RE: Running on port 23 is foolish
BY: All

Even with geoblocking im getting an idiot flooding all my nodes. I shouldnt have to have 10+ nodes running/configured to reduce the odds for this.


--- WWIV 5.6.0.3274
* Origin: inland utopia * socal usa * iutopia.duckdns.org:23 (21:4/108)

4/10
RE: Running on port 23 is foolish
BY: All

Even with geoblocking im getting an idiot flooding all my nodes. I shouldnt have to have 10+ nodes running/configured to reduce the odds

If you run on 23, you will most definitely need some type of validation
script. I use an Escape twice thing, but am writing a numeric validation
script with timer. That will drop the connection if not a real person.


Sincerely,
-Nugax
--=TheByteXchange BBS=--

--- Mystic BBS v1.12 A47 2020/09/12 (Linux/64)
* Origin: The ByteXchange BBS | bbs.thebytexchange.com (21:1/107)

RE: Re: Running on port 23 is foolish
BY: nugax(21:1/107)

If you run on 23, you will most definitely need some type of validation script. I use an Escape twice thing, but am writing a numeric validation script with timer. That will drop the connection if not a real person.

the validation script isnt cutting it, im getting flooded real bad. Even with the escape twice thing.


--- WWIV 5.6.0.3274
* Origin: inland utopia * socal usa * iutopia.duckdns.org:2023 (21:4/108)

If you run on 23, you will most definitely need some type of validation script. I use an Escape twice thing, but am writing a numeric validation script with timer. That will drop the connection if not a real person.

I use the escape twice thing as well as a "type yes if you agree with this stupid disclaimer" thing. A wrong keypress drops carrier. I also do geoip lookup.

I'm thinking of doing some IP blocking but need to figure out best way to implement. Right now I log IPs to /var/log/syslog - maybe I can write
something that monitors for too many connection attempts there.

--- Mystic BBS v1.12 A46 2020/08/06 (Linux/64)
* Origin: monterey bbs (21:1/168)

Even with geoblocking im getting an idiot flooding all my nodes. I shouldnt have to have 10+ nodes running/configured to reduce the
odds for this.

well, yeah.. running on standard port 23 will bring alot of bots or even
dos attacks. if you run on linux maybe you should consider using
fail2ban?

Mindsurfer

--- MagickaBBS v0.15alpha (Linux/armv7l)
* Origin: FuNToPia telnet://funtopia.ddnss.eu:2023 (21:3/119)

the validation script isnt cutting it, im getting flooded real bad. Even with the escape twice thing.

Do you have it set to disconnect if anything *BUT* ESC is sent? Not many
tries, etc. Ive seen some people write then and give unlimited tries, etc.

I am writing one that requires human interaction. That will definitely1 cut it down. I run port 23, and my bbs doesn't get smashed too bad. Enough the
Telnet server can't handle at least.


Sincerely,
-Nugax
--=TheByteXchange BBS=--

--- Mystic BBS v1.12 A47 2020/09/12 (Linux/64)
* Origin: The ByteXchange BBS | bbs.thebytexchange.com (21:1/107)

I use the escape twice thing as well as a "type yes if you agree with
this stupid disclaimer" thing. A wrong keypress drops carrier. I also do geoip lookup.

This is what I mean. Human interaction needed (not just a key, you can send a key ord number easily in a script). Plus drop immediately if anything wrong
is sent. That stops the bots.


Sincerely,
-Nugax
--=TheByteXchange BBS=--

--- Mystic BBS v1.12 A47 2020/09/12 (Linux/64)
* Origin: The ByteXchange BBS | bbs.thebytexchange.com (21:1/107)

RE: RE: Running on port 23 is foolish
BY: Mindsurfer(21:3/119)

well, yeah.. running on standard port 23 will bring alot of bots or even
dos attacks. if you run on linux maybe you should consider using

Win32, i cant use fail2ban.


--- WWIV 5.6.0.3274
* Origin: inland utopia * socal usa * iutopia.duckdns.org:2023 (21:4/108)

well, yeah.. running on standard port 23 will bring alot of bots or even dos attacks. if you run on linux maybe you should consider using
fail2ban?

I use fail2ban but haven't done any real custom configuration stuff. Maybe I should delve in a bit here and cobble together a howto or something.

--- Mystic BBS v1.12 A46 2020/08/06 (Linux/64)
* Origin: monterey bbs (21:1/168)

On 28 Sep 2020, ryan said the following...

well, yeah.. running on standard port 23 will bring alot of bots or e dos attacks. if you run on linux maybe you should consider using fail2ban?

I use fail2ban but haven't done any real custom configuration stuff.
Maybe I should delve in a bit here and cobble together a howto or something.

What sort of things have people experienced leaving the BBS on port 23?
I might regret saying this, but I trust y'all in here... my BBS is on port
23, and ... touch wood / knock on wood, not experienced any issues with
people tryna DoS me or owt like that. (This isn't an invite for any to start now by the way hahahahaha)

I just use the Mystic built-in IP block thing. It works well, sometimes too well (as I have blocked myself a few times lol).

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (21:1/158)

On 28 Sep 2020, MeaTLoTioN said the following...

I just use the Mystic built-in IP block thing. It works well, sometimes too well (as I have blocked myself a few times lol).

You could add your IP to the whitelist.txt file to avoid that. ;)


---

Black Panther(RCS)
aka Dan Richter
Castle Rock BBS
telnet://bbs.castlerockbbs.com
http://www.castlerockbbs.com
http://github.com/DRPanther
The sparrows are flying again...

--- Mystic BBS v1.12 A46 2020/08/25 (Linux/64)
* Origin: Castle Rock BBS - bbs.castlerockbbs.com (21:1/186)

well, yeah.. running on standard port 23 will bring alot of bots
or even dos attacks. if you run on linux maybe you should
consider using

Win32, i cant use fail2ban.

how about this one? https://github.com/DigitalRuby/IPBan
i have not used it myself, but maybe it can help you. There is a free
open source version and a pro version. Windows and Linux

Mindsurfer

--- MagickaBBS v0.15alpha (Linux/armv7l)
* Origin: FuNToPia telnet://funtopia.ddnss.eu:2023 (21:3/119)

On 28 Sep 2020, Utopian Galt said the following...

Win32, i cant use fail2ban.

I used this when I was still on Windows. Filters out a lot of the rift-raft:

https://github.com/TRI0N/ip-security

It uses Powershell to block out an entire country's IP space.

Jay

... Why was King Arthur's army tired? Too many sleepless knights

--- Mystic BBS v1.12 A46 2020/08/26 (Raspberry Pi/32)
* Origin: Northern Realms (21:3/110)

You could add your IP to the whitelist.txt file to avoid that. ;)

haha ya know, after I blocked myself probably for the 7th time, I figured
that out =)

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (21:1/158)

What sort of things have people experienced leaving the BBS on port 23?
I might regret saying this, but I trust y'all in here... my BBS is on
port 23, and ... touch wood / knock on wood, not experienced any issues with people tryna DoS me or owt like that. (This isn't an invite for any to start now by the way hahahahaha)

With daydream I had constant locked nodes. It was a game of whackamole trying to keep things under control.

With Mystic, I've done much better, but I have the country IP filtering, the "press esc twice..." thing, the "type yes to continue" thing. Seems to work
ok.

Maybe I should just use Mystic as a frontend for daydream :P

--- Mystic BBS v1.12 A46 2020/08/06 (Linux/64)
* Origin: monterey bbs (21:1/168)

how about this one? https://github.com/DigitalRuby/IPBan
i have not used it myself, but maybe it can help you. There is a free
open source version and a pro version. Windows and Linux

Neat - gonna check this out. Thanks for surfacing it.

--- Mystic BBS v1.12 A46 2020/08/06 (Linux/64)
* Origin: monterey bbs (21:1/168)

Even with geoblocking im getting an idiot flooding all my nodes. I shouldnt have to have 10+ nodes running/configured

So far what I've done is make sure that the badusers/trashcan file has all the user names they try in it, so it tosses them off as soon as they try login. Tieing the node up for a minimum of time. This seems to work reasonably well, although it doesn't eliminate the problem.

I did try geoblocking but like you only had limited success with it. And in a slightly different setup incarnation I used to ban every class c range when a script kiddie turned up. I find myself at present though, I can't get a log out of haproxy, so I can't run something like fail2ban. Which in the scheme of
things I found only moderately usefull too.

Spec


*** THE READER V4.50 [freeware]
--- SuperBBS v1.17-3 (Eval)
* Origin: Scrawled in haste at The Lower Planes (21:3/101)

I'm thinking of doing some IP blocking but need to figure out best way to implement. Right now I log IPs to /var/log/syslog - maybe I can write something that monitors for too many connection attempts there.

You want to have a look at fail2ban, it should do all the right things fr you.

Spec


*** THE READER V4.50 [freeware]
--- SuperBBS v1.17-3 (Eval)
* Origin: Scrawled in haste at The Lower Planes (21:3/101)

ryan wrote to MeaTLoTioN <=-

What sort of things have people experienced leaving the BBS on port 23?
I might regret saying this, but I trust y'all in here... my BBS is on
port 23, and ... touch wood / knock on wood, not experienced any issues with people tryna DoS me or owt like that. (This isn't an invite for any to start now by the way hahahahaha)

With daydream I had constant locked nodes. It was a game of
whackamole trying to keep things under control.

With Mystic, I've done much better, but I have the country IP
filtering, the "press esc twice..." thing, the "type yes to
continue" thing. Seems to work ok.

Maybe I should just use Mystic as a frontend for daydream :P

Or just use Synchronet... :-)

I run on port 23, and Synchronet's built in IP ban/block works
great. Occasionally I'll go through logs and manually add pesky
IP's to the permanent block file. I have geo/country blocking for
many countries enabled in my perimeter firewall. I get a few
dumb-terminal login attempts, but nothing that worries me.



... Then the manure hit the rotary air displacement unit.
=== MultiMail/Linux v0.52
--- SBBSecho 3.11-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138)

RE: Re: Running on port 23 is foolish
BY: ryan(21:1/168)

With daydream I had constant locked nodes. It was a game of whackamole trying
to keep things under control.

It was not fun, i was locked nodes under mystic and wwiv. :(


--- WWIV 5.6.0.3274
* Origin: inland utopia * socal usa * iutopia.duckdns.org:2023 (21:4/108)

I run on port 23, and Synchronet's built in IP ban/block works
great. Occasionally I'll go through logs and manually add pesky
IP's to the permanent block file. I have geo/country blocking for
many countries enabled in my perimeter firewall. I get a few dumb-terminal login attempts, but nothing that worries me.

Not a bad idea. Perhaps I can profile them and see which runs lighter with
all unnecessary functionality stripped out :)

My BBSes run in VPS so I'm not /too/ worried about setting up a perimeter firewall, but...it doesn't seem like a terrible idea now that I think about
it. Hehe.

--- Mystic BBS v1.12 A46 2020/08/06 (Linux/64)
* Origin: monterey bbs (21:1/168)