• Block IP Address

    From David@1:103/705 to All on Mon Feb 18 17:55:04 2019
    I'm new to this software and to be honest not very savvy. Is there a way to block specific IP address from telnet. I get attempts to "hack" my system within 5 mins of going online. Any thoughts?

    David

    ---
    þ Synchronet þ Atlantis
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From mark lewis@1:3634/12.73 to David on Tue Feb 19 02:04:26 2019

    On 2019 Feb 18 17:55:04, you wrote to All:

    I'm new to this software and to be honest not very savvy. Is there a
    way to block specific IP address from telnet. I get attempts to
    "hack" my system within 5 mins of going online. Any thoughts?

    that's normal in today's world... either ignore it or move your telnet port to something other than 23... port 22 will also take a beating, too...

    i've decided to leave them to their hacking... it provides me with a list of IPs to block if/when i get tired of it... sbbs will temp block them for a time that you can adjust and it'll also auto-add them to the ip.can file after a certain point...

    the main thing to remember, though, is that they're all automated bots from other infested systems... it isn't a human sitting there trying to get in... they're scoping out possible vulnerable systems to try to infest and add to their botnets... they're mainly looking for routers with flawed security but anything that'll let them in is open game...

    )\/(ark

    Always Mount a Scratch Monkey
    Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
    ... People who think they know it all are annoying to those of us who do.
    ---
    * Origin: (1:3634/12.73)
  • From Digital Man@1:103/705 to David on Tue Feb 19 03:18:48 2019
    Re: Block IP Address
    By: David to All on Mon Feb 18 2019 05:55 pm

    I'm new to this software and to be honest not very savvy. Is there a way
    to
    block specific IP address from telnet. I get attempts to "hack" my system within 5 mins of going online. Any thoughts?

    Read this:
    http://wiki.synchro.net/howto:block-hackers

    digital man

    This Is Spinal Tap quote #31:
    Viv Savage: Quite exciting, this computer magic!
    Norco, CA WX: 38.3øF, 62.0% humidity, 0 mph SW wind, 0.00 inches rain/24hrs
    --- SBBSecho 3.06-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Hemo@1:103/705 to David on Tue Feb 19 12:49:28 2019
    Re: Block IP Address
    By: David to All on Mon Feb 18
    2019 05:55 pm

    I'm new to this software and to be honest not very savvy. Is there a way to block specific IP address from telnet. I get attempts to "hack" my system within 5 mins of going online. Any thoughts?

    Hi David and welcome.

    A good place to start is here:

    http://wiki.synchro.net/howto:block-hackers

    I would start by figuring out the tools that are built in to Synchronet and then working with or adding to these tools as needed.

    As an example, some of us will use another tool to gather IP address we would like to block and then we manually ( or automatically ) have those added to the
    mentioned resources in the link I shared above. ( ip.can )

    --
    JH

    ... Don't force it, get a larger hammer.

    ---
    þ Synchronet þ - Running madly into the wind and screaming - bbs.ujoint.org
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Mortifis@1:103/705 to Hemo on Tue Feb 19 18:29:36 2019
    Re: Block IP Address
    By: David to All on Mon Feb 18
    2019 05:55 pm

    I'm new to this software and to be honest not very savvy. Is there a way to block specific IP address from telnet. I get attempts to "hack" my system within 5 mins of going online. Any thoughts?

    Hi David and welcome.

    A good place to start is here:

    http://wiki.synchro.net/howto:block-hackers

    I would start by figuring out the tools that are built in to Synchronet and then working with or adding to these tools as needed.

    As an example, some of us will use another tool to gather IP address we would like to block and then we manually ( or automatically ) have those added to the mentioned resources in the link I shared above. ( ip.can )

    php is a simple cross platform application ... SBBS does not need to have to knw about PhP at all .. I have a php script that merges a very copious blacklist'd file into ip.can while preserving the SBBS auto-FU-ip.can process.

    if you'd like a copy, I can send it to you ... tested on winxp, win7, win8+, win10(bleh) and various L*nices .... anything that runs SBBS and PHP ... let me
    know

    2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

    ---
    þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Dmxrob@1:103/705 to Mortifis on Tue Feb 19 17:53:32 2019
    Re: Re: Block IP Address
    By: Mortifis to Hemo on Tue Feb 19 2019 06:29 pm

    php is a simple cross platform application ... SBBS does not need to have
    to
    knw about PhP at all .. I have a php script that merges a very copious blacklist'd file into ip.can while preserving the SBBS auto-FU-ip.can process.

    if you'd like a copy, I can send it to you ... tested on winxp, win7,
    win8+,

    You might consider putting it on Github.


    dmxrob þ BBSing from St. Louis, Missouri since 1988

    ---
    þ Synchronet þ Gateway to the West - St. Louis, Missouri - bbs.dmxrob.net
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From David@1:103/705 to Digital Man on Tue Feb 19 19:16:04 2019
    Re: Block IP Address
    By: David to All on Mon Feb 18 2019 05:55 pm

    I'm new to this software and to be honest not very savvy. Is there a
    way
    to block specific IP address from telnet. I get attempts to "hack"
    my
    system within 5 mins of going online. Any thoughts?

    Read this:
    http://wiki.synchro.net/howto:block-hackers

    digital man

    This Is Spinal Tap quote #31:
    Viv Savage: Quite exciting, this computer magic!
    Norco, CA WX: 38.3øF, 62.0% humidity, 0 mph SW wind, 0.00 inches
    rain/24hrs

    ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ
    [vert/cvs/bbs].synchro.net

    Thank you very much

    ---
    þ Synchronet þ Atlantis
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Daryl Stout@1:19/33 to DAVID on Tue Feb 19 09:30:00 2019
    I'm new to this software and to be honest not very savvy. Is there a way to D>block specific IP address from telnet. I get attempts to "hack" my system D>within 5 mins of going online. Any thoughts?

    You can enter them in the ip.can file, or get the CAPTCHA utility from
    Lord Blackfair. With the ip.can file, since I get attempts from similar addresses, I use an asterisk as a wildcard for the last digit. I also am working on creating several versions of the CAPTCHA deal with changes in
    the numeric string, where Windows Scheduler will change it on an hourly
    basis. But, as of now, these bots never get to the logon prompt...where
    I'd see "Unknown User - Root", then a "Disconnected" message. Now, I
    just see the message. My guess is that the bots have a time limit, and
    if a connect isn't made, it disconnects.

    However, while I can write a simple batchfile for the BBS, my
    programming ENDS at setting the clock on the microwave oven. If I forget
    how to do that, I'll starve to death.

    Daryl

    ===
    þ OLX 1.53 þ 2 wrongs don't make a right - but 3 lefts do!
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
  • From David@1:103/705 to Daryl Stout on Sun Feb 24 15:59:57 2019
    I'm new to this software and to be honest not very savvy. Is there a
    way
    to D>block specific IP address from telnet. I get attempts to "hack" my system D>within 5 mins of going online. Any thoughts?

    You can enter them in the ip.can file, or get the CAPTCHA utility from Lord Blackfair. With the ip.can file, since I get attempts from similar addresses, I use an asterisk as a wildcard for the last digit. I also am working on creating several versions of the CAPTCHA deal with changes in
    the numeric string, where Windows Scheduler will change it on an hourly basis. But, as of now, these bots never get to the logon prompt...where
    I'd see "Unknown User - Root", then a "Disconnected" message. Now, I
    just see the message. My guess is that the bots have a time limit, and
    if a connect isn't made, it disconnects.

    However, while I can write a simple batchfile for the BBS, my
    programming ENDS at setting the clock on the microwave oven. If I forget
    how to do that, I'll starve to death.

    Daryl

    ===
    þ OLX 1.53 þ 2 wrongs don't make a right - but 3 lefts do!
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
    þ Synchronet þ Vertrauen þ Home of Synchronet þ
    [vert/cvs/bbs].synchro.net
    Ok, where does the ip.can file go and what is it's format for entering an
    ip address. I'll try and figure it out, but any help is much appreciated.

    David

    ---
    þ Synchronet þ Atlantis
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Dmxrob@1:103/705 to David on Sun Feb 24 22:59:00 2019
    Re: Re: Block IP Address
    By: David to Daryl Stout on Sun Feb 24 2019 03:59 pm

    Ok, where does the ip.can file go and what is it's format for entering an
    ip address. I'll try and figure it out, but any help is much appreciated.

    You'll find it in the /sbbs/text directory. The format is documented at the top of the file.


    dmxrob þ BBSing from St. Louis, Missouri since 1988

    ---
    þ Synchronet þ Gateway to the West - St. Louis, Missouri - bbs.dmxrob.net
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Dan Clough@1:103/705 to David on Mon Feb 25 07:56:00 2019
    David wrote to Daryl Stout <=-

    Ok, where does the ip.can file go and what is it's format for
    entering an ip address. I'll try and figure it out, but any help
    is much appreciated.

    http://wiki.synchro.net/config:ip.can

    Bookmark that Wiki...




    --- MultiMail/Linux v0.51
    þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From David@1:103/705 to Dan Clough on Mon Feb 25 12:34:49 2019
    David wrote to Daryl Stout <=-

    Ok, where does the ip.can file go and what is it's format for
    entering an ip address. I'll try and figure it out, but any help
    is much appreciated.

    http://wiki.synchro.net/config:ip.can

    Bookmark that Wiki...




    --- MultiMail/Linux v0.51
    þ Synchronet þ Palantir BBS * palantirbbs.ddns.net * Pensacola, FL
    Thank you very much, it's been helpful and I know this is newbie stuff I'm asking, thank you for your patient. I'm trying to get it together.

    ---
    þ Synchronet þ Atlantis
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Daryl Stout@1:19/33 to DAVID on Mon Feb 25 14:58:00 2019
    David,

    Ok, where does the ip.can file go and what is it's format for entering an D>ip address. I'll try and figure it out, but any help is much appreciated.

    It should be in c:\sbbs\text -- you can edit it with Windows Notepad.

    I also have Peerblock in place, and for the last digit in the address,
    I have an asterisk (*)(wildcard) value.

    Daryl

    ===
    þ OLX 1.53 þ A heavy night snowstorm is God saying: Take today off.
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
  • From Mortifis@1:103/705 to Daryl Stout on Tue Feb 26 08:57:46 2019
    David,

    Ok, where does the ip.can file go and what is it's format for entering an D>ip address. I'll try and figure it out, but any help is much
    appreciated.

    It should be in c:\sbbs\text -- you can edit it with Windows Notepad.

    My ip.can file is way to large to edit with notepad, as of this writing it has 55,196 blacklisted ip addresses :/

    2 wrongs don't make a right, but 3 left turns will get you back on the freeway!

    ---
    þ Synchronet þ AlleyCat! BBS - http://alleycat.synchro.net:81
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Daryl Stout@1:19/33 to DAVID on Tue Feb 26 12:01:00 2019
    David,

    Thank you very much, it's been helpful and I know this is newbie stuff I'm D>asking, thank you for your patient. I'm trying to get it together.

    All of us were beginners at one time. The only stupid question is one
    that's not asked.

    Daryl

    ===
    þ OLX 1.53 þ After Tuesday, even the calender says WTF.
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)
  • From Daryl Stout@1:19/33 to MORTIFIS on Wed Feb 27 09:54:00 2019
    My ip.can file is way to large to edit with notepad, as of this writing it ha
    55,196 blacklisted ip addresses :/

    Wow. I modified mine right now into 4 sections...hack attempts,
    repeated (multiple connects), blacklisted email, or FTP issues (banned
    user names, etc.). I also use a wildcard (asterisk) as the last
    character), and I also have the Peerblock utility.

    Also, I *CHANGED* the Guest User Account a bit. Now, they have to
    logon as GUEST USER with the Password of BROWSE -- just typing GUEST
    with or without a password, won't let them in.

    They still have to leave their name, email, and where they heard about
    the BBS, but most do not. Regardless, they have a LIMITED view of the
    BBS.

    Daryl

    ===
    þ OLX 1.53 þ Alert: Scanner shows Sysop in the area. Look innocent!!
    --- SBBSecho 3.06-Win32
    * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)