here's a new one I hadn't seen till now.

@ 09:15a Thu Jun 29 2017 Node 1
@+ Telnet <no name> [142.231.110.50]
N New user: Baud Boy
Baud Boy FAILED Password verification: 'PIRATE' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

this was in my logs today lol

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

Re: Cyber Bots
By: Denn Gray to All on Thu Jun 29 2017 06:24 pm

here's a new one I hadn't seen till now.

@ 09:15a Thu Jun 29 2017 Node 1
@+ Telnet <no name> [142.231.110.50]
N New user: Baud Boy
Baud Boy FAILED Password verification: 'PIRATE' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

this was in my logs today lol

you just posted your new users's password.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 09:48 pm

Baud Boy FAILED Password verification: 'PIRATE' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

Actually it was a failed attempt to join my BBS, I mistook it as a failed attack.
I will be more careful of what I cut and paste in the future.
oops live and learn.

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 09:48 pm

Re: Cyber Bots
By: Denn Gray to All on Thu Jun 29 2017 06:24 pm

here's a new one I hadn't seen till now.

@ 09:15a Thu Jun 29 2017 Node 1
@+ Telnet <no name> [142.231.110.50]
N New user: Baud Boy
Baud Boy FAILED Password verification: '*******:instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

Crap, Thought it was a failed attack, I definatly need to be more carful in the future.
Lucky he did not actually make an account on my BBS, thanx for pointing that out Mro.

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

These bots love the KK4QBN BBS.

+----+----+----+----+----+----+----+----+----+----+
Tristan B. Kildaire (deavmi@kk4qbn.synchro.net) +----+----+----+----+----+----+----+----+----+----+

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: Deavmi to Denn Gray on Fri Jun 30 2017 09:17 am

These bots love the KK4QBN BBS.

+----+----+----+----+----+----+----+----+----+----+
Tristan B. Kildaire (deavmi@kk4qbn.synchro.net) +----+----+----+----+----+----+----+----+----+----+

They don't hit my BBS to bad since I locked down all the ports and just forwarded the ones I need, I still get a handfull throughout the day.
My FTP server gets googlebots hitting it but not to bad there either.

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

you just posted your new users's password.

I decided not to have a New User Password. If they don't leave New
User Feedback, telling where they heard about the BBS, and what they're
looking for in it...and go through the Telnet Email Verifier within 48
hours, I zap their account.

Their lack of going through the New User Logon process tells me they
aren't interested in the BBS.

What users do OUTSIDE THE BBS is THEIR BUSINESS...but they are A GUEST
IN MY HOME AT LOGON. To me, nowadays, if you let a total, unknown
stranger into your home, you have a death wish.

Daryl

---
þ OLX 1.53 þ 35 million laws are trying to enforce The 10 Commandments
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 21:48:35

you just posted your new users's password.

Are you saying that the BBS software stores passwords in log files, in plain text? That really isn't something that should be logged at all.

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 21:48:35

Are you saying that the BBS software stores passwords in log files, in plain text? That really isn't something that should be logged at all.

World's worst debugging system. Encrypt that kak now!

+----+----+----+----+----+----+----+----+----+----+
Tristan B. Kildaire (deavmi@kk4qbn.synchro.net) +----+----+----+----+----+----+----+----+----+----+

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

These bots love the KK4QBN BBS.

They love all BBS's...mine is getting hammered as well. And, my
name.can file is getting larger by the day. :P

Thank goodness for the wildcard modifier ~ with the Synchronet
name.can file -- it saves having to add additional strings (i.e., using
admin~ picks up Admin, Admin1, Administrator, etc.).

Many of them are related to the MARAI bot (I think that's the name).

Daryl

---
þ OLX 1.53 þ I can't be overdrawn at the bank!! I still have checks!!
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

They love all BBS's...mine is getting hammered as well. And, my
name.can file is getting larger by the day. :P

Thank goodness for the wildcard modifier ~ with the Synchronet
name.can file -- it saves having to add additional strings (i.e., using admin~ picks up Admin, Admin1, Administrator, etc.).

Many of them are related to the MARAI bot (I think that's the name).

Daryl

---
... OLX 1.53 ... I can't be overdrawn at the bank!! I still have checks!!
... Synchronet ... The Thunderbolt BBS - wx1der.dyndns.org

Mirai?
+----+----+----+----+----+----+----+----+----+----+
Tristan B. Kildaire (deavmi@kk4qbn.synchro.net) +----+----+----+----+----+----+----+----+----+----+

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: Daryl Stout to DEAVMI on Fri Jun 30 2017 06:42 pm

These bots love the KK4QBN BBS.

They love all BBS's...mine is getting hammered as well. And, my
name.can file is getting larger by the day. :P

They don't love mine to much, but then I am behind 2 firewalls, the 1st is my Nighthawk x6 Router firewall that allows me to create my own rules,
the second not sure if it really works all that well is the windows 7 firewall. but I only get a hanfull of hits all day long.

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

Re: Cyber Bots
By: Denn Gray to All on Thu Jun 29 2017 18:24:38

Baud Boy FAILED Password verification: 'PIRATE' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

well.. just give everyone baud boys password. better change it for them.

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: Deavmi to Denn Gray on Fri Jun 30 2017 09:17:12

These bots love the KK4QBN BBS.

you got that right.. you been surfing the logs? bet the ip.can is 10 megs or more by now.

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: tfurrows to Mro on Sat Jul 01 2017 00:59:39

you just posted your new users's password.

Are you saying that the BBS software stores passwords in log files, in plain text? That really isn't something that should be logged at all.

Yes it does... thats why I was stating to my Co-Sysop the other day that SSH really is no more secure than using telnet on this BBS, it is only as strong as the barriers you put around your machine.

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: KK4QBN to Denn Gray on Sat Jul 01 2017 11:12 pm

Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

well.. just give everyone baud boys password. better change it for them.

Have you ever had one of those DUH moments :(
I had no idea what that was at the time till Mro said something about it and the sirens went off and the lights came on.
#1. Lucky thing is that he never actually sighned on.
#2. It was actually a friend of mine trying to make an account on the BBS. Guess he can't use that password anymore.
O well live and learn.

---
þ Synchronet þ the Outwest BBS - outwestbbs.com Telnet - outwestbbs.com:23

Re: Cyber Bots
By: Denn Gray to KK4QBN on Sat Jul 01 2017 23:22:11

well.. just give everyone baud boys password. better change it for
them.

Have you ever had one of those DUH moments :(
I had no idea what that was at the time till Mro said something about it and the sirens went off and the lights came on.
#1. Lucky thing is that he never actually sighned on.
#2. It was actually a friend of mine trying to make an account on the BBS. Guess he can't use that password anymore.
O well live and learn.

I've actually had plenty of those duh moments, and more than likely will have many more :)

Welcome!

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Mirai?

Yeah, that's it...I could not remember the spelling.

Daryl

---
þ OLX 1.53 þ Drain Bamage?? No, thanks...I already have some.
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Tim,

I've actually had plenty of those duh moments, and more than likely will have K>many more :)

I call them gray blond moments...they sound better than brain farts.
:P

Daryl

---
þ OLX 1.53 þ Ahh wight! Where's my WAM memowy you wascwy wabbitt?
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Re: Cyber Bots
By: Daryl Stout to KK4QBN on Sun Jul 02 2017 13:15:00

I've actually had plenty of those duh moments, and more than likely
will have many more :)

I call them gray blond moments...they sound better than brain farts.
:P

For sure :-)

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 09:48 pm

you just posted your new users's password.

Let's hope he doesn't use the same password on every bbs... Awww heck, who are we kidding ^_^

...darkwing!
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Cyber Bots
By: Denn Gray to KK4QBN on Sat Jul 01 2017 11:22 pm

Guess he can't use that password anymore.

Dang, and it's been such a good password since 1987 =)

...darkwing!
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Cyber Bots
By: Daryl Stout to MRO on Fri Jun 30 2017 12:04 pm

you just posted your new users's password.

I decided not to have a New User Password. If they don't leave New

you misunderstood.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

you just posted your new users's password.

I decided not to have a New User Password. If they don't leave New

you misunderstood.

No, unless it has been changed, the Telnet BBS Guide basically says
that "If you require a New User Password BESIDES the choice to 'Apply
For Access', you can NOT be listed in the Telnet BBS Guide"; that is put
out monthly for telnet, quarterly for dial-up.

When I ran GT Power under dial-up, it DID require a System Password
for New Users to enter BEFORE they could continue the New User Logon
process. This ensured that they didn't "skip over" things like the BBS Disclaimer and other things that users had to agree to before they could
be considered for access...to be sure they did in fact, read those
screens.

Others may disagree with me, but I feel that in this day and age, if
you let a total, unknown stranger into your residence...online or otherwise...you have a Death Wish. What users do OUTSIDE THE BBS is
THEIR BUSINESS...but they are A GUEST IN MY HOME AT LOGON...and they are EXPECTED to act in a manner where they'd be welcomed back. I won't
hesitate to "show a twit the door", as it were. I would rather have a
LIMITED number of QUALITY users who play by the rules, than a LARGE
number of QUANTITY users who do not.

Also, on my BBS, while user data is kept STRICTLY CONFIDENTIAL;
released ONLY for a Law Enforcement Subpeona, or for BBS Rules
Violations (Confirmed Visiting Sysops are notified, so that they can
protect their systems)...if a user will NOT leave New User Feedback,
telling where they heard about the BBS, and what they're looking for in
it, then go through the Telnet Email Verifier within 48 hours after
initial logon, their account is DELETED WITHOUT COMMENT.

The same applies if they omit or obviously falsify their new user data
(i.e. failing to provide a real full name along with their alias). While
some message networks and InterBBS Doorgame Leagues allow aliases, some
do NOT...because the user of REAL NAMES provides ACCOUNTABILITY and RESPONSIBILITY for ones actions.

In short, if users don't want to play by the simple rules I've laid
down, then I neither want them, or need them, on my BBS.

Daryl

---
þ OLX 1.53 þ I like it dark at night, and light during the day.
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Re: Cyber Bots
By: KK4QBN to tfurrows on Sat Jul 01 2017 11:21 pm

Re: Cyber Bots
By: tfurrows to Mro on Sat Jul 01 2017 00:59:39

you just posted your new users's password.

Are you saying that the BBS software stores passwords in log files, in plain text? That really isn't something that should be logged at all.

Yes it does...

And you can disable that by setting SCFG->System->Toggle Options->Echo Passwords Locally to "No".

digital man

Synchronet "Real Fact" #71:
The largest dial-up Synchronet BBS was The Easy Street BBS with 25 nodes/lines. Norco, CA WX: 101.1øF, 28.0% humidity, 8 mph ESE wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Cyber Bots
By: Mro to Denn Gray on Thu Jun 29 2017 09:48 pm

Baud Boy FAILED Password verification: '' instead of 'PBQ3RKYS'
N! Couldn't figure out password.

this was in my logs today lol

you just posted your new users's password.

Hahahahahahaha...

---
þ Synchronet þ Precinct 99 - p99bbs.homenet.org:2323 - Lewis Center, OH USA

Re: Cyber Bots
By: Digital Man to KK4QBN on Fri Jul 07 2017 14:06:24

Yes it does...

And you can disable that by setting SCFG->System->Toggle Options->Echo

Cool, I knew of that option, but did'nt think it would effect the logging also. in my mind "Echo passwords locally" had nothing to do with the output window or logging, only terminal, etc..


It's never presented an issue to me for the many years I've dealt with sbbs so i've never even tested that option. :-)

--

Tim Smith (KK4QBN)
KK4QBN BBS

---
* Synchronet * KK4QBN - kk4qbn.synchro.net - 7064229538 - Chatsworth GA USA

Re: Cyber Bots
By: KK4QBN to Digital Man on Sat Jul 08 2017 10:34 pm

Re: Cyber Bots
By: Digital Man to KK4QBN on Fri Jul 07 2017 14:06:24

Yes it does...

And you can disable that by setting SCFG->System->Toggle Options->Echo

Cool, I knew of that option, but did'nt think it would effect the logging also. in my mind "Echo passwords locally" had nothing to do with the output window or logging, only terminal, etc..

Okay, so I've change the name/help for that option in SCFG to make it more clear.

digital man

Synchronet/BBS Terminology Definition #42:
SCFG = Synchronet Configuration Utility
Norco, CA WX: 72.6øF, 74.0% humidity, 0 mph SSW wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net