1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • Suggestion

    From Knightmare@VERT to Digital Man on Tue Sep 20 22:05:19 2016
    Is there a way now (or maybe added in the future...) for the board to look for keywprds during login to add them
    to the IP filter automatically?

    For example, I get a lot of morons (script kiddies, I'm sure) that use the username/handle "root", or "admin". I'd
    like to see a patch to add this feature.

    Your thoughts?

    TIA

    ---
    þ Synchronet þ Precinct 99 BBS -- p99bbs.homenet.org - Lewis Center, OH USA
  • From Tony Langdon@VERT to Knightmare on Wed Sep 21 16:09:00 2016
    Knightmare wrote to Digital Man <=-

    For example, I get a lot of morons (script kiddies, I'm sure) that use
    the username/handle "root", or "admin". I'd
    like to see a patch to add this feature.

    Sounds similar to Mystic's trashcan.dat feature, where you put in usernames that the system will reject out of hand. Definitely a good idea to have.


    ... Never do card tricks for the group with whom you play poker.
    --- MultiMail/Win32 v0.49
    * Origin: Freeway BBS - freeway.apana.org
  • From Richard Miles@VERT to Knightmare on Wed Sep 21 05:25:11 2016
    For example, I get a lot of morons (script kiddies, I'm sure) that use
    the username/handle "root", or "admin". I'd
    like to see a patch to add this feature.


    It's called badname.can, you can read about it and some other useful built-in blocking tools at http://wiki.synchro.net/config:text_files

    -=>Richard Miles<=-
    -=>Captain Obvious<=-
    -=>bbs.shadowscope.com<=-

    --- Mystic BBS v1.12 A31 (Windows)
    * Origin: Shadowscope BBS (1:3634/24)
    þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net
  • From KenDB3@VERT to Richard Miles on Wed Sep 21 07:18:45 2016
    For example, I get a lot of morons (script kiddies, I'm sure) that use the username/handle "root", or "admin". I'd
    like to see a patch to add this feature.


    It's called badname.can, you can read about it and some other useful built-in blocking tools at http://wiki.synchro.net/config:text_files

    -=>Richard Miles<=-
    -=>Captain Obvious<=-
    -=>bbs.shadowscope.com<=-


    Yuppers, that is handy, its called name.can, I think you were thinking of the message that the attempted user gets if they enter something on the list, badname.msg.

    Mine is full of stuff I don't want people using. Mostly picked up from bots trying to log in.

    -------------------
    new
    all
    sysop~
    netmail
    @~
    #~
    !~
    :~
    /~
    a
    b
    c
    d
    e
    f
    g
    h
    i
    j
    k
    l
    m
    n
    o
    p
    q
    r
    s
    t
    u
    v
    w
    x
    y
    z
    sh
    root
    admin
    highspeed
    smcadmin
    echo~
    1234~
    password
    dreambox
    -------------------

    ~KenDB3

    ---
    þ Synchronet þ KD3net-Rhode Island's only BBS about nothing. http://bbs.kd3.us
  • From mark lewis@VERT to Tony Langdon on Wed Sep 21 07:41:16 2016
    21 Sep 16 16:09, you wrote to Knightmare:

    For example, I get a lot of morons (script kiddies, I'm sure) that
    use the username/handle "root", or "admin". I'd like to see a patch
    to add this feature.

    Sounds similar to Mystic's trashcan.dat feature, where you put in usernames that the system will reject out of hand. Definitely a good
    idea to have.

    except that it prevents you from seeing what they may really be trying to do...
    that's only one reason why i run and recommend to others that they also run an IDS/IPS ;)

    )\/(ark

    Always Mount a Scratch Monkey
    Do you manage your own servers? If you are not running an IDP/IPS yer doin' it wrong...
    ... Spiders are high in protein, but they tickle.
    ---
    * Ori
  • From Richard Miles@VERT to KenDB3 on Wed Sep 21 16:33:23 2016
    On 09/21/16, KenDB3 said the following...

    Yuppers, that is handy, its called name.can, I think you were thinking
    of the message that the attempted user gets if they enter something on
    the list, badname.msg.

    Most likely.

    -=>Richard Miles<=-
    -=>Captain Obvious<=-
    -=>bbs.shadowscope.com<=-

    --- Mystic BBS v1.12 A31 (Windows)
    * Origin:
  • From Digital Man@VERT to Knightmare on Wed Sep 21 20:47:18 2016
    Re: Suggestion
    By: Knightmare to Digital Man on Tue Sep 20 2016 10:05 pm

    Is there a way now (or maybe added in the future...) for the board to look for keywprds during login to add them
    to the IP filter automatically?

    For example, I get a lot of morons (script kiddies, I'm sure) that use the username/handle "root", or "admin". I'd
    like to see a patch to add this feature.

    Your thoughts?

    It's already in v3.17: http://wiki.synchro.net/howto:block-hackers#auto-blocking

    digital man

    Synchronet/BBS Terminology Definition #13:
    DM = Digital Man (Rob Swindell)
    Norco, CA WX: 72.8øF, 70.0% humidity, 5 mph SE wind, 0.00 inches rain/24hrs
    ---
    þ Synchronet þ Vertrauen þ
  • From Knightmare@VERT to KenDB3 on Thu Sep 22 06:16:36 2016
    Re: Re: Suggestion
    By: KenDB3 to Richard Miles on Wed Sep 21 2016 07:18 am

    Yea, that sounds like it.

    ---
    þ Synchronet þ Precinct 99 BBS -- p99bbs.homenet.org - Lewis Center, OH USA