I've noticed and I know we've all talked about the issue where folks try to log
onto our boards using the name 'root'.

I also know that there's a way to add IP addresses to a .can file to block the IP address.

Why can't we combine them as a 'feature' to SynchrNet?

How hard would it be to add an optional function so that if someone makes a successful connection and uses pre-defined banned user names like 'root' or the
ilk, which allows a bogus connection that says something 'nice' to the connection, places the IP address in the banned file and terminates the connection.

Anyone?


_v_
ooO(# .)Ooo
=-=Patch=-=

---------------------------------------------------------------------------
= Return To The Lair of the Wolverine = Telet:r2lotw.synchro.net =
= Discord Global BBS Community = http://discord.gg/0yCxVosom5t6QNk5 =
= COMING SOON - R2LOTW The Companion Web Site! =

---
þ Synchronet þ Return to The Lair of the Wolverine BBS | telnet:r2lotw.synchro
net | Messages,


--- InterEcho 1.20
* Origin: Poseidon SoftWorx, Southaven MS, U.S.A. (21:2/136)

Re: Suggestion for SynchroNet
By: Patch to All on Mon May 09 2016 04:56 pm

I've noticed and I know we've all talked about the issue where folks try to log onto our boards using the name 'root'.

I also know that there's a way to add IP addresses to a .can file to block the IP address.

Why can't we combine them as a 'feature' to SynchrNet?

How hard would it be to add an optional function so that if someone makes a successful connection and uses pre-defined banned user names like 'root' or the ilk, which allows a bogus connection that says something 'nice' to the connection, places the IP address in the banned file and terminates the connection.

Anyone?

Doesn't sound like it would be too hard. I sometimes accidentally try to login to my own board as "root" though and wouldn't want to have my own IP banned! You probably want something a little less aggressive.

digital man

Synchronet/BBS Terminology Definition #5: BinkP = BinkD Protocol Norco, CA WX: 67.2øF, 62.0% humidity, 7 mph ESE wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net


--- InterEcho 1.20
* Origin: Poseidon SoftWorx, Southaven MS, U.S.A. (21:2/136)

Re: Suggestion for SynchroNet
By: Digital Man to Patch on Mon May 09 2016 06:26 pm

Doesn't sound like it would be too hard. I sometimes accidentally try to login to my own board as "root" though and wouldn't want to have my own IP banned! You probably want something a little less aggressive.

Good point!

Maybe you can whitelist IPs where 'root' could be used? Also with Op's like myself who didn't think about running the BBS on a RabPi before setting it all up on Windows 10. =)

Just think that a method of automation like that would be ideal. =)


_v_
ooO(# .)Ooo
=-=Patch=-=

---------------------------------------------------------------------------
= Return To The Lair of the Wolverine = Telet:r2lotw.synchro.net =
= Discord Global BBS Community = http://discord.gg/0yCxVosom5t6QNk5 =
= COMING SOON - R2LOTW The Companion Web Site! =

---
þ Synchronet þ Return to The Lair of the Wolverine BBS | telnet:r2lotw.synchro
net | Messages,


--- InterEcho 1.20
* Origin: Poseidon SoftWorx, Southaven MS, U.S.A. (21:2/136)

Re: Suggestion for SynchroNet
By: Patch to All on Mon May 09 2016 04:56 pm

I've noticed and I know we've all talked about the issue where folks try to onto our boards using the name 'root'.

I also know that there's a way to add IP addresses to a .can file to block t IP address.

Why can't we combine them as a 'feature' to SynchrNet?

How hard would it be to add an optional function so that if someone makes a successful connection and uses pre-defined banned user names like 'root' or ilk, which allows a bogus connection that says something 'nice' to the connection, places the IP address in the banned file and terminates the connection.

Anyone?

I use BulletProof FTP Server at home. It has a systemin it that prevents "hammering" of IP addresses trying to access the server. I have it set that if an IP address hits the server more than 3 times in 1 minute and attempts to log
in but fails, the IP is kicked and banned for a set period of time. I believe it can be set to permanantly ban that IP from accessing my server.

Digital Man: That gives you 3 chances to get it right. <insert cheeky grin here>

As I am the ONLY one who accesses my ftp server, I can basically ban every country except Australia.. A little different for Synchronet BBS if you have users from all over the world of course..

Jeff

---
þ Synchronet þ Mordor - casper.homeip.net


--- InterEcho 1.20
* Origin: Poseidon SoftWorx, Southaven MS, U.S.A. (21:2/136)

Re: Suggestion for SynchroNet
By: Patch to All on Mon May 09 2016 16:56:23

Ahoy, Patch!

How hard would it be to add an optional function so that if someone makes
a successful connection and uses pre-defined banned user names like 'root' or the ilk, which allows a bogus connection that says something 'nice' to the connection, places the IP address in the banned file and terminates
the connection.

Anyone?

I wrote a basic thing, to do that thing. It's called FAHKS:

https://bitbucket.org/arfonzo/fahks

It's a bit old, from 2014,but I do still use it on Fatcats BBS.

It lets you configure a number of "strikes", as in login tries, before the banhammer comes down. You can also configure which login names to watch for, like "root" et al.

You can of course tweak it, and make it more advanced such as handling temporary bans. I would definitely welcome that feature.

Kind regards,

art@fatcatsbbsdotcom

"We're going to beam them aboard, directly onto the Bridge." "But Captain, will
they not protest?" "Let them."
-- Picard and Data in ST:TNG "The Survivors"

---
þ Synchronet þ fatcats bbs - fatcatsbbs.com


--- InterEcho 1.20
* Origin: Poseidon SoftWorx, Southaven MS, U.S.A. (21:2/136)