
unknown (186.204.53.1): 25 Time(s)
unknown (187.120.9.30): 25 Time(s)
unknown (143.244.170.127): 23 Time(s)
unknown (2.39.147.86): 23 Time(s)
unknown (36.91.166.34): 23 Time(s)
unknown (106.12.21.202): 22 Time(s)
unknown (106.52.193.249): 22 Time(s)
unknown (134.209.212.125): 22 Time(s)
unknown (144.24.216.133): 22 Time(s)
unknown (159.223.148.195): 22 Time(s)
unknown (159.223.51.213): 22 Time(s)
unknown (177.200.1.61): 22 Time(s)
unknown (181.129.166.202): 22 Time(s)
unknown (181.218.40.74): 22 Time(s)
unknown (182.253.117.99): 22 Time(s)
unknown (183.82.96.133): 22 Time(s)
unknown (202.165.66.104): 22 Time(s)
unknown (218.55.101.162): 22 Time(s)
unknown (27.128.233.119): 22 Time(s)
unknown (36.255.8.153): 22 Time(s)
unknown (43.155.90.89): 22 Time(s)
unknown (82.130.209.51): 22 Time(s)
unknown (107.150.103.23): 21 Time(s)
unknown (137.184.85.50): 21 Time(s)
unknown (157.245.193.50): 21 Time(s)
unknown (162.243.169.147): 21 Time(s)
unknown (164.92.208.210): 21 Time(s)
unknown (167.172.90.213): 21 Time(s)
unknown (178.140.56.159): 21 Time(s)
unknown (188.124.230.230): 21 Time(s)
unknown (20.136.1.73): 21 Time(s)
unknown (207.244.250.243): 21 Time(s)
unknown (210.204.190.9): 21 Time(s)
unknown (217.160.13.99): 21 Time(s)
unknown (43.134.211.59): 21 Time(s)
unknown (43.154.141.169): 21 Time(s)
unknown (43.243.206.115): 21 Time(s)
unknown (49.232.173.143): 21 Time(s)
unknown (106.54.203.54): 20 Time(s)
unknown (142.120.243.103): 20 Time(s)
unknown (161.35.219.53): 20 Time(s)
unknown (20.82.120.178): 20 Time(s)
unknown (43.154.105.79): 20 Time(s)
unknown (43.155.82.137): 20 Time(s)
unknown (68.183.7.120): 20 Time(s)
unknown (69.55.61.96): 20 Time(s)
unknown (89.143.15.210): 20 Time(s)
unknown (118.113.15.18): 19 Time(s)
unknown (206.189.86.91): 19 Time(s)
unknown (43.154.49.251): 19 Time(s)
unknown (103.35.165.190): 18 Time(s)
unknown (117.236.151.130): 18 Time(s)
unknown (147.182.189.196): 18 Time(s)
unknown (43.132.155.95): 18 Time(s)
unknown (8.209.197.37): 18 Time(s)
unknown (180.76.144.163): 17 Time(s)
unknown (43.154.189.23): 17 Time(s)
unknown (43.155.116.235): 17 Time(s)
unknown (103.181.143.44): 15 Time(s)
unknown (43.155.86.169): 15 Time(s)
unknown (106.12.161.226): 14 Time(s)
unknown (43.154.195.100): 13 Time(s)
unknown (180.76.58.57): 12 Time(s)
unknown (182.150.57.21): 12 Time(s)
unknown (182.74.114.198): 12 Time(s)
--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23
---
þ Synchronet þ End Of The Line BBS - endofthelinebbs.com

On 3/21/2022 3:33 PM, Sam Alexander wrote:

I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Thanks- Sam

---
¨ Synchronet ¨ Vertrauen ¨ Home of Synchronet ¨ [vert/cvs/bbs].synchro.net

You might want to avoid using the standard ports for telnet/ssh/rlogin.

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

Re: Re: Crazy BBS connections
By: dragon to Sam Alexander on Mon Mar 21 2022 06:41 pm

You might want to avoid using the standard ports for telnet/ssh/rlogin.

The problem with changing the standard ports is that most users probably aren't going to bother changing their port configuration for a particular BBS. So if you change the ports your BBS uses, you'll probbaly see a dramatic drop-off in users (not that we get many in the first place).

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com

Re: Crazy BBS connections
By: Sam Alexander to All on Mon Mar 21 2022 12:33:52

getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I

It's normal and don't worry about it unless you really want to. Scripts are attacking your server, but they wouldn't know what to do if they got in. They're expecting bash or some IoT device, not a BBS.

The worst thing that ever happened to me was that spurious SSH connections would jam up all of my nodes and take forever to disconnect. I did something slightly hacky with text.dat and a script to disconnect them more quickly. Can't remember the details right now.

There's stuff you can do to mitigate it a bit, but you'll also be fine if you ignore it. I mostly do, and I'm still alive.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com
---
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Re: Re: Crazy BBS connections
By: dragon to Sam Alexander on Mon Mar 21 2022 18:41:42

You might want to avoid using the standard ports for telnet/ssh/rlogin.

This may reduce the number of connections, but I wouldn't bother unless these connections present an actual problem (which they rarely do). No sense in complicating things for yourself or your users (hah) unnecessarily.

I use default ports for everything except where my ISP makes it impossible.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com
---
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Re: Crazy BBS connections
By: Sam Alexander to All on Mon Mar 21 2022 12:33 pm

I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

I have my router take care of DOS and DDOS, and I only open ports I actually use on my BBS computer, I also block ip's that try the password guess game and I have a jibberish text file that is sent to them each time they try to spam me.

... BBSing: a method to triple your phone bill.

---
þ Synchronet þ outwestbbs.com - the Outwest BBS

Re: Re: Crazy BBS connections
By: Nelgin to Sam Alexander on Mon Mar 21 2022 06:48 pm

Example, on my fairly open linux box, these are all the attempted ssh connections within 24 hours. Deal with it with fail2ban or something
similar - that I have but seems I need to tweak it.

I think people are looking for filters that block countries and other miscreants.

---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org

Re: Re: Crazy BBS connections
By: Utopian Galt to Nelgin on Mon Mar 21 2022 18:36:30

I think people are looking for filters that block countries and other miscreants.

I'm building up a nice collection of netblocks.

If I was smart I'd just move ssh to another port and be done with it, but I'm not a huge fan of security by obscurity.

---
þ Synchronet þ End Of The Line BBS - endofthelinebbs.com

Re: Crazy BBS connections
By: echicken to Sam Alexander on Tue Mar 22 2022 03:05 am

The worst thing that ever happened to me was that spurious SSH connections would jam up all of my nodes and take forever to disconnect. I did something slightly hacky with text.dat and a script to disconnect them more quickly. Can't remember the details right now.

There's stuff you can do to mitigate it a bit, but you'll also be fine if you ignore it. I mostly do, and I'm still alive.

there's some real bad ones. the ones i hate are the ones that claim to be legit scanners. they never stop and hit me all the time, all day long.

with bots going in my login i have a capcha thing that only 2 idiots failed in many years. they actually had to write something wrong and then confirm it.

what this script does is block everyone that connects. then they solve it correctly and they are removed. that way bots that disconnect are in the list.

but blocking is real fruitless. when you block 100, there's another 10,000 to replace them.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Re: Crazy BBS connections
By: Utopian Galt to Nelgin on Mon Mar 21 2022 06:36 pm

Re: Re: Crazy BBS connections
By: Nelgin to Sam Alexander on Mon Mar 21 2022 06:48 pm

Example, on my fairly open linux box, these are all the attempted ssh connections within 24 hours. Deal with it with fail2ban or something similar - that I have but seems I need to tweak it.

I think people are looking for filters that block countries and other miscreants.

it's not too hard to find those lists.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Mon Mar 21 2022 12:36 pm

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.

Yup, sounds normal.

I guess I'll need to increase the nodes from 4 to 8, at any given time 2 to 3 are tied-up with this mess, once even all four were tied-up. Can you give more details on how LoginAttemptFilterThreshold works? I read the docs, and other than suggesting not to set below 10 i'm unsure what this does. I'm often seeing the same IP trying dozens of times, and though I've added some to the ip.can file I'm not sure I have this working correctly.

This is on Sync built from the most current git release on Linux.
Thanks..

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Re: Crazy BBS connections
By: dragon to Sam Alexander on Mon Mar 21 2022 06:41 pm

You might want to avoid using the standard ports for telnet/ssh/rlogin.

I thought of that, but this doesn't seem to be norm for most systems. My biggest concern are these connections tying up all the nodes, already seen it happen once. I'll probably increase from 4 to 8 due to this.

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Crazy BBS connections
By: Sam Alexander to Digital Man on Tue Mar 22 2022 04:45 am

Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Mon Mar 21 2022 12:36 pm

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.

Yup, sounds normal.

I guess I'll need to increase the nodes from 4 to 8, at any given time 2 to 3 are tied-up with this mess, once even all four were tied-up. Can you give more details on how LoginAttemptFilterThreshold works?

The number of consecutive failed login attempts before an IP address is filtered (added to ip.can file).
--
digital man (rob)

Sling Blade quote #25:
Karl: they seen fit to put me in here and here I've been a great long while. Norco, CA WX: 65.7øF, 37.0% humidity, 0 mph NNE wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Wed Mar 23 2022 12:36 am

Re: Crazy BBS connections
By: Sam Alexander to Digital Man on Tue Mar 22 2022 04:45 am

Re: Crazy BBS connections
By: Digital Man to Sam Alexander on Mon Mar 21 2022 12:36 pm

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.

let me know if you want a copy of peerblock.
i have a batchfile that makes it easy to add an IP to the custom blocklist.

it needs to be 32bit windows.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

El 21/3/22 a las 22:36, Utopian Galt escribi¢:

Re: Re: Crazy BBS connections
By: Nelgin to Sam Alexander on Mon Mar 21 2022 06:48 pm

> Example, on my fairly open linux box, these are all the attempted ssh
> connections within 24 hours. Deal with it with fail2ban or something
> similar - that I have but seems I need to tweak it.
I think people are looking for filters that block countries and other miscreants.

---
¨ Synchronet ¨ Inland Utopia - iutopia.duckdns.org

block countries make no sense.
use fail2ban and filter their ips that make noise on your server

---
þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar

Ragnarok wrote to Utopian Galt <=-

block countries make no sense.

Sometimes it does. It's easy and effective. I have dozens blocked.

use fail2ban and filter their ips that make noise on your server

Harder to do, and there are too many of them.


... Nothing's foolproof - the idiots are too ingenious.
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

Even before Russia decided to go to Ukraine and raise heck, I want to ban all of Russia as an example.

---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org

On 03-23-22 12:59, Ragnarok wrote to Utopian Galt <=-

block countries make no sense.
use fail2ban and filter their ips that make noise on your server

I agree, fail2ban works very well, and keeps the bots at bay.


... Some of the crowd have decided to voice their opinion by staying away.
=== MultiMail/Win v0.52
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Re: Crazy BBS connections
By: Tony Langdon to Ragnarok on Fri Mar 25 2022 08:25 pm

On 03-23-22 12:59, Ragnarok wrote to Utopian Galt <=-

block countries make no sense.
use fail2ban and filter their ips that make noise on your server

I agree, fail2ban works very well, and keeps the bots at bay.

i like blocking countries, though.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Re: Crazy BBS connections
By: Tony Langdon to Ragnarok on Fri Mar 25 2022 08:25 pm

I agree, fail2ban works very well, and keeps the bots at bay.

But I run Windows.

---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org

On 03-25-22 18:53, Utopian Galt wrote to Tony Langdon <=-

Re: Re: Crazy BBS connections
By: Tony Langdon to Ragnarok on Fri Mar 25 2022 08:25 pm

I agree, fail2ban works very well, and keeps the bots at bay.

But I run Windows.

Yeah I'm not sure if there's a Windows equivalent.


... Hell hath no fury like a bureaucrat scorned.
=== MultiMail/Win v0.52
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

On 3/21/22 15:41, dragon wrote:

You might want to avoid using the standard ports for telnet/ssh/rlogin.

I disagree... I tend to prefer the "standard" ports and just accept or blacklist the bot stuff.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

Re: Re: Crazy BBS connections
By: Tracker1 to dragon on Fri Apr 01 2022 10:07 pm

On 3/21/22 15:41, dragon wrote:

You might want to avoid using the standard ports for telnet/ssh/rlogin.

I disagree... I tend to prefer the "standard" ports and just accept or blacklist the bot stuff.
--

i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

On 4/2/2022 7:08 AM, MRO wrote:

Re: Re: Crazy BBS connections
By: Tracker1 to dragon on Fri Apr 01 2022 10:07 pm

> On 3/21/22 15:41, dragon wrote:
>
> > You might want to avoid using the standard ports for telnet/ssh/rlogin.
>
> I disagree... I tend to prefer the "standard" ports and just accept or
> blacklist the bot stuff.
> --

i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
---
¨ Synchronet ¨ ::: BBSES.info - free BBS services :::

There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?

Yes.


- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: Crazy BBS connections
By: dragon to MRO on Sat Apr 02 2022 12:31 pm

i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.
---

There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?

yes they are. i devoted the last 25 years of my life running services for sysops and users.

when you put up a roadblock when a user has a very short attention span and tollerance for things, you are really screwing yourself over.

lets say there's 2 amusement parks. one on each side of the road.
one is cheaper but you have long waits. with the other one, it's more expensive but there's no wait to get in and there's a very short wait for the rides. it's ran better than the other one.

the first park would be out of business in a year.

you're a bit late to the show and i assume you are one of those guys that is into this stuff for the technology aspect, and learning new things.

I have always been in it for the users. I think about what they want, i had friendships with my users and i gave them what they wanted. for me it was always about the users because that is what a bbs system is for. it's providing service. a lot of people don't realize this.

i've seen hundreds of guys that say they 'run this for themselves and don't care if they get users' shut down with the reason being their system is dead and they have no use.

so yes, obviously you are doing something stupid if you make it harder for people to use your system when they can go someplace else with no hassle.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

On 4/2/2022 4:51 PM, MRO wrote:

Re: Re: Crazy BBS connections
By: dragon to MRO on Sat Apr 02 2022 12:31 pm

> > i'm with ya on that. using non standard ports when you have users
> > is really stupid. its hard enough getting them to call.
> > ---
>
> There are hundreds of BBSes on non-standard ports in my database. Are
> all these sysops "really stupid"?

yes they are. i devoted the last 25 years of my life running services for sysops and users.

you're a bit late to the show and i assume you are one of those guys that is into this stuff for the technology aspect, and learning new things.

so yes, obviously you are doing something stupid if you make it harder for people to use your system when they can go someplace else with no hassle.

Half of the top 10 most popular sites in the voting section of my
website use non-standard ports. Perhaps you are selling the users short
or inflating the degree this is a "hassle".

I'm not late. I've just been away for a while.

I have been involved in computer technology since 1981. I ran RBBS and PCBoard multinode dialup boards for well over a decade. I was a Fidonet coordinator with a Planet Connect feed servicing a large number of
downstream nodes for over a decade.

I've been managing and securing IP networks for nearly 30 years.

Since 2017 I've become re-interested in BBSes, mostly because I was
amazed to find out so many still existed. You're correct that I'm not
looking to build a community on my BBS at this time.

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

Re: Re: Crazy BBS connections
By: dragon to MRO on Sun Apr 03 2022 01:15 am

Half of the top 10 most popular sites in the voting section of my
website use non-standard ports. Perhaps you are selling the users short
or inflating the degree this is a "hassle".

your voting section is fucking bullshit.
i've talked about this before.

I have been involved in computer technology since 1981. I ran RBBS and PCBoard multinode dialup boards for well over a decade. I was a Fidonet coordinator with a Planet Connect feed servicing a large number of downstream nodes for over a decade.

I've been managing and securing IP networks for nearly 30 years.

GOOD FOR YOU.

Since 2017 I've become re-interested in BBSes, mostly because I was
amazed to find out so many still existed. You're correct that I'm not

like i said, you are late to the party.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

I've been managing and securing IP networks for nearly 30 years.

As they say, there's always a bigger fish.

The concept of moving to nonstandard ports is dated and not useful anymore. It accomplishes nothing other than making it more difficult for users to connect. For all the people that say otherwise, I'll wait to see all of the examples
of exploited BBS systems that were using 22/23.


- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org

On 4/3/2022 8:44 AM, Andre wrote:

I've been managing and securing IP networks for nearly 30 years.

As they say, there's always a bigger fish.

The concept of moving to nonstandard ports is dated and not useful anymore. It
accomplishes nothing other than making it more difficult for users to connect.
For all the people that say otherwise, I'll wait to see all of the examples of exploited BBS systems that were using 22/23.

- Andre

---
¨ Synchronet ¨ Radio Mentor BBS - bbs.radiomentor.org

The original question was about how to cut down on doorknob rattling.

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

On 4/3/2022 7:11 AM, MRO wrote:

Re: Re: Crazy BBS connections
By: dragon to MRO on Sun Apr 03 2022 01:15 am

> Half of the top 10 most popular sites in the voting section of my
> website use non-standard ports. Perhaps you are selling the users short
> or inflating the degree this is a "hassle".

your voting section is fucking bullshit.
i've talked about this before.

> I have been involved in computer technology since 1981. I ran RBBS and
> PCBoard multinode dialup boards for well over a decade. I was a Fidonet
> coordinator with a Planet Connect feed servicing a large number of
> downstream nodes for over a decade.
>
> I've been managing and securing IP networks for nearly 30 years.
>

GOOD FOR YOU.

> Since 2017 I've become re-interested in BBSes, mostly because I was
> amazed to find out so many still existed. You're correct that I'm not

like i said, you are late to the party.
---
¨ Synchronet ¨ ::: BBSES.info - free BBS services :::

Man, you're unpleasant. Where did the bad man touch you?

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

Re: Re: Crazy BBS connections
By: dragon to MRO on Sun Apr 03 2022 11:27 am

> coordinator with a Planet Connect feed servicing a large number of
> downstream nodes for over a decade.
>
> I've been managing and securing IP networks for nearly 30 years.
>

GOOD FOR YOU.

> Since 2017 I've become re-interested in BBSes, mostly because I was
> amazed to find out so many still existed. You're correct that I'm not

like i said, you are late to the party.
---
­ Synchronet ­ ::: BBSES.info - free BBS services :::

Man, you're unpleasant. Where did the bad man touch you?

sorry, i just dont suffer fools. you asked why something was stupid and i explained how i have focused decades on giving bbs users content with what they want. i could type for over a half an hour about what i've done for bbsing and sysops and bbs users over the past 20+ years. none of it matters now, but i did it.

you reply back that you ran fidonet nodes.
and you run a website that collects bbs urls and has a voting feature where sysop vote for their own bbses.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am

I've been managing and securing IP networks for nearly 30 years.

As they say, there's always a bigger fish.

The concept of moving to nonstandard ports is dated and not useful anymore. It accomplishes nothing other than making it more difficult for users to connect. For all the people that say otherwise, I'll wait to see all of the examples
of exploited BBS systems that were using 22/23.

I think the reason that some sysops use non-standard ports is to cut down on bots busying their nodes (attempting logins or just waiting to timeout) and possibly denying service to legit users.
--
digital man (rob)

Synchronet "Real Fact" #84:
The Electronic Frontier Foundation used to run Synchronet (circa 1993)
Norco, CA WX: 65.2øF, 66.0% humidity, 9 mph SSW wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

I'm finally in a place where I can setup a new board -- probably will just be for my own benefit and the fun of doing it. I'm quite surprised at the barrage of connections I started getting right out of the gate! I'm getting telnet and ssh connections almost constantly, about 3-5 a minute if not more. Trying randon usernames and such. I guess this is normal now'days? I'm running sync at home over my broadband connection, so I guess it's people just scanning ports and ip's.

Anyway just curious if this is quite common ... I remember it being so last time I ran a telnet board 15+ years ago, but not to this degree.
Thanks- Sam

Just people with a lot of time on their hands.

$ The Millionaire $

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

I think the reason that some sysops use non-standard ports is to cut down on bots busying their nodes (attempting logins or just waiting to timeout) and possibly denying service to legit users.

I've been waiting for someone to say that, which is a valid reason I guess. I get maybe two concurrent attacks/scans at the very most. Whatever, still a reason that makes some sense.

But so far, everyone who brings it up has said it's for security reasons. Which just doesn't hold water anymore.

- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org

Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am

users to connect. For all the people that say otherwise, I'll wait to see all of the examples of exploited BBS systems that were using 22/23.

Reducing the number of idiots and botnets trying to hammer your system is the main reason why many use non standard ports.

---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org:2023

Re: Re: Crazy BBS connections
By: Utopian Galt to Andre on Sun Apr 03 2022 12:54 pm

Reducing the number of idiots and botnets trying to hammer your system is the main reason why many use non standard ports.

Which accomplishes pretty much nothing. No security impact. Maybe have to run a couple more nodes for the times when you end up with a couple nodes taken up by scanners and bots.


- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org

On 4/3/2022 6:02 PM, Digital Man wrote:

Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am

> > I've been managing and securing IP networks for nearly 30 years.
>
> As they say, there's always a bigger fish.
>
> The concept of moving to nonstandard ports is dated and not useful anymore.
> It accomplishes nothing other than making it more difficult for users to
> connect. For all the people that say otherwise, I'll wait to see all of the
> examples
> of exploited BBS systems that were using 22/23.

I think the reason that some sysops use non-standard ports is to cut down on bots busying their nodes (attempting logins or just waiting to timeout) and possibly denying service to legit users.

That's actually what the original poster seemed to be asking about and
what I thought I was providing an OPTION for him to deal with it.

---
­ Synchronet ­ IPTIA - bbs2.ipingthereforeiam.com:2323

Re: Re: Crazy BBS connections
By: dragon to MRO on Sat Apr 02 2022 12:31:41

i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.

There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?

They're doing a stupid thing, but it doesn't make them all-around stupid. No need to escalate.

Something doesn't become smart just because hundreds of people do it. I'm not about to eat shit because trillions of flies seem to enjoy it.

There are legit reasons for using non-standard ports - eg. your ISP prevents you from using the proper ones - but more often than not it's done for silly reasons. There are proper ways to deal with bots and hack attempts, including just ignoring them.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com
---
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Re: Re: Crazy BBS connections
By: echicken to dragon on Mon Apr 04 2022 04:29 am

Something doesn't become smart just because hundreds of people do it. I'm not about to eat shit because trillions of flies seem to enjoy it.

There are legit reasons for using non-standard ports - eg. your ISP prevents you from using the proper ones - but more often than not it's done for silly reasons. There are proper ways to deal with bots and hack attempts, including just ignoring them.

i do stupid things all the time, lots of times i just do it to be interesting.

but there's common sense stuff and people need to attempt to think sometimes.

you don't want to make things difficult for an audience that would rather just drop their connection on you and watch some memes.

i dont care if 1000 people are running their bbses and other things on wrong ports and think it's a great idea. it's not. you're on the internet and this means you are going to be scanned all day long no matter WHAT you do.

i just opened up vnc on THIS server and i have shadowserver scanning me all day, a email attacks, and web attacks. i'm not shitting my pants over it.
i'm still able to type out my nasty comments here and it's not lagging.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

On 4/2/22 09:31, dragon wrote:

I disagree... I tend to prefer the "standard" ports and just
accept or blacklist the bot stuff.

i'm with ya on that. using non standard ports when you have users
is really stupid. its hard enough getting them to call.

There are hundreds of BBSes on non-standard ports in my database. Are
all these sysops "really stupid"?

I wouldn't say stupid... only that discoverability is slightly harder.
Of course it's much harder if you aren't running http/https on the
default port(s).

I would probably just pay for ngrok pro, a similar service, or host on a
VPS if your residential ISP won't let you use those ports.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

Tracker1 wrote to dragon <=-

I would probably just pay for ngrok pro, a similar service, or host on
a VPS if your residential ISP won't let you use those ports.

Funny you should mention ngrok - I just saved this to my pocket account to read later:

https://jerrington.me/posts/2019-01-29-self-hosted-ngrok.html

Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling

Ngrok is a fantastic tool for creating a secure tunnel from the public web
to a machine behind NAT or a firewall. Sadly, it costs money and it¬ÇÖs proprietary. If you're a developer, odds are that you're already renting a server in the public cloud, so why not roll your own ngrok?

It turns out that you can do it using free, off-the-shelf tools, with no sophisticated scripting required!


... Humanise something free of error
--- MultiMail/DOS v0.52
þ Synchronet þ .: realitycheckbbs.org :: scientia potentia est :.

On 4/5/22 08:09, poindexter FORTRAN wrote:

I would probably just pay for ngrok pro, a similar service, or host
on a VPS if your residential ISP won't let you use those ports.

...

https://jerrington.me/posts/2019-01-29-self-hosted-ngrok.html

Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse
tunnelling

Cool, been thinking of doing the same on a cheap VPS.

Ngrok is a fantastic tool for creating a secure tunnel from the
public web to a machine behind NAT or a firewall. Sadly, it costs
money and it's proprietary. If you're a developer, odds are that
you're already renting a server in the public cloud, so why not
roll your own ngrok?

It turns out that you can do it using free, off-the-shelf tools,
with no sophisticated scripting required!

In fairness I did mention a VPS option, though specifically for hosting.
Was thinking of something similar instead of NGrok myself, just passing
80, 443, etc to my local system(s) where 80/443 would be a configured reverse-proxy on my local side.

Probaly Caddy over NginX as it's much easier to configure/use.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

Re: Re: Crazy BBS connections
By: dragon to Digital Man on Sun Apr 03 2022 10:10 pm

On 4/3/2022 6:02 PM, Digital Man wrote:

Re: Re: Crazy BBS connections
By: Andre to dragon on Sun Apr 03 2022 07:44 am

> > I've been managing and securing IP networks for nearly 30 years.
>
> As they say, there's always a bigger fish.
>
> The concept of moving to nonstandard ports is dated and not useful any
> It accomplishes nothing other than making it more difficult for users
> connect. For all the people that say otherwise, I'll wait to see all o
> examples
> of exploited BBS systems that were using 22/23.

I think the reason that some sysops use non-standard ports is to cut down

That's actually what the original poster seemed to be asking about and
what I thought I was providing an OPTION for him to deal with it.

When I explain ports to my non-technical friends and co-workers, I explain
the system being a large factory building with mulitple doors dedicated to specific customer or vendor traffic. If a caterer is bringing in food, you wa nt him to use the dedicated kitchen entrance. That may bring up the
argument that someone who wants to sneak in the building knows doors 22 or
23 are the kitchen entrance. You may have to lock those doors down and tell the caterer to use another entrance. Is this an issue? Not really if the caterer knows which door to bring the food in. That information is provided
by the building manager. If you want to invite a select group of people in, you would have to advertise wherever else these people go and inform them as
to which non-common door to enter from.

---
þ Synchronet þ The Cave BBS - Since 1992 - cavebbs.homeip.net

That may bring up the
argument that someone who wants to sneak in the building knows doors 22 or
23 are the kitchen entrance. You may have to lock those doors down and tell the caterer to use another entrance. Is this an issue? Not really if the caterer knows which door to bring the food in. That information is provided by the building manager. If you want to invite a select group of people in, you would have to advertise wherever else these people go and inform them as to which non-common door to enter from.

To continue with your analogy. You're only keeping out the people who would normally park in the parking lot and only check the front door with the sign on it that says kitchen.

Any idiot who wants to break in can just walk around the building and see where the other doors are, walk up to them, and rattle each one to see if it's
locked or not.

The caterers have a key to the door they're supposed to enter because you
gave it to them. Doesn't make a difference at all which door you give them a key to. They're all locked doors and they all work the same way.


- Andre

---
þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org