1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • Security/Hack Attempts

    From Daryl Stout@VERT to Digital Man on Sat Jun 25 21:49:33 2016
    Rob,

    I was filling up my host.can and ip.can file with ip addresses and domains, then I noted the Properties and Security option. I lowered the number of failed logon attempts from 10 to 3, but these bots are still repeatedly failing the logon in SBBS 3.16 -- yet, the system isn't blocking them, except for a failed user name. I did see the Wiki deal on "hackers and the BBS", but was curious if 3.17 will have a feature to temporarily or permanently ban an IP address for this.

    Daryl

    ---
    þ
  • From art@VERT to Daryl Stout on Mon Jun 27 09:11:03 2016
    Re: Security/Hack Attempts
    By: Daryl Stout to Digital Man on Sat Jun 25 2016 21:49:33

    Ahoy Daryl,

    I was filling up my host.can and ip.can file with ip addresses and domains, then I noted the Properties and Security option. I lowered the number of failed logon attempts from 10 to 3, but these bots are still repeatedly failing the logon in SBBS 3.16 -- yet, the system isn't
    blocking them, except for a failed user name. I did see the Wiki deal on "hackers and the BBS", but was curious if 3.17 will have a feature to temporarily or permanently ban an IP address for this.

    I've made something a few years ago that can do this:

    https://bitbucket.org/arfonzo/fahks

    Kind regards,

    art@fatcatsbbsdotcom

    "Not even a bite on the cheek for old times' sake ?"
    -- K'Ehleyr to Worf in ST:TNG "Reunion"

    ---
    þ Synchronet þ fatcats bbs - fatcatsbbs.com
  • From Digital Man@VERT to Daryl Stout on Wed Jun 29 15:16:25 2016
    Re: Security/Hack Attempts
    By: Daryl Stout to Digital Man on Sat Jun 25 2016 09:49 pm

    Rob,

    I was filling up my host.can and ip.can file with ip addresses and domains, then I noted the Properties and Security option. I lowered the number of failed logon attempts from 10 to 3, but these bots are still repeatedly failing the logon in SBBS 3.16 -- yet, the system isn't blocking them, except for a failed user name.

    I'm not sure what you're saying. There is no setting called "failed logon attempts" in the Properties->Security dialog of the Synchronet Control Panel. Which value did you lower?

    I did see the Wiki deal on "hackers and
    the BBS", but was curious if 3.17 will have a feature to temporarily or permanently ban an IP address for this.

    Yes.

    digital man

    Synchronet/BBS Terminology Definition #16:
    DSZ = DOS Send ZMODEM (by Chuck Forsberg)
    Norco, CA WX: 90.1øF, 42.0% humidity, 10 mph ESE wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From Daryl Stout@VERT to ART on Wed Jun 29 09:55:00 2016
    Ahoy Daryl,

    Hi, Art...

    I was filling up my host.can and ip.can file with ip addresses and domains, then I noted the Properties and Security option. I lowered the number of failed logon attempts from 10 to 3, but these bots are still repeatedly failing the logon in SBBS 3.16 -- yet, the system isn't blocking them, except for a failed user name. I did see the Wiki deal on "hackers and the BBS", but was curious if 3.17 will have a feature to temporarily or permanently ban an IP address for this.

    I've made something a few years ago that can do this:

    https://bitbucket.org/arfonzo/fahks

    Good deal. I downloaded it, and will add it after I do the QWK Mail.

    I just have 4 nodes, and at times, they were coming in so hot and
    heavy that no one could connect to the BBS.

    Daryl

    ---
    þ OLX 1.53 þ Darn it!! I forgot all about the Amnesia Conference!!
    þ Synchronet þ The Thunderbolt BBS - Little Rock, AR - wx1der.dyndns.org
  • From Daryl Stout@VERT to DIGITAL MAN on Thu Jun 30 05:34:00 2016
    Rob,

    I'm not sure what you're saying. There is no setting called "failed logon DM>attempts" in the Properties->Security dialog of the Synchronet Control Panel DM>Which value did you lower?

    The hack log threshold and the IP filter threshold (under Properties
    and Security). I didn't change the other 2 values (delay and throttle in milliseconds).

    Daryl

    ---
    þ OLX 1.53 þ "Farfrompoopin'" - German word for constipation.
    þ Synchronet þ The Thunderbolt BBS - Little Rock, AR - wx1der.dyndn
  • From Digital Man@VERT to Daryl Stout on Thu Jun 30 13:56:57 2016
    Re: Security/Hack Attempts
    By: Daryl Stout to DIGITAL MAN on Thu Jun 30 2016 05:34 am

    Rob,

    I'm not sure what you're saying. There is no setting called "failed logon DM>attempts" in the Properties->Security dialog of the Synchronet Control Panel DM>Which value did you lower?

    The hack log threshold and the IP filter threshold (under Properties
    and Security). I didn't change the other 2 values (delay and throttle in milliseconds).

    The hack log threshold only affects when entries are added to your data/hack.log file.

    The IP filter threshold should do what you want, assuming you want to permanently ban IP addresses (via your text/ip.can file) after X number of unique failed login attempts.

    digital man

    Synchronet "Real Fact" #59:
    Synchronet apparel and merchandise can be purchased at cafepress.com/synchronet Norco, CA WX: 87.4øF, 47.0% humidity, 8 mph ESE wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ