From Newsgroup: alt.bbs.synchronet

To: Digital Man
Synchronet Hack Log reported an attempt of FTP filename hacking with the name IMG01.EXE uploaded to many of the file directories 2 days ago on Saturday, June 13, 2020. These were the IP addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

$ The Millionaire $

..."Will we ever fear the ecstasy of free thought?" - Thinkman...
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

Synchronet Hack Log reported an attempt of FTP filename hacking with the name IMG01.EXE uploaded to many of the file directories 2 days ago on Saturday, June 13, 2020. These were the IP addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

$ The Millionaire $

Was IMG01.EXE actually uploaded to those dirs or just an attempt? Activity like this is not uncommon!

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Mortifis

Was IMG01.EXE actually uploaded to those dirs or just an attempt? Activity like this is not uncommon!

---
â–  Synchronet â–  Realm of Dispair BBS - http://ephram.synchro.net:82

Yes I found it in 3/4 of my directory library. Why send it several times for? Once should be efficient to land a virus on a Bbs as Sysops have told me in the past.

$ The Millionaire $

..."Will we ever fear the ecstasy of free thought?" - Thinkman...
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

Was IMG01.EXE actually uploaded to those dirs or just an attempt?
Activity like this is not uncommon!

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82

Yes I found it in 3/4 of my directory library. Why send it several times for? Once should be efficient to land a virus on a Bbs as Sysops have told me in the past.

$ The Millionaire $

Have a look at your SCFG>FILE AREAS>FILE LIBRARIES>FILE DIRECTORIES> * >TOGGLE OPTIONS>ANONYMOUS UPLOADS is set to NO ... perhaps also put *.exe in file.can

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

Synchronet Hack Log reported an attempt of FTP filename hacking with
the name IMG01.EXE uploaded to many of the file directories 2 days ago
on Saturday, June 13, 2020. These were the IP addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

Added to the Twitlist. I also have Peerblock installed to block various countries.

Daryl

... How do self addressed stamped envelopes do such??
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
Re: Re: Hacking Attempt
By: The Millionaire to Mortifis on Mon Jun 15 2020 06:31:23


Mortifis>> Was IMG01.EXE actually uploaded to those dirs or just an
Mortifis>> attempt? Activity like this is not uncommon!

Yes I found it in 3/4 of my directory library.

you need to add that filename to your sbbs/text/file.can...
you should also stop anonymous/guest users from uploading files...

Why send it several times for?

to try to make sure it is hidden on the system...

Once should be efficient to land a virus on a Bbs as Sysops have
told me in the past.

this might be true but if an operator finds one and doesn't look for the file in other directories, well...


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

The Millionaire wrote to Digital Man <=-

Synchronet Hack Log reported an attempt of FTP filename hacking
with the name IMG01.EXE uploaded to many of the file directories
2 days ago on Saturday, June 13, 2020. These were the IP
addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

Not all that uncommon of an event... Lots of hackers and assholes
out there in the big world.

What did you want DM to do about it? Why tell him this?



... Can you tell me how to get, how to get to Sesame Street?
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

The Millionaire wrote to Digital Man <=-

Synchronet Hack Log reported an attempt of FTP filename hacking
with the name IMG01.EXE uploaded to many of the file directories
2 days ago on Saturday, June 13, 2020. These were the IP
addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

What was the name of the user(s) that did the uploading?



... Windows 3.1 - From the people who brought you EDLIN.
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Gamgee

What was the name of the user(s) that did the uploading?

... Windows 3.1 - From the people who brought you EDLIN.
--- MultiMail/Linux v0.52
â–  Synchronet â–  Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

They used the Guest account so there was no name.

$ The Millionaire $

..."Will we ever fear the ecstasy of free thought?" - Thinkman...
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Gamgee

Not all that uncommon of an event... Lots of hackers and assholes
out there in the big world.

What did you want DM to do about it? Why tell him this?

... Can you tell me how to get, how to get to Sesame Street?
--- MultiMail/Linux v0.52
â–  Synchronet â–  Palantir BBS * palantirbbs.ddns.net * Pensacola, FL

My Bbs is not even advertised or popular by any means so why would they even pick on small potatoes for?

$ The Millionaire $

..."Will we ever fear the ecstasy of free thought?" - Thinkman...
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Rampage

On 06-15-20 15:49, Rampage wrote to The Millionaire <=-

you need to add that filename to your sbbs/text/file.can...
you should also stop anonymous/guest users from uploading files...

I go further, I don't allow any users to upload files, except in "Files to the sysop", which only I can read. All of my files come via TIC anyway.


... Is this now?
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
Re: Re: Hacking Attempt
By: The Millionaire to Gamgee on Tue Jun 16 2020 04:02:20


Gamgee>> What was the name of the user(s) that did the uploading?

They used the Guest account so there was no name.

that's all the name you need... it tells you they used your anonymous/guest account and that tells you your system is too open if you allow anonymous/guest to upload files... you need to close that door by disallowing them to
upload files... easy peasy...


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

The Millionaire wrote to Gamgee <=-

What was the name of the user(s) that did the uploading?

They used the Guest account so there was no name.

You could/should edit the Guest account restrictions to include
the "U" restriction, so guests can't upload...

Use " ;uedit " at the main menu (as sysop) to change it.



... So easy, a child could do it. Child sold separately.
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire

The Millionaire wrote to Gamgee <=-

Not all that uncommon of an event... Lots of hackers and assholes
out there in the big world.

What did you want DM to do about it? Why tell him this?

My Bbs is not even advertised or popular by any means so why
would they even pick on small potatoes for?

Because they're assholes, and that's what they do.

You didn't answer my question(s) about why you asked DM this.



... Nothing is so smiple that it can't get screwed up.
--- MultiMail/Linux v0.52
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
Re: Re: Hacking Attempt
By: The Millionaire to Gamgee on Tue Jun 16 2020 04:04:18

My Bbs is not even advertised or popular by any means so why would
they even pick on small potatoes for?

you've been told several times, they are not looking at any lists or selecting any specific systems... you are not the target... ANY open/vulnerable system is the target for these bots...

so your next question is "how did they find me then?"... they simply war-dialed your IP in a huge block of other IPs...


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Rampage

Re: Re: Hacking Attempt
By: The Millionaire to Gamgee on Tue Jun 16 2020 04:02:20

Gamgee>> What was the name of the user(s) that did the uploading?

They used the Guest account so there was no name.

that's all the name you need... it tells you they used your anonymous/guest account and that tells you your system is too open if you allow anonymous/guest to upload files... you need to close that door by disallowing them to
upload files... easy peasy...

... which was my reply to him (the 1st reply in the thread) :/

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

Daryl Stout wrote to The Millionaire <=-

Synchronet Hack Log reported an attempt of FTP filename hacking with
the name IMG01.EXE uploaded to many of the file directories 2 days ago
on Saturday, June 13, 2020. These were the IP addresses it sent back to me:

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

Added to the Twitlist. I also have Peerblock installed to block
various countries.

Would it be considered wise to add all tor exit nodes to these lists?

Daniel Traechin

... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
Re: Re: Hacking Attempt
By: The Millionaire to Gamgee on Tue Jun 16 2020 04:04 am

What did you want DM to do about it? Why tell him this?

My Bbs is not even advertised or popular by any means so why would they even pick on small potatoes for?

We've been over this with you before. They're not targeting you specifically. They're automated scripts that do this to anything they can find in a range of IP addresses.

I can scan millions of IP addresses for an open FTP server in a matter of minutes. automating that is simple.

You're not special. They're not targeting you.

DaiTengu

---
þ Synchronet þ War Ensemble BBS - The sport is war, total war - warensemble.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
Re: Re: Hacking Attempt
By: The Millionaire to Gamgee on Tue Jun 16 2020 04:04 am

Not all that uncommon of an event... Lots of hackers and assholes
out there in the big world.

What did you want DM to do about it? Why tell him this?

My Bbs is not even advertised or popular by any means so why would they even pick on small potatoes for?

Some people just like to scan domains/IP addresses for open ports and try to hack them. I don't think there's anything Digital Man can do about that. I think Synchronet already has some good protections, such as auto-banning IP addresses temporarily when they hammer you, etc. And most of the time (99%), they aren't going to get in anyway.

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Re: Re: Hacking Attempt
By: calcmandan to Daryl Stout on Tue Jun 16 2020 18:29:00


calcmandan> Would it be considered wise to add all tor exit nodes to these lists?

i block them with snort rules from emerging threats... the list of exit nodes changes from time to time... my system has a script that processes the ET rules of TOR nodes and disables the rules for the ones that are not exit
nodes... that blocks all the others... of course, if you want to allow TOR users to access your system, don't do this...


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Mortifis
Re: Re: Hacking Attempt
By: Mortifis to Rampage on Tue Jun 16 2020 12:48:55

They used the Guest account so there was no name.

Rampage>> that's all the name you need... it tells you they used your
Rampage>> anonymous/guest account and that tells you your system is
Rampage>> too open if you allow anonymous/guest to upload files...
Rampage>> you need to close that door by disallowing them to upload
Rampage>> files... easy peasy...

Mortifis> ... which was my reply to him (the 1st reply in the thread) :/

yup! it sure was -=B-)


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: The Millionaire
On 6/16/2020 4:04 AM, The Millionaire wrote:

My Bbs is not even advertised or popular by any means so why would they even pick on small potatoes for?

It's probably bot/scripts that just hit every IP looking for open FTP
sites. You should have your file areas setup so that "guest" cannot upload.

If I recall correctly, you need to set the access ars to:

REST NOT G

For the areas/groups in question for upload access... should probably do
the same for download access too.

--
Michael J. Ryan
tracker1 +o Roughneck BBS

---
þ Synchronet þ Roughneck BBS - coming back 2/2/20
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Rampage
On 6/16/2020 6:33 AM, Rampage wrote:

My Bbs is not even advertised or popular by any means so why would
they even pick on small potatoes for?

you've been told several times, they are not looking at any lists or selecting any specific systems... you are not the target... ANY open/vulnerable system is the target for these bots...

so your next question is "how did they find me then?"... they simply war-dialed your IP in a huge block of other IPs...

With IPv4, there aren't even *THAT* many IP addresses... they just scan
them all.

--
Michael J. Ryan
tracker1 +o Roughneck BBS

---
þ Synchronet þ Roughneck BBS - coming back 2/2/20
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Rampage

Rampage wrote to calcmandan <=-

/snip

if you want to allow TOR users to access your system, don't do this...

Yeah, well, yeah.

Daniel Traechin
... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Re: Re: Hacking Attempt
By: calcmandan to Rampage on Wed Jun 17 2020 03:12:00

if you want to allow TOR users to access your system, don't do
this...

calcmandan> Yeah, well, yeah.

hehehe, yeah O:) LOL


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Daniel,

Added to the Twitlist. I also have Peerblock installed to block
various countries.

Would it be considered wise to add all tor exit nodes to these lists?

I believe Peerblock is free, but to get a yearly subscription for
the lists is only $10. I think the lists are from iblocklist.com --
but I'm not sure.

I'm not sure if blocking the TOR connects is available offhand, but
if it is, one could probably activate it. I moved SyncTerm and
MultiMail (QWK) Mail to my laptop, so I don't have to work on the
BBS computer, unless I update the ham radio and weather data.

Daryl

... If flying's safe, why is the airport called the terminal?
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

Daniel,

Added to the Twitlist. I also have Peerblock installed to block various countries.

Would it be considered wise to add all tor exit nodes to these lists?

I believe Peerblock is free, but to get a yearly subscription for
the lists is only $10. I think the lists are from iblocklist.com --
but I'm not sure.

I'm not sure if blocking the TOR connects is available offhand, but
if it is, one could probably activate it. I moved SyncTerm and
MultiMail (QWK) Mail to my laptop, so I don't have to work on the
BBS computer, unless I update the ham radio and weather data.

Daryl

I use https://myip.ms/files/blacklist/general/full_blacklist_database.zip, it's free ... unzip the list and add it to ip-silent.can ... I have a php script that does it as a daily timed event but it would be easy to script it in js ... you could also use my coob.js for country blocking http://alleycat.synchro.net:81/dls/coob.js

~Mortifis

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Mortifis

I use
https://myip.ms/files/blacklist/general/full_blacklist_database.zip,
it's free ... unzip the list and add it to ip-silent.can ... I have a
php script that does it as a daily timed event but it would be easy to script it in js ... you could also use my coob.js for country blocking http://alleycat.synchro.net:81/dls/coob.js

Interesting. Too bad we, as Sysops, have to worry about this.

I gather the list is rather big.

Daryl

... Insert Disk 5 Of 4, and Press Any Key To Continue.
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

I use https://myip.ms/files/blacklist/general/full_blacklist_database.zip, it's free ... unzip the list and add it to ip-silent.can ... I have a php script that does it as a daily timed event but it would be easy to script it in js ... you could also use my coob.js for country blocking http://alleycat.synchro.net:81/dls/coob.js

Interesting. Too bad we, as Sysops, have to worry about this.

I gather the list is rather big.

full_blacklist_database.txt has just a few in there ... as of today 90,207 entries, but it parses quickly

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

Daryl Stout wrote to calcmandan <=-

Daniel,

Added to the Twitlist. I also have Peerblock installed to block
various countries.

Would it be considered wise to add all tor exit nodes to these lists?

I believe Peerblock is free, but to get a yearly subscription for
the lists is only $10. I think the lists are from iblocklist.com --
but I'm not sure.

I'm not sure if blocking the TOR connects is available offhand, but
if it is, one could probably activate it. I moved SyncTerm and
MultiMail (QWK) Mail to my laptop, so I don't have to work on the
BBS computer, unless I update the ham radio and weather data.

Well, I don't own a BBS and still just a user. This doesn't mean my intentions isn't to run a board. I'm just exploring possibilities here. I wouldn't likely block tor exit nodes at first. I'd not want to block any users who rely on tor to provide their privacy.

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Daniel Traechin




... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Re: Re: Hacking Attempt
By: calcmandan to Daryl Stout on Fri Jun 19 2020 06:21 am

Well, I don't own a BBS and still just a user. This doesn't mean my intentio isn't to run a board. I'm just exploring possibilities here. I wouldn't like block tor exit nodes at first. I'd not want to block any users who rely on t to provide their privacy.

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Daniel Traechin

I think that if you want to have darknet users in your board you should be setting a hidden service. Set an i2p interface and tune the connection rate down a bit. Enable manual account activation for new users. I doubt most boards get many new users anyway.

--
gopher://gopher.operationalsecurity.es

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Daniel,

Well, I don't own a BBS and still just a user. This doesn't mean my intentions isn't to run a board. I'm just exploring possibilities here.
I wouldn't likely block tor exit nodes at first. I'd not want to block
any users who rely on tor to provide their privacy.

That's fine...all Sysops started as users.

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Now, unless there is a law enforcement subpeona for data (which there
has never been since I started my Sysoping nearly 30 years ago), or for
rules violations (there have been those, and I've notified confirmed
Visiting Sysops), their data is kept STRICTLY CONFIDENTIAL. When my late
wife and Co-Sysop was alive, even she didn't have access to the data.

In short, what their life is outside the BBS, is THEIR BUSINESS. But,
they're a guest in my home at logon, and I expect them to act accordingly.
If they're not willing to do that, I don't want or need them as a user.

Daryl

... Alert: Scanner shows Sysop in the area. Look innocent!!
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout
Re: Re: Hacking Attempt
By: Daryl Stout to calcmandan on Fri Jun 19 2020 03:09 pm

Daniel,

Well, I don't own a BBS and still just a user. This doesn't mean my intentions isn't to run a board. I'm just exploring possibilities here. I wouldn't likely block tor exit nodes at first. I'd not want to block any users who rely on tor to provide their privacy.

That's fine...all Sysops started as users.

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Now, unless there is a law enforcement subpeona for data (which there
has never been since I started my Sysoping nearly 30 years ago), or for rules violations (there have been those, and I've notified confirmed Visiting Sysops), their data is kept STRICTLY CONFIDENTIAL. When my late wife and Co-Sysop was alive, even she didn't have access to the data.

In short, what their life is outside the BBS, is THEIR BUSINESS. But, they're a guest in my home at logon, and I expect them to act accordingly. If they're not willing to do that, I don't want or need them as a user.

Daryl

... Alert: Scanner shows Sysop in the area. Look innocent!!

Well said it is your home!
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Mortifis
Re: Re: Hacking Attempt
By: Mortifis to Daryl Stout on Fri Jun 19 2020 12:19 pm

I use
https://myip.ms/files/blacklist/general/full_blacklist_database.zi
p, it's free ... unzip the list and add it to ip-silent.can ... I
have a php script that does it as a daily timed event but it would
be easy to script it in js ... you could also use my coob.js for
country blocking http://alleycat.synchro.net:81/dls/coob.js

Interesting. Too bad we, as Sysops, have to worry about this.

I gather the list is rather big.

full_blacklist_database.txt has just a few in there ... as of today 90,207 entries, but it parses quickly

That blacklist that was listed, where is it from? I missed the first post...

|08Paulie|15420
|15M|08@|15STERM|07i|15ND
|14AmericanPiBBS|04.com|07

---
þ Synchronet þ >>>American Pi BBS @ AmericanPiBBS.com:23>>>Rockin like its 1993!>>>
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: paulie420

Re: Re: Hacking Attempt
By: Mortifis to Daryl Stout on Fri Jun 19 2020 12:19 pm

I use
https://myip.ms/files/blacklist/general/full_blacklist_database.zi Mo>> p, it's free ... unzip the list and add it to ip-silent.can ... I Mo>> have a php script that does it as a daily timed event but it would Mo>> be easy to script it in js ... you could also use my coob.js for Mo>> country blocking http://alleycat.synchro.net:81/dls/coob.js

Interesting. Too bad we, as Sysops, have to worry about this.

I gather the list is rather big.

full_blacklist_database.txt has just a few in there ... as of today 90,207 entries, but it parses quickly

That blacklist that was listed, where is it from? I missed the first post...

It's from myip.ms ...

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklist IP Addresses text file ... or follow the link above

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout
Re: Re: Hacking Attempt
By: Daryl Stout to calcmandan on Fri Jun 19 2020 03:09 pm

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Now, unless there is a law enforcement subpeona for data (which there
has never been since I started my Sysoping nearly 30 years ago), or for rules violations (there have been those, and I've notified confirmed Visiting Sysops), their data is kept STRICTLY CONFIDENTIAL. When my late wife and Co-Sysop was alive, even she didn't have access to the data.

In short, what their life is outside the BBS, is THEIR BUSINESS. But, they're a guest in my home at logon, and I expect them to act accordingly. If they're not willing to do that, I don't want or need them as a user.

Daryl

I don't know where this comes from, but just in case you are arguing that people should not use Tor to connect to your BBS because they have nothing to hide from you or because using Tor to access your board is aggressive in nature:

There are many reasons to connect to a board using a hidden service. The main one I can think about (and I have been a case) is needing to obfuscate your traffic from your LAN operator because it is hostile. Sure you can use a virtual private server or whatever for that, but then you are asking people to invest money to get connected.

--
gopher://gopher.operationalsecurity.es

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: digital man
Re: Re: Hacking Attempt
By: Mortifis to paulie420 on Sat Jun 20 2020 11:19 am

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklist IP Addresses text file ... or follow the link above

hey is there a limit to how many ip addresses in the blocklists synchronet can handle?

did you ever do tests to see if a very large list would slow down the system significantly?
---
þ Synchronet þ ::: BBSES.info - free BBS services :::
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: MRO

Re: Re: Hacking Attempt
By: Mortifis to paulie420 on Sat Jun 20 2020 11:19 am

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklist IP Addresses text file ... or follow the link above

hey is there a limit to how many ip addresses in the blocklists synchronet can handle?

did you ever do tests to see if a very large list would slow down the system significantly?

No, it is a just a file line read/match so, no, there is no limit; sbbs does not read the file in as an object ... I have been using full_blacklist_database for years, and, currently, with over 90,000 ips, I still have not seen any performance impact ... just sayin

~Mortifis

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Randy Stiles
Randy,

Well said it is your home!

When I go visit a friend, or logon to another BBS as a
"Visiting Sysop", I recognize the fact that I am a GUEST
in their home. That way, I know I'll be welcomed back.

Daryl

... A government shutdown is redundant.
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Mortifis
Re: Re: ipblocklist // hacking attemp
By: Mortifis to MRO on Sat Jun 20 2020 02:02 pm

Re: Re: Hacking Attempt
By: Mortifis to paulie420 on Sat Jun 20 2020 11:19 am

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklis IP Addresses text file ... or follow the link above

hey is there a limit to how many ip addresses in the blocklists synchrone can handle?

did you ever do tests to see if a very large list would slow down the sys significantly?

No, it is a just a file line read/match so, no, there is no limit; sbbs does not read the file in as an object ... I have been using full_blacklist_datab for years, and, currently, with over 90,000 ips, I still have not seen any performance impact ... just sayin

my ip blocklists are huge too. i'm just curious if there is a limit to how many synchronet can handle before it slows down or barfs
---
þ Synchronet þ ::: BBSES.info - free BBS services :::
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Arelor

Arelor wrote to calcmandan <=-

Re: Re: Hacking Attempt
By: calcmandan to Daryl Stout on Fri Jun 19 2020 06:21 am

Well, I don't own a BBS and still just a user. This doesn't mean my intentio isn't to run a board. I'm just exploring possibilities here. I wouldn't like block tor exit nodes at first. I'd not want to block any users who rely on t to provide their privacy.

But if none of my users were using tor and attack attempts were originating from TOR then I would definitely work to block them.

Daniel Traechin

I think that if you want to have darknet users in your board you should
be setting a hidden service. Set an i2p interface and tune the
connection rate down a bit. Enable manual account activation for new users. I doubt most boards get many new users anyway.

Not sure if I would be comfortable setting up a hidden service. I avoid TOR like a plague.

Daniel Traechin

... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

Daryl Stout wrote to calcmandan <=-

That's fine...all Sysops started as users.

Awwwwww

Now, unless there is a law enforcement subpeona for data (which there has never been since I started my Sysoping nearly 30 years ago), or for rules violations (there have been those, and I've notified confirmed Visiting Sysops), their data is kept STRICTLY CONFIDENTIAL. When my
late wife and Co-Sysop was alive, even she didn't have access to the
data.

I'm more concerned that a TOR bbs user having nefarious goals such as hacking. I would be more concerned of drawing law enforcement subpoenas by running an exit node than running a hidden service. After all, a small BBS running on a theme of HAM and Aviation isn't on the FBI's priority list as a potential hive of illegal activity. I think they're looking for drug bazaars and sites catering to those who like jr loungeware.

In short, what their life is outside the BBS, is THEIR BUSINESS. But, they're a guest in my home at logon, and I expect them to act
accordingly. If they're not willing to do that, I don't want or need
them as a user.

I'm totally with you. Do BBS's still fall victim to members who upload malware or illegal files? I've seen spatterings of it here and there but only for boards who enable web interfaces and anonymous uploading where bots do the deed.

Back in the day, I know some boards fell victims to these activities. One bbs I co-sysop'd on got the michelangelo virus. Not only did it effect all the files in his hand picked file section, but it also effected all his files as well as on the floppy. I believe it even wrote itself to the drive's mbr.

Daniel Traechin

... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Re: Re: Hacking Attempt
By: calcmandan to Arelor on Sat Jun 20 2020 07:43 pm

Not sure if I would be comfortable setting up a hidden service. I avoid TOR like a plague.

Daniel Traechin

I spend a lot of time in different darknets and you don't find more psychos in them than on the rest of the Internet. If I were
to set a hidden service I would consider i2p first though, because I think it is a bit more flexible when dealing with things
such as telnet.

--
gopher://gopher.operationalsecurity.es

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: MRO

Re: Re: ipblocklist // hacking attemp
By: Mortifis to MRO on Sat Jun 20 2020 02:02 pm

Re: Re: Hacking Attempt
By: Mortifis to paulie420 on Sat Jun 20 2020 11:19 am

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklis IP Addresses text file ... or follow the link above

hey is there a limit to how many ip addresses in the blocklists synchrone can handle?

did you ever do tests to see if a very large list would slow down the sys significantly?

No, it is a just a file line read/match so, no, there is no limit; sbbs does not read the file in as an object ... I have been using full_blacklist_datab for years, and, currently, with over 90,000 ips, I still have not seen any performance impact ... just sayin

my ip blocklists are huge too. i'm just curious if there is a limit to how many synchronet can handle before it slows down or barfs

in this instance of just readln if !match discard ... readln if !match discard ... readln ... hey MATCH .. type thingy there is no limit ... but if it's var bleh += readln() ... then, yes ... memory buffers will be an issue (out of memory) ...

---
þ Synchronet þ Realm of Dispair BBS - http://ephram.synchro.net:82
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Arelor
Arelor wrote:

Re: Re: Hacking Attempt
By: calcmandan to Arelor on Sat Jun 20 2020 07:43 pm

Not sure if I would be comfortable setting up a hidden service. I avoid TOR like a plague.

Daniel Traechin

I spend a lot of time in different darknets and you don't find more psychos in them than on the rest of the Internet. If I were
to set a hidden service I would consider i2p first though, because I think it is a bit more flexible when dealing with things
such as telnet.

I run several hidden services in tor and i2p, mostly i2p. I agree, i2p is quite a bit more flexible in dealing with connections. Rate limiting, etc. can be handled much easier in i2p as you can have every connection assigned its own internal ip address. Then you can use your software to deal with the connections just as if they are individual external connections. Afaik you can't do that in tor, everyone has the same ip address.

I also specifically do not allow anonymous posting from tor users (I have forums) and run everything through a heavily customised spamassassin. Just the fact you are connecting from tor increases the spam level. So far it's been ok. Most "attacks" have been dos, then comes spam, which for the most part gets caught by the filters.

Retro Guy

---
þ Synchronet þ RetroBBS - bbs.rocksolidbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan

That's fine...all Sysops started as users.

Awwwwww

I have a bulletin and a file on the BBS called BEASYSOP.ZIP -- it
basically has several files on those "wanting to be a Sysop". It may
be "different" than years ago, but most Sysops run their boards as a
labor of love, and it's a financial black hole for them...plus, they
run it as they enjoy it. It's one of 3 hobbies I have remaining that
I can still do.

One of the more bizarre ones was:

"Why can't I have access to the adult file areas?? I need it for a
high school sex education project??".

When I told another Sysop about that, he chuckled, and said "Nice try".


Another "user" (when I had only dial-up), paged me for chat, and asked
where the "adult files" were. When I typed "on the internet", it was
<CLICK!> NO CARRIER <G>.

Pornography is from the Greek word porneia...which is all sexual intercourse/actions outside of the marriage relationship between a
man and a woman. Nudity is NOT necessarily pornography -- otherwise,
all the following would be "porn":

1) Michelangelo's King David Sculpture (male genitalia in all their
glory).

2) The original logo of the Coppertone corporation, who makes a wide
variety of suntan lotions, etc. It was young Jodi Foster, whose poodle
pulled down her "bathing suit bottom", revealing her white buttocks, and
the "tan line".

3) Medical and anatomy manuals.

4) A postcard from Miami Beach, Florida years ago, showing the nude
backsides of a boy and girl, with a police officer next to a sign
"proper clothing must be worn on the beach", and the kids pleading
with him, to not give them a citation. Being a widower, I know we are basically the same from the backside.

5) A photo of a nude baby on a bareskin rug, or in the bathtub.

I'm more concerned that a TOR bbs user having nefarious goals such as hacking. I would be more concerned of drawing law enforcement subpoenas
by running an exit node than running a hidden service. After all, a
small BBS running on a theme of HAM and Aviation isn't on the FBI's priority list as a potential hive of illegal activity. I think they're looking for drug bazaars and sites catering to those who like jr loungeware.

Digital Man has implemented a feature where you put these "login names"
into the user.can file, and if someone tries to logon with them (like the
bots do), they get dumped. Lord Blackfair designed a CAPTCHA deal, and I figured out how to edit them to where it changes to a random number every
5 minutes around the clock (thanks to a Windows Random Number Generator program). If they don't get past the CAPTCHA (the bots can't see it, as
they are looking to enter things like "root", "admin", "sysop", etc.),
they are "stuck" there until they disconnect. I also have an info screen (ANSWER.MSG) which is diplayed when they connect.

Also, years ago, another former local Sysop had a "disclaimer" on his
BBS, and I modeled mine after it. Since then, I've seen similar files on
other BBS's.

I'm totally with you. Do BBS's still fall victim to members who upload malware or illegal files? I've seen spatterings of it here and there
but only for boards who enable web interfaces and anonymous uploading where bots do the deed.

Some do...but in the file.can, I have known malware files in there, so
if they try to upload them, they'll be denied doing so. Also, I do NOT
allow guests or anonymous users to upload files. I use the IObit Malware Fighter for my virus protection.

Back in the day, I know some boards fell victims to these activities.
One bbs I co-sysop'd on got the michelangelo virus. Not only did it
effect all the files in his hand picked file section, but it also
effected all his files as well as on the floppy. I believe it even
wrote itself to the drive's mbr.

You can't be too careful...even in this day and age.

Daryl

... Alert: Scanner shows Sysop in the area. Look innocent!!
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Arelor

I don't know where this comes from, but just in case you are arguing
that people should not use Tor to connect to your BBS because they have nothing to hide from you or because using Tor to access your board is aggressive in nature:

I don't care where they logon from. If they can't get past the CAPTCHA string, which changes every 5 minutes around the clock, they won't get
any further. I also changed the SSH and QOTD ports to non-conventional
values, as folks were slamming them. Verified Users In Good Standing can contact me on the BBS if they want that info.

What a caller does outside my BBS is their business, but they're a guest
in my home at logon. If they don't want to act civil, I don't want them.

I equate that to the late Paul "Bear" Bryant, long time football coach
at Alabama. He said "I don't care if this player knows the playbook inside
and out, backwards and forwards, word for word. If he isn't going to go to class and keep his grades up, and if he's going to get into trouble with
the law, I don't want him".

Daryl



... This tagline is freeware; future support is unavailable.
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout
Re: Re: Hacking Attempt
By: Daryl Stout to Arelor on Sat Jun 20 2020 09:31 pm

I don't know where this comes from, but just in case you are arguing that people should not use Tor to connect to your BBS because they have nothing to hide from you or because using Tor t
access your board is aggressive in nature:

I don't care where they logon from. If they can't get past the CAPTCHA string, which changes every 5 minutes around the
clock, they won't get
any further. I also changed the SSH and QOTD ports to non-conventional values, as folks were slamming them. Verified Users In Good Standing can contact me on the BBS if they want that info.

What a caller does outside my BBS is their business, but they're a guest in my home at logon. If they don't want to act civil, I don't want them.

I equate that to the late Paul "Bear" Bryant, long time football coach
at Alabama. He said "I don't care if this player knows the playbook inside and out, backwards and forwards, word for word. If he isn't going to go to class and keep his grades up, and if he's going t
get into trouble with
the law, I don't want him".

Daryl

... This tagline is freeware; future support is unavailable.

Fair enough then :-)


--
gopher://gopher.operationalsecurity.es

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Randy Stiles

Randy Stiles wrote to Daryl Stout <=-

Well said it is your home!

I always hated that analogy. It's not your home, it's a service
accessible to external users. Do you leave your front door wide open
and allow anyone who follows your rules inside?



... Go outside. Shut the door.
--- MultiMail/XT v0.52
þ Synchronet þ realitycheckBBS -- http://realitycheckBBS.org
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: poindexter FORTRAN
Re: Re: Hacking Attempt
By: poindexter FORTRAN to Randy Stiles on Sat Jun 20 2020 08:15 am

Well said it is your home!

I always hated that analogy. It's not your home, it's a service
accessible to external users. Do you leave your front door wide open
and allow anyone who follows your rules inside?

I don't like that analogy either. I never even thought of that until several years ago when I started seeing people mention that analogy here. I agree it's an online service accessible to external users. It's different from letting guests into your house. And it would be the same whether your BBS is hosted in your house or on a server in an office somewhere, or in the cloud, etc..

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Tracker1
Re: Re: Hacking Attempt
By: Tracker1 to The Millionaire on Tue Jun 16 2020 06:14 pm

If I recall correctly, you need to set the access ars to:

REST NOT G

Or easier to remember: "NOT GUEST"

digital man

Synchronet "Real Fact" #113:
Weedpuller "Assassin" http://youtu.be/opw9RPUOcv8
Norco, CA WX: 78.5øF, 58.0% humidity, 5 mph NE wind, 0.00 inches rain/24hrs
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: MRO
Re: ipblocklist // hacking attemp
By: MRO to digital man on Sat Jun 20 2020 11:08 am

Re: Re: Hacking Attempt
By: Mortifis to paulie420 on Sat Jun 20 2020 11:19 am

https://myip.ms/files/blacklist/general/full_blacklist_database.zip

follow Blacklist / IP Database tab and select Download Latest Blacklist IP Addresses text file ... or follow the link above

hey is there a limit to how many ip addresses in the blocklists synchronet can handle?

The ip[-silent].can file is just read one line at a time, so should be no limit.

did you ever do tests to see if a very large list would slow down the system significantly?

Just limited by file/disk I/O. There are ways to speed that up too, if needed.

digital man

Sling Blade quote #15:
Doyle Hargraves: What'cha doin' with that lawn mower blade Karl?
Norco, CA WX: 80.1øF, 55.0% humidity, 1 mph E wind, 0.00 inches rain/24hrs
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: poindexter FORTRAN
Re: Re: Hacking Attempt
By: poindexter FORTRAN to Randy Stiles on Sat Jun 20 2020 08:15 am

Randy Stiles wrote to Daryl Stout <=-

Well said it is your home!

I always hated that analogy. It's not your home, it's a service
accessible to external users. Do you leave your front door wide open
and allow anyone who follows your rules inside?

YES. but i might not be wearing clothing.

regardless, i think they are saying 'my home' because it sounds less edgy than saying that it is yours and you can do what you want.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Nightfox
Re: Re: Hacking Attempt
By: Nightfox to poindexter FORTRAN on Sun Jun 21 2020 11:36 am

I don't like that analogy either. I never even thought of that until severa years ago when I started seeing people mention that analogy here. I agree i an online service accessible to external users. It's different from letting guests into your house. And it would be the same whether your BBS is hosted your house or on a server in an office somewhere, or in the cloud, etc..

it's a control freak thing.

i've always ran it for the users. everything i did since the 90s was for the people. i didnt do it for me. people that are sysgods are people that are losers in life and this bbs is the one thing they can have control over.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Nightfox

On 06-21-20 11:36, Nightfox wrote to poindexter FORTRAN <=-

I don't like that analogy either. I never even thought of that until several years ago when I started seeing people mention that analogy
here. I agree it's an online service accessible to external users.
It's different from letting guests into your house. And it would be
the same whether your BBS is hosted in your house or on a server in an office somewhere, or in the cloud, etc..

I see a BBS more as providing a service - in the analogy, it's like you've got an "open house", like a free version of AirBNB. There's house rules, but the users are guests that you're serving. And here's there's choices. You could do it as an extension of yourself, with users who feel so inclined dropping by, or you can focus totally on users, making them feel welcome and putting their needs first. These days, neither is right or wrong, it's just a decision you make.

In the old days, you did want to position yourself in a marketing sense, then do the best to serve your userbase. My thing was messaging, and my philospphy was to provide as wide as possible range of echomail areas for my users. Sadly, that's not possible today, the diversity of message content simply isn't there anymore. But I'll get what I can. :) I'm a bit less user focused now, but that's a sign of the times. I will always welcome users here. :)


... Chocolate has no calories when eaten with friends
=== MultiMail/Win v0.51
--- SBBSecho 3.10-Linux
* Origin: Freeway BBS Bendigo,Australia freeway.apana.org.au (3:633/410)
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: poindexter FORTRAN
Re: Re: Hacking Attempt
By: poindexter FORTRAN to Randy Stiles on Sat Jun 20 2020 08:15:00

Well said it is your home!

I always hated that analogy.

there are some who agree with you...

It's not your home, it's a service accessible to external users.

true...

Do you leave your front door wide open and allow anyone who follows
your rules inside?

around these parts, kinda yeah... as long as they provide credentials on initial visit... but we are out in the country and leaving the doors open/unlocked has been quite common for decades... i guess we're a little more
friendly out here in the country than in citified residential areas... but it also depends on the level and types of crime in one's area, too...


)\/(ark

---
þ Synchronet þ The SouthEast Star Mail HUB - SESTAR
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: poindexter FORTRAN

Well said it is your home!

I always hated that analogy. It's not your home, it's a service
accessible to external users. Do you leave your front door wide open
and allow anyone who follows your rules inside?

The same could apply to a business where the "service" is run from. Basically, if someone isn't going to "act accordingly" inside a home
or business, to me, the owner has the right to order them to leave. I
know of several restaurants that note "We reserve the right to refuse
service to anyone"...and some will call law enforcement to remove an
unruly customer.

In the publication "Ham Radio For Dummies", written by H. Ward Silver,
N0AX, he notes that those coming to an examiners residence to take the
license exam (3 examiners are required to give it), that "Remember...you
are a Guest in someone's home, so act accordingly". I've been involved
in ham radio for nearly 30 years, and have been accredited to give exams
since 2007.

Normally, exams are given at places like libraries...but with the
COVID-19 pandemic, things have changed, in regards to precautions, where
and when exams are held, etc. However, the integrity of the exams is
still maintained, as cheating is not tolerated.

In fact, I use a program called Exam Maker software, printing on
different colors of paper. This way, at a glance, I know what license
class the exam is, and whether or not it has graphics/schematic
diagrams. Plus, every exam is different (including the order of
answers), so it's pointless to even consider cheating by copying
off someone else.

In another hobby that I am part of, square dancing, we do NOT permit alcoholic beverages before, or during a square dance...and that is a
hard and fast rule. Clubs will order the violator to leave the premises, because you need to be sober to square dance...or as one caller quipped
"We've got a bunch of Baptists sinning up a storm by dancing" <G>.

The caller/instructor hit hard on this the first night of class, and
also noted "You're going to be moving around, you're going to be nervous,
and you're going to perspire. If you don't take a bath or shower before
the dance, and use soap and deodorant, everyone is going to know it". He called these two "No Drinky And No Stinky". I have been in a "square"
with dancers who had body odor, bad breath (beer, etc.) or both...and
it could literally get nauseating.

As a side note, there was a cartoon in the local paper while back
(I think it was called "Strange Brew"). It showed this guy at the
entrance of a fancy restaurant...and there's a sign at the front of
the restaurant that notes "NO SHIRT, NO SHOES, NO SERVICE". Well, he
has a shirt on, and shoes on, but otherwise, he's completely naked
below the waist.

The maitre'd laments "Well, it looks like you've got us on a
technicality". <G>

Daryl, WX4QZ

... Get your free subscription before the price doubles!!
--- MultiMail/Win32 v0.50
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Rampage

Rampage wrote to poindexter FORTRAN <=-

around these parts, kinda yeah... as long as they provide credentials
on initial visit... but we are out in the country and leaving the doors open/unlocked has been quite common for decades... i guess we're a
little more friendly out here in the country than in citified
residential areas... but it also depends on the level and types of
crime in one's area, too...

I let anyone into my front room, then if they visit a couple of times
without without crapping on the chair, I let them into the rest of
the house, especially when I'm not there.

If you pay me money or you're well-known, I'll let you into the
secret room with the good china. Don't tell anyone where the hidden
door is.

And, if you're a home-owner, you get everything.

Yep, that's how I run my home. Wait, no I don't...



... Change nothing and continue consistently
--- MultiMail/XT v0.52
þ Synchronet þ realitycheckBBS -- http://realitycheckBBS.org
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: Daryl Stout

Daryl Stout wrote to poindexter FORTRAN <=-

In the publication "Ham Radio For Dummies", written by H. Ward
Silver, N0AX, he notes that those coming to an examiners residence to
take the license exam (3 examiners are required to give it), that "Remember...you are a Guest in someone's home, so act accordingly".
I've been involved in ham radio for nearly 30 years, and have been accredited to give exams since 2007.

Yes - that is, literally, someone's HOME, so the analogy holds up.


... Do you have access to your previous configuration?
--- MultiMail/XT v0.52
þ Synchronet þ realitycheckBBS -- http://realitycheckBBS.org
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: paulie420
Re: Re: Hacking Attempt
By: paulie420 to Arelor on Sat Jun 20 2020 09:03 pm

Does my simple, PIA (Private internet access) VPN offer any decent protection from people
knowing 'who i am' if they wanted to look?

I simply bought a year of PIA and use it on all my connections out of my house... but I stil
use a TAILS USB if I need to be really private. TOR and TAILS...

But, how protected am I on my PIA VPN??

You are, hmmm, protected from the websites you visit, but not against the VPN provider, and
probably not against a LEO agency with a legit claim against the VPN.

--
gopher://gopher.operationalsecurity.es

---
þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: poindexter FORTRAN
Re: Re: Hacking Attempt
By: poindexter FORTRAN to Daryl Stout on Tue Jun 23 2020 06:41 am

Daryl Stout wrote to poindexter FORTRAN <=-

In the publication "Ham Radio For Dummies", written by H. Ward Silver, N0AX, he notes that those coming to an examiners residence to take the license exam (3 examiners are required to give it), that "Remember...you are a Guest in someone's home, so act accordingly". I've been involved in ham radio for nearly 30 years, and have been accredited to give exams since 2007.

Yes - that is, literally, someone's HOME, so the analogy holds up.

... Do you have access to your previous configuration?

I consider it more like being a clubhouse than being a home. In stead of
being set up for living in, it's the place you set up the tiki bar and the poo l table and hang all your posters and all the gawdy stuff your wife won't let you put in the living room. In the clubhouse the rules are geared more
towards entertaining visitors. You can make a bit of noise and have fun or have a friendly debate, but when fists start flying, someone will be asked to leave or get kicked out.

---
þ Synchronet þ The Cave BBS - Since 1992 - cavebbs.homeip.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: paulie420

paulie420 wrote to calcmandan <=-

Re: Re: Hacking Attempt
By: calcmandan to Arelor on Sat Jun 20 2020 07:43 pm

Not sure if I would be comfortable setting up a hidden service. I avoid TOR like a plague.

Why? Do you use a VPN?

I avoid TOR because I spent the last eight years of my professional life working in infosec.

No I don't use a vpn nor do I utilize much of the web these days. Flight planning is about 99% of it.

... Visit me at gopher://gcpp.world
--- MultiMail/Linux v0.49
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.18a-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Daniel,

197.219.106.232 -Mozambique - Africa/Maputo (Time Zone)

61.38.37.229 - South Korea - LG Dacom Corporation (ISP)

Added to the Twitlist. I also have Peerblock installed to block
various countries.

Would it be considered wise to add all tor exit nodes to these lists?

It can't hurt. If they appear to be a threat to your system, then
by all means, block them.

Daryl

... NO CARRIER -- but I've got some warships and F-15's.
--- MultiMail/Win v0.52
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.19c-Linux NewsLink 1.113

From Newsgroup: alt.bbs.synchronet

To: calcmandan
Daniel,

Back in the day, I know some boards fell victims to these activities.
One bbs I co-sysop'd on got the michelangelo virus. Not only did it
effect all the files in his hand picked file section, but it also
effected all his files as well as on the floppy. I believe it even
wrote itself to the drive's mbr.

I've always "practiced safe HEX", and rarely got uploads. Not
requiring them helped, too...although I did most of the uploads.

Daryl

... If you share your beer with the dog, you might be a redneck.
--- MultiMail/Win v0.52
þ Synchronet þ The Thunderbolt BBS - tbolt.synchro.net
--- Synchronet 3.18a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net
--- Synchronet 3.19c-Linux NewsLink 1.113