Is there way in the login.js to limit the number of connection attempts? I just had a connection that had already tried 8 time when I had seen it and I took the ip address and added it to the ip.can so it could no longer try. And it this number was lowered to say like 2 or 3 would it have any adverse affect on any of the operation of the system...


Thanks
Mojo

---
þ Synchronet þ Mojo's World BBS - mojo.synchro.net

Re: login.js
By: Mojo to All on Wed Jun 15 2016 10:32 pm

Is there way in the login.js to limit the number of connection attempts?

Do you mean login attempts?

If you're using the latest login.js from CVS, set login_prompts to a number lower than 10 (the defualt) in the [login] section of your ctrl/modopts.ini file.

I
just had a connection that had already tried 8 time when I had seen it and I took the ip address and added it to the ip.can so it could no longer try. And it this number was lowered to say like 2 or 3 would it have any adverse affect on any of the operation of the system...

Maybe this page will help answer your question: http://wiki.synchro.net/howto:block-hackers

digital man

Synchronet/BBS Terminology Definition #44:
XPDEV = Cross-platform Development
Norco, CA WX: 65.1øF, 69.0% humidity, 9 mph SE wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synch

Re: login.js
By: Mojo to All on Wed Jun 15 2016 10:32 pm

Is there way in the login.js to limit the number of connection attempts? I just had a connection that had already tried 8 time when I had seen it and I took the ip address and added it to the ip.can so it could no longer try. And it this number was lowered to say like 2 or 3 would it have any adverse affect on any of the operation of the system...

You might need the latest login.js if you don't already have it.

See http://wiki.synchro.net/config:sbbs.ini

Esp. the section about LoginAttemptHackThreshold under [Global]


I have mine set to 4.


-- Hemo

... Sometimes I sits and thinks, and sometimes I just sits.

---
þ Synchronet þ - Running ma

Re: login.js
By: Digital Man to Mojo on Wed Jun 15 2016 08:00 pm

Do you mean login attempts?

Yes, login attermpts..

If you're using the latest login.js from CVS, set login_prompts to a number lower than 10 (the defualt) in the [login] section of your ctrl/modopts.ini file.

Well I am not sure if I am using the latest one. Where can I find a copy of the latest one so I can make sure I got the right one in use?


I looked in my modopts.ini and did not see a login section where there is a place to change the number.

Maybe this page will help answer your question: http://wiki.synchro.net/howto:block-hackers

I will read this over also for more info.


Thanks Digital Man

Mojo

---

Jay,

Is there way in the login.js to limit the number of connection attempts? I ju M>had a connection that had already tried 8 time when I had seen it and I took M>the ip address and added it to the ip.can so it could no longer try. And it M>this number was lowered to say like 2 or 3 would it have any adverse affect o M>any of the operation of the system...

I don't think lowering the number does anything negative the system.
The bot will keep doing it until they get blocked, or they get tired of
it. On my system, when they try one of the user names (noted below), the
log here shows something like:

Node 2 Unknown User 'System'
Node 2 !Failed login with blocked user name: System
Node 2 !Javascript warning c:\sbbs\exec\login.js line 119: Disconnected

While you could do that, just have the various things in the user.can file...with a tilde as a wildcard after a certain entry. Here are a few
entries from my name.can file - you can also BBS software names, plus
add the dirty words in "a test of your creativity" <G>. These are the
bot logon strings I see most often.

adm~ - takes care of Admin, Administrator, Admin1, etc.

use~ - takes care of user, users, etc.

new user - I think the regular logon asks to enter NEW -- plus the
Matrix logons have an "APPLY" option for access.

support

supervisor

login

logon

root

#~ - put a number where the # is - that stops things like 7ujmko0admin
plus numeric string logons (1234, 12345, etc.).

abuse~ - takes care of abuse, abuser, abusers, etc.

addict

autoexec

config

c64

windows

linux

macintosh

sys~ - will take of System, Sysop, etc.

smcadmin

support

service

thisbbssucks

vizxv

< no name> - this will zap a lot of these that try to logon with
"no host name" -- but it might zap legitimate users with this setup.

If the host name is something like static.vnpt.vn or no-reverse-dns-configured.com (with no numbers, etc. before it), you can
use that in the host.can file. But, just having the names in the
user.can file should do the job.

(Continued to next message)
---
þ OLX 1.53 þ I'm out of bed and dressed. What more do you want??
þ Synchronet þ The Thunderbolt BBS - Little Rock, AR - wx1der.dyndns.org

(Continued from previous message)


As is noted on the Wiki page, "When these bots logon to a Synchronet
BBS as 'root', 'admin', or whatever, they wouldn't know what to do".

"These scripts are most likely expecting to encounter some kind of
Unix shell prompt, with which they can further interrogate the system
for known vulnerabilities, or use the system to launch attacks against
other hosts on your local network, or the internet".

"A Synchronet BBS Command Shell would NOT provide a favorable
environment to these "hacking" scripts, but they DON'T know that".

"So, they will just continue to blindly probe your ports, and rattle
your doorknobs. It may be irritating to some, but it's mostly harmless".

Daryl

---
þ OLX 1.53 þ I'm

Rob,

Is there way in the login.js to limit the number of connection attempts?

Do you mean login attempts?

If you're using the latest login.js from CVS, set login_prompts to a number DM>lower than 10 (the defualt) in the [login] section of your ctrl/modopts.ini DM>file.

The date I have on mine is 05-27-2016 -- is that the latest one?? I
saw a [login] section, but not one for login_prompts.

Daryl

---
þ OLX 1.53 þ Windbreaker: A Poot Suit.
þ Synchronet þ The Thunderbolt

Re: login.js 2/2
By: Daryl Stout to MOJO on Thu Jun 16 2016 03:01 pm

"So, they will just continue to blindly probe your ports, and rattle
your doorknobs. It may be irritating to some, but it's mostly harmless".

unless they tie up all your nodes and make the bbs slow for your online users. ---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Mojo,

"So, they will just continue to blindly probe your ports, and rattle your doorknobs. It may be irritating to some, but it's mostly harmless".

unless they tie up all your nodes and make the bbs slow for your online user

This is true. I think SBBS 3.17 (once it's released, I think it's
still in beta) will better fix that.

My "user trashcan" file is filled with things like Root, Adm, Admin1, Adminstrator, Supervisor, Support, Login, Logon, User, Sysop, etc. in
trying to deal with these "bots".

Daryl

---
þ OLX 1.53 þ Energizer Bunny still missing. Search party keeps going.
þ Synchronet þ The Thunderbolt BBS - Little Rock, AR - wx1der.dyndns.org

Re: login.js
By: Daryl Stout to MRO on Fri Jun 17 2016 10:25 am

This is true. I think SBBS 3.17 (once it's released, I think it's
still in beta) will better fix that.

My "user trashcan" file is filled with things like Root, Adm, Admin1, Adminstrator, Supervisor, Support, Login, Logon, User, Sysop, etc. in
trying to deal with these "bots".

i just prefer using a software firewall and then blocking ips by country and i have a batchfile that dumps an ip i paste in to the blocklist peerguardian uses. that way it's outside the bbs and seems to not stress synchronet.
it's just what i've tried that works.
i get a ton of traffic because i took over datastream and the sysop signed up for every spam offer known to man for several years.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: login.js
By: Mojo to Digital Man on Thu Jun 16 2016 03:42 pm

Re: login.js
By: Digital Man to Mojo on Wed Jun 15 2016 08:00 pm

Do you mean login attempts?

Yes, login attermpts..

If you're using the latest login.js from CVS, set login_prompts to a number lower than 10 (the defualt) in the [login] section of your ctrl/modopts.ini file.

Well I am not sure if I am using the latest one. Where can I find a copy of the latest one so I can make sure I got the right one in use?

Here: http://cvs.synchro.net/cgi-bin/viewcvs.cgi/*checkout*/exec/login.js

I looked in my modopts.ini and did not see a login section where there is a place to change the number.

Just add it (example):
[login]
login_prompts=5


digital man

Synchronet/BBS Terminology Definition #17:
DTE = Data Terminal Equipment
Norco, CA WX: 95.2øF, 10.0% humidity, 6 mph SE wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net