Do the hack attempts ever stop? I am running my BBS at my house with the WindowsXP box on the Port Forward on my Xfinity router. I swear they started almost instantly when I established the port forward. I've added several dozen host names to my filter and it seems to help stop them. I'd like to run my BBS but I don't want to crash my home internet. It's happened once already. Any helpful tips would be greatly appreciated.

Tim Whitson
The Fool's Quarter
bbs.foolsquarter.com
--- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Tim Whitson to All on Tue Sep 15 2020 10:59 pm

Do the hack attempts ever stop? I am running my BBS at my house with the WindowsXP box on the Port Forward on my Xfinity router. I swear they started almost instantly when I established the port forward. I've added several dozen host names to my filter and it seems to help stop them. I'd like to run my BBS but I don't want to crash my home internet. It's happened once already. Any helpful tips would be greatly appreciated.

It's pretty much essential to run on a non-standard port. Do not use 22 or 23, because every bot around is trolling for open connections on those ports. Even running non-standard ports I do get a fair number of bot connections per day, but waaaaaay less than I did on standard ports. Also try to block as much as possible at the router if you have any options that way, so that you're dealing with less traffic load.
---
Underminer - The Undermine BBS
þ Synchronet þ The Undermine - bbs.undermine.ca:423
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Tim Whitson to All on Tue Sep 15 2020 10:59 pm

Do the hack attempts ever stop?

No, not really. But they're pretty harmless too.

I am running my BBS at my house with the
WindowsXP box on the Port Forward on my Xfinity router. I swear they started almost instantly when I established the port forward.

Yup. The TCP requests were already there. You just didn't know it.

I've added
several dozen host names to my filter and it seems to help stop them. I'd like to run my BBS but I don't want to crash my home internet. It's happened once already. Any helpful tips would be greatly appreciated.

I seriously doubt that anyone "crashed your home Internet".

As for tips, read this: http://wiki.synchro.net/howto:block-hackers

digital man

Synchronet/BBS Terminology Definition #23:
DSL = Digital Subscriber Line
Norco, CA WX: 73.2øF, 40.0% humidity, 0 mph SSW wind, 0.00 inches rain/24hrs --- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Underminer to Tim Whitson on Wed Sep 16 2020 12:53 am

Re: Hack Attempts
By: Tim Whitson to All on Tue Sep 15 2020 10:59 pm

Do the hack attempts ever stop? I am running my BBS at my house with the WindowsXP box on the Port Forward on my Xfinity router. I swear they started almost instantly when I established the port forward.

I've

added several dozen host names to my filter and it seems to help stop them. I'd like to run my BBS but I don't want to crash my home internet. It's happened once already. Any helpful tips would be

greatly

appreciated.

It's pretty much essential to run on a non-standard port.

For 20+ years, I've run Synchronet on standard TCP ports. If you want to obscure your BBS from the less proficient users, then yeah, sure, use a non-standard port. But it's not really going to enhance any "security".

digital man

Synchronet/BBS Terminology Definition #72:
SSJS = Server-side JavaScript
Norco, CA WX: 73.2øF, 40.0% humidity, 0 mph SSW wind, 0.00 inches rain/24hrs --- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Digital Man to Underminer on Wed Sep 16 2020 01:03 am

obscure your BBS from the less proficient users, then yeah, sure, use a non-standard port. But it's not really going to enhance any "security".

Yes, that is true.

But his complaint is related to reducing all the "hack attempts" and if you want to reduce the sheer volume of bot traffic the lowest hanging fruit is to change ports, and I stand by that. Simply changing ports will not make up for any other security issues you have present on a system, but I've never been too worried about any of those bots doing anything as they're pretty much all just trying known user/pass combos for unsecured devices to add to their spam networks - which is why something as simple as using a different port helps to reduce the number clogging up your connection logs.
---
Underminer - The Undermine BBS
þ Synchronet þ The Undermine - bbs.undermine.ca:423
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Underminer to Digital Man on Wed Sep 16 2020 05:00:51

But his complaint is related to reducing all the "hack attempts" and if

you want to reduce the sheer

volume of bot traffic the lowest hanging fruit is to change ports, and I

stand by that. Simply chang

My advice to people who are bothered by seeing hack attempts is that they stop watching their logs so closely. If I looked at my logs right now, I'd see that my web server is very busy, and my terminal and mail servers are under constant assault. I don't go looking at logs unless I'm trying to find something in particular.

This is a far simpler solution and doesn't introduce any added complexity.

It's generally a non-issue, especially if things are set up properly.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Underminer to Digital Man on Wed Sep 16 2020 05:00 am

But his complaint is related to reducing all the "hack attempts" and if you want to reduce the sheer volume of bot traffic the lowest hanging fruit is to change ports, and I stand by that. Simply changing ports will not make

up

for any other security issues you have present on a system, but I've never been too worried about any of those bots doing anything as they're pretty much all just trying known user/pass combos for unsecured devices to add to their spam networks - which is why something as simple as using a different port helps to reduce the number clogging up your connection logs.

It also reduces the number of legitimate users. I think there are better solutions that don't have that negative side effect. <shrug>

digital man

This Is Spinal Tap quote #11:
Nigel Tufnel: No. no. That's it, you've seen enough of that one.
Norco, CA WX: 95.3øF, 17.0% humidity, 5 mph N wind, 0.00 inches rain/24hrs
--- SBBSecho 3.11-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Tim Whitson to All on Tue Sep 15 2020 10:59 pm

Do the hack attempts ever stop? I am running my BBS at my house with the >

WindowsXP box on the Port Forward on my Xfinity router. I swear they started > almost instantly when I established the port forward. I've added several doz No they don't. You've only added several dozen? I have serveral hundreds at the very list. So you wanted to run a BBS eh?? Welcome to the fiasco. Are we having fun yet? lol.
HusTler
havens.synchro.net:23

---
þ Synchronet þ Havens BBS havens.synchro.net
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Digital Man to Underminer on Wed Sep 16 2020 01:36 pm

It also reduces the number of legitimate users. I think there are better solutions that don't have that negative side effect. <shrug>
digital man

That's fair. I just put up with it for years and stayed on standard ports for the same reason - I wanted to be able to attract new and less tech savvy users.
Then I had to use a sub-standard ISP for a spell when my GF and I moved in together and it was all that was available. The extra terminal traffic would crash their crappy gateway several times a day. Changing ports alleviated that until I could get a proper connection again, and the OP mentioned that as one of his troubles as well.
---
Underminer - The Undermine BBS
þ Synchronet þ The Undermine - bbs.undermine.ca:423
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: HusTler to Tim Whitson on Wed Sep 16 2020 08:26 pm

I've added several doz

No they don't. You've only added several dozen? I have serveral hundreds at the very list. So you wanted to run a BBS eh?? Welcome to the fiasco.

I run PeerBlock on my BBS machine and block 10 countries and use several of their other lists... 1.6 billion IP total. :)

|01-|03nolageek

---
þ Synchronet þ Capitol Shrill BBS - Washington, DC - capitolshrill.com
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: Hack Attempts
By: Tim Whitson to All on Tue Sep 15 2020 22:59:31

Simplest way is to move to a non standard port. Just about all the bot kitties
scan port 23 which is the defaulr telnet port. Switch to something like 2323.

Lupine Furmen
-Dallas Vinson
Furmens Folly (FIDO 1:123/257) - telnet: furmenservices.net:23
SSH: furmenservices.net:23222
Before the Web - telnet: furmenservices.net:23232
Legends of Yesteryear (FIDO 1:123/256) - telnet: furmenservices.net:23322
Sound Source ]|[ - telnet: furmenservices.net:2323



Dallas

... You can tell when politicians are lying...They move their lips.

---
þ Synchronet þ Furmen's Folly - furmenservices.net:23
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)