• hackers

    From Alonzo@21:1/130 to All on Sat Jan 7 10:51:20 2023
    My board doesn't get any real callers, but I get a constant barrage of people trying to break in. It's funny, really. This one guy keeps trying to use paswords like "root" or "admin" (the old standbys). I finally left him (or her) a message on one of the login screens, telling them to give it up because there is nothing here except for a little server with a bulletin board on it, and they persist. I realize that most of these attempts are from bots, but I have had a few humans too. This is all very entertaining, in a way, but it's also annoying. So, what do YOU guys do about people trying to hack into your BBS? Just ignore them and let them have their fun? Or are there ways to stop them? I'm open to suggestions. Thanks.

    ... Don't diet, download a virus to remove the FAT.

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Oli@21:3/102 to Alonzo on Sat Jan 7 17:47:18 2023
    Alonzo wrote (2023-01-07):

    So, what do YOU guys do
    about people trying to hack into your BBS? Just ignore them and let them have their fun? Or are there ways to stop them? I'm open to suggestions. Thanks.

    change the port from 23 to some other port number.



    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Mewcenary@21:1/189 to Alonzo on Sat Jan 7 17:57:03 2023
    Re: hackers
    By: Alonzo to All on Sat Jan 07 2023 10:51 am

    entertaining, in a way, but it's also annoying. So, what do YOU guys do about people trying to hack into your BBS? Just ignore them and let them have their fun? Or are there ways to stop them? I'm open to suggestions.

    TBH, nothing on the BBS side. Just let the bots try and fail at doing their thing.

    I do a bit more on the home firewall side of things, however. There are various deny-lists and other tools that can prevent 'Known Bad' IPs from getting as far as your BBS, and also heuristically block repeated attempts.

    Defense in depth also means taking regular full backups, so in the event of a successful hack, I can restore to something Known Good.

    HTH!
    --- SBBSecho 3.20-Linux
    * Origin: Extricate BBS - bbs.extricate.org (21:1/189)
  • From Alonzo@21:1/130 to Oli on Sat Jan 7 15:15:51 2023
    change the port from 23 to some other port number.

    Good idea. I will give that a try.

    ... That's not a bug, it's an undocumented feature

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Alonzo@21:1/130 to Mewcenary on Sat Jan 7 15:17:29 2023
    TBH, nothing on the BBS side. Just let the bots try and fail at doing their thing.
    I do a bit more on the home firewall side of things, however. There are various deny-lists and other tools that can prevent 'Known Bad' IPs from getting as far as your BBS, and also heuristically block repeated attempts.

    Ok, thanks a lot for the tips.

    ... Fer sell cheep: BBS spel chekker. Wurks grate.

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Warpslide@21:3/110 to Alonzo on Sat Jan 7 20:39:49 2023
    On 07 Jan 2023, Alonzo said the following...

    So, what do YOU guys do about people trying to hack into your BBS? Just Al> ignore them and let them have their fun? Or are there ways to stop them? Al> I'm open to suggestions. Thanks.

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)

    I use this powershell script to block out whole countries and regions which really calms down (but doesn't eliminate) the noise:

    https://bbs.lc/oHfO7

    I also block out Digital Ocean & Linode's IP ranges:

    https://digitalocean.com/geo/google.csv
    https://geoip.linode.com/

    You'll need to make sure any mail hubs you connect to aren't hosted at any of these providers of course.

    You can also add the usual bad usernames (root, admin, etc) to mystic\data\badusers.txt which will stop them a bit sooner.


    Jay

    ... The older you get, the better you get, unless you're a banana

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: Northern Realms | bbs.nrbbs.net | 289-424-5180 (21:3/110)
  • From Bucko@21:4/131 to Alonzo on Sat Jan 7 21:53:22 2023
    On 07 Jan 2023, Alonzo said the following...

    My board doesn't get any real callers, but I get a constant barrage of people trying to break in. It's funny, really. This one guy keeps trying to use paswords like "root" or "admin" (the old standbys). I finally
    left him (or her) a message on one of the login screens, telling them to give it up because there is nothing here except for a little server with
    a bulletin board on it, and they persist. I realize that most of these attempts are from bots, but I have had a few humans too. This is all
    very entertaining, in a way, but it's also annoying. So, what do YOU
    guys do about people trying to hack into your BBS? Just ignore them and let them have their fun? Or are there ways to stop them? I'm open to suggestions. Thanks.

    I have my Router blocking countries now, I have about 7 or 8 of them, the usual suspects, North Korea, Russia, China, and a few other Communist states.. It works well for me.. My Mystic which is on port 23 blocks the rest with the built in blocker. The other boards I run well those fight without protection, other then when I see the IP addresses of the bots I will block them manually.. It's a pain sometimes but it does work..


    |11 Bucko |14- |06Wrong Number Family Of BBS' |07- |03www.wrgnbr.com

    ... Old musicians never die. They just decompose!

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: The Wrong Number Family Of BBS' - Wrong Number ][ (21:4/131)
  • From Alonzo@21:1/130 to Warpslide on Sun Jan 8 06:27:51 2023
    I use this powershell script to block out whole countries and regions which really calms down (but doesn't eliminate) the noise: https://bbs.lc/oHfO7
    I also block out Digital Ocean & Linode's IP ranges:

    Thanks for the tips! I will give that a try.

    ... Operator, give me the number for 911

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Alonzo@21:1/130 to Bucko on Sun Jan 8 06:31:52 2023
    I have my Router blocking countries now, I have about 7 or 8 of them,
    the usual suspects, North Korea, Russia, China, and a few other
    Communist states.. It works well for me.. My Mystic which is on port 23

    I haven't thought of actually blocking countries at the router. I've been letting Mystic take care of that. But if it gets worse, I'll try that. Thanks.

    ... Origin of Life? Just check my refrigerator...

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Bucko@21:4/131 to Alonzo on Sun Jan 8 07:24:59 2023
    On 08 Jan 2023, Alonzo said the following...


    I haven't thought of actually blocking countries at the router. I've been letting Mystic take care of that. But if it gets worse, I'll try that. Thanks.

    Main reason I do that is because I run a couple of other BBS Softwares that don't block like Mystic and Synchronet.

    AL


    |11 Bucko |14- |06Wrong Number Family Of BBS' |07- |03www.wrgnbr.com

    ... Shortcut: longest distance between two points

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: The Wrong Number Family Of BBS' - Wrong Number ][ (21:4/131)
  • From Blue White@21:4/134 to Alonzo on Sun Jan 8 09:45:02 2023
    Alonzo wrote to All <=-

    My board doesn't get any real callers, but I get a constant barrage of people trying to break in. It's funny, really. This one guy keeps
    trying to use paswords like "root" or "admin" (the old standbys). I finally left him (or her) a message on one of the login screens,
    telling them to give it up because there is nothing here except for a little server with a bulletin board on it, and they persist. I realize

    The root/admin/etc one is likely a bot. I have not noticed them as much lately, but I used to get a bunch of them. I am pretty sure they are
    scanning for IoT devices (TVs, game consoles, etc.) and maybe routers where people set them up but never change the passwords. If they find one, they
    can get into the device to install their payload.

    IIRC, I have seen a few that scan for the raspberry pi default user, too.



    ... Spelling is a sober man's game
    --- MultiMail/DOS
    * Origin: possumso.fsxnet.nz * SSH:2122/telnet:24/ftelnet:80 (21:4/134)
  • From Taphophile@21:4/141 to Alonzo on Sun Jan 8 14:24:35 2023
    Re: hackers
    By: Alonzo to All on Sat Jan 07 2023 10:51 am

    My board doesn't get any real callers, but I get a constant barrage of people trying to break in. It's funny, really. This one guy keeps trying to use paswords like "root" or "admin" (the old standbys). I finally left
    You should make those accounts! root and admin and when they do manage a log-in, have the accounts suspended so that they are immediatly disconnected, hahaha!

    May or may not be feasable, but funny!

    Taphophile
    --- SBBSecho 3.11-Win32
    * Origin: -=[conchaos.synchro.net | ConstructiveChaos BBS]=- (21:4/141)
  • From Taphophile@21:4/141 to Mewcenary on Sun Jan 8 14:30:05 2023
    Re: hackers
    By: Mewcenary to Alonzo on Sat Jan 07 2023 05:57 pm

    Back in the day, I had a friend who hosted CHRIS-CO BBS (his name is Chris) and he wrote a script for his VBBS6.14/VAdvanced 2.10 board that new users had to input the phone number they were calling from, and the board would disconnect them and then call that number and somehow (i don't remember the details) verify that it was a legit caller. I think you could have your dialer software open and answer an incoming call? I really don't remember I wasn't even driving back then I was a kiddo. I thought that was real neat though! He had a number of scripts written, and even wrote his own net "CHRIS-NET" that all the local boards were apart of. I don't know what ever happened to that dood. His handle was "Computer Whiz".

    Taphophile
    --- SBBSecho 3.11-Win32
    * Origin: -=[conchaos.synchro.net | ConstructiveChaos BBS]=- (21:4/141)
  • From opicron@21:3/126 to Taphophile on Sun Jan 8 20:03:24 2023
    Back in the day, I had a friend who hosted CHRIS-CO BBS (his name is Chris he wrote a script for his VBBS6.14/VAdvanced 2.10 board that new users had input the phone number they were calling from, and the board would disconn them and then call that number and somehow (i don't remember the details)

    Thats actually pretty damn cool ^^

    ... Anything is possible if you don't know what you're talking about

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: TheForze - bbs.theforze.eu:23 (21:3/126)
  • From ogg@21:2/147 to Taphophile on Sun Jan 8 14:17:44 2023
    On 08 Jan 2023, Taphophile said the following...

    Re: hackers
    By: Mewcenary to Alonzo on Sat Jan 07 2023 05:57 pm

    Back in the day, I had a friend who hosted CHRIS-CO BBS (his name is Chris) and he wrote a script for his VBBS6.14/VAdvanced 2.10 board that new users had to input the phone number they were calling from, and the board would disconnect them and then call that number and somehow (i
    don't remember the details) verify that it was a legit caller. I think
    you could have your dialer software open and answer an incoming call? I really don't remember I wasn't even driving back then I was a kiddo. I thought that was real neat though! He had a number of scripts written,
    and even wrote his own net "CHRIS-NET" that all the local boards were apart of. I don't know what ever happened to that dood. His handle was "Computer Whiz".

    Taphophile

    The phone modems of that period were used to communicate in 2 directions. Obviously, you could get incoming to your BBS. But you used them when calling to another BBS. This "feature" of verifying a user was actually quite common. Look here "http://www.pcmicro.com/support/modem_at_commands.html" for the specifics of using "Hayes" compatible Modem AT commands.

    ... There are two types of people; those who finish what they start and

    --- Mystic BBS v1.12 A48 (Windows/64)
    * Origin: Altair IV BBS (21:2/147)
  • From Mewcenary@21:1/189 to ogg on Sun Jan 8 20:34:45 2023
    Re: Re: hackers
    By: ogg to Taphophile on Sun Jan 08 2023 02:17 pm

    The phone modems of that period were used to communicate in 2 directions. Obviously, you could get incoming to your BBS. But you used them when calling to another BBS. This "feature" of verifying a user was actually quite common. Look here

    Also a theme within the (great) film WarGames!

    Mewcenary.
    --- SBBSecho 3.20-Linux
    * Origin: Extricate BBS - bbs.extricate.org (21:1/189)
  • From esc@21:4/173 to Mewcenary on Sat Jan 7 17:57:09 2023
    TBH, nothing on the BBS side. Just let the bots try and fail at doing their thing.

    I block countries and also let Mystic figure out its own allow/denylist - it works pretty well. Additionally I have a "press escape twice" thing as a frontend doing some sort of human detection. These things combined tend to work rather well for me.

    I do a bit more on the home firewall side of things, however. There are various deny-lists and other tools that can prevent 'Known Bad' IPs from getting as far as your BBS, and also heuristically block repeated attempts.

    My home firewall is closed, I host all my services which are open to the internet on cloud infrastructure. I have a healthy paranoia of letting people into my home firewall :) Even though a VLAN would probably work just fine, I still nevertheless prefer cloud hosting.

    Defense in depth also means taking regular full backups, so in the event of a successful hack, I can restore to something Known Good.

    Yep, same. I take daily backups for a week, weeklies for a month, monthlies for a year, and yearlies.

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From esc@21:4/173 to Taphophile on Tue Jan 10 03:08:57 2023
    Back in the day, I had a friend who hosted CHRIS-CO BBS (his name is Chris) and he wrote a script for his VBBS6.14/VAdvanced 2.10 board that new users had to input the phone number they were calling from, and the board would disconnect them and then call that number and somehow (i
    don't remember the details) verify that it was a legit caller. I think
    you could have your dialer software open and answer an incoming call? I really don't remember I wasn't even driving back then I was a kiddo. I thought that was real neat though! He had a number of scripts written,
    and even wrote his own net "CHRIS-NET" that all the local boards were apart of. I don't know what ever happened to that dood. His handle was "Computer Whiz".

    Ah yes, these were called "Call Back Verifiers" (or CBV for short).

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From Alonzo@21:1/130 to esc on Tue Jan 10 10:29:56 2023
    I have been making daily backups. That's the best I can do for now. I screw things up enough by myself, so I don't really need any outside help. Haha

    ... As a matter of fact, it IS a banana in my pocket!

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Alonzo@21:1/130 to esc on Tue Jan 10 10:34:13 2023
    Chris) and he wrote a script for his VBBS6.14/VAdvanced 2.10 board th new users had to input the phone number they were calling from, and t board would disconnect them and then call that number and somehow (i don't remember the details) verify that it was a legit caller. I thin

    Yeah I did the same thing with a board I had back in the 90s. I eventually quit using it because most people ignored it. With Telnet though, it's complicated. What would you verify? You can't verify an IP because people just use VPNs, so IP addresses are meaningless. And if people are just trying to brak your BBS, they never register anyway, so there's no personal info.

    ... We all live in a yellow subroutine...

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Tracker1@21:3/149 to Alonzo on Wed Jan 11 19:07:56 2023
    On 1/7/23 06:48, Alonzo wrote:
    My board doesn't get any real callers, but I get a constant barrage of people trying to break in.

    Most likely automated scripts... Not sure how difficult it would be...
    but you could simply drop any terminal connections that don't detect at
    least ANSi support. Since the automated scripts most likely don't.

    This may of course limit a handful of real users with older terminal appliances.

    IIRC, Synchronet's login.js does this by default now.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com
    --- SBBSecho 3.15-Linux
    * Origin: Roughneck BBS - roughneckbbs.com (21:3/149)
  • From Tracker1@21:3/149 to Alonzo on Wed Jan 11 19:22:42 2023
    On 1/10/23 08:34, Alonzo wrote:

    Yeah I did the same thing with a board I had back in the 90s. I
    eventually quit using it because most people ignored it. With
    Telnet though, it's complicated. What would you verify? You can't
    verify an IP because people just use VPNs, so IP addresses are
    meaningless. And if people are just trying to brak your BBS,
    they never register anyway, so there's no personal info.

    I've thought about pre-verifying email addresses in order to login. I
    changed my telnet login to use "email" first, so new users it's the
    first thing, but haven't coded up the preverify logic yet.

    Also considering adding SMS verification as an alternative to email verification.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com
    --- SBBSecho 3.15-Linux
    * Origin: Roughneck BBS - roughneckbbs.com (21:3/149)
  • From Kidd Wicked@21:1/169 to Alonzo on Fri Jan 13 11:42:39 2023
    On 08 Jan 2023, Alonzo said the following...

    I have my Router blocking countries now, I have about 7 or 8 of them, the usual suspects, North Korea, Russia, China, and a few other Communist states.. It works well for me.. My Mystic which is on port

    I haven't thought of actually blocking countries at the router. I've been letting Mystic take care of that. But if it gets worse, I'll try that. Thanks.


    I didn't think of that either. I was just blocking at the bbs level.

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... What hair color do they put on the driver's licenses of bald men?

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Sinner's Haven 2.0 (21:1/169)
  • From Alonzo@21:1/130 to Tracker1 on Fri Jan 13 20:39:18 2023
    Yeah, I am thinking about limiting access to ANSI-only. I am getting so sick of these bots and clueless people. It's really taking the fun out of it.

    ... Operator, give me the number for 911

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From MaNDaRaX@21:1/158 to Alonzo on Sat Jan 14 06:18:56 2023
    Yeah, I am thinking about limiting access to ANSI-only. I am getting so sick of these bots and clueless people. It's really taking the fun out
    of it.

    Yeah, an ANSI restriction may limit SOME bots. However, even many regular linux terms wil return they can render ANSI to that check.

    |13MaNDaRaX
    |09Location: |05Victoria's Secret

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (21:1/158)
  • From Oli@21:3/102 to Tracker1 on Sat Jan 14 12:45:47 2023
    Tracker1 wrote (2023-01-11):

    On 1/10/23 08:34, Alonzo wrote:

    Yeah I did the same thing with a board I had back in the 90s. I
    eventually quit using it because most people ignored it. With
    Telnet though, it's complicated. What would you verify? You can't
    verify an IP because people just use VPNs, so IP addresses are
    meaningless. And if people are just trying to brak your BBS,
    they never register anyway, so there's no personal info.

    I've thought about pre-verifying email addresses in order to login. I changed my telnet login to use "email" first, so new users it's the
    first thing, but haven't coded up the preverify logic yet.

    Also considering adding SMS verification as an alternative to email verification.

    A great way to discourage users to sign up. As a user, how do I know that your BBS is not a honeypot for collecting email addresses and phone numbers? I also have to assume that my personal data is in no way protected on you system and might be listed for everyone to see in the BBS. Especially if there is no privacy policy to read before email / SMS verification..

    I don't understand why you need a login at all right after the connection is established. Why not have an open BBS were users are free to surf the boards? And if they want to write messages or read restricted areas they have to register/login first. Like with any web forum. This model works. Requiring registration before you can see anything just creates a bunch of dead user accounts. It's not the 80s/90s anymore.

    Best way to discourage bots is running on another port than 22 / 23. There could also be a very simple captcha / are you a human? puzzle at the start, if the bots are still there.

    I would enjoy the few remaining years of stupid bots without worrying too much about login unsuccessful attempts showing up in the log files. Soon the bots will be indistinguishable from humans. And they will create their own thriving BBS scene.



    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Kidd Wicked@21:1/169 to Oli on Sat Jan 14 10:05:12 2023
    Tracker1 wrote (2023-01-11):

    A great way to discourage users to sign up. As a user, how do I know
    that your BBS is not a honeypot for collecting email addresses and phone

    you have to be very stupid to use a bbs as a honeypot in 2023.

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... They say there's always one weirdo on the bus, but I couldn't find them!

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Sinner's Haven 2.0 (21:1/169)
  • From claw@21:1/210 to MaNDaRaX on Sat Jan 14 11:09:49 2023
    On 14 Jan 2023, MaNDaRaX said the following...
    Yeah, I am thinking about limiting access to ANSI-only. I am getting sick of these bots and clueless people. It's really taking the fun ou of it.

    Yeah, an ANSI restriction may limit SOME bots. However, even many regular linux terms wil return they can render ANSI to that check.

    MaNDaRaX

    After I installed that press Esc 2x thing I haven't had any issues. I also use PFSense to block certain countries and also do temp blocks of certain suspicious activity. It has a list that is automatically maintained of people that cause issues and how it can block them.

    It will never be perfect but it helps a ton. Plus I get whole home ad blocking :D

    |23|04Dr|16|12Claw
    |16|14Sysop |12Noverdu |14BBS |04(|14Noverdu.com|04)
    |10Standard Ports for SSH/Telnet Web/HTTP://|14Noverdu.com:808
    |20|15fsxNet/MRC Chat/Registered Doors!/50Nodes/No Time Use! Stay On!|16|07

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Noverdu BBS (21:1/210)
  • From MaNDaRaX@21:1/158 to claw on Sun Jan 15 05:29:17 2023
    After I installed that press Esc 2x thing I haven't had any issues. I

    I agree.. When I programmed a random button (hit twice) to get in 'firewall' it stopped most of the unwanted connections to the BBS.. Or I should say, stopped the tied up Nodes anyway.

    |13MaNDaRaX
    |09Location: |05Victoria's Secret

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (21:1/158)
  • From Exodus@21:1/176 to Oli on Sat Jan 14 14:29:23 2023
    I don't understand why you need a login at all right after the connection is established. Why not have an open BBS were users are free to surf the boards And if they want to write messages or read restricted areas they have to

    Did you ever run a BBS? You cannot connect without a user account.

    You could make a stupid guest account, but those are useless.

    --- Renegade vY2Ka2
    * Origin: Joey, do you like movies about gladiators? (21:1/176)
  • From Oli@21:3/102 to Exodus on Sun Jan 15 15:03:28 2023
    Exodus wrote (2023-01-14):

    I don't understand why you need a login at all right after the
    connection is established. Why not have an open BBS were users are
    free to surf the boards And if they want to write messages or read
    restricted areas they have to

    Did you ever run a BBS?

    Sure, back in the 90s.

    You cannot connect without a user account.

    Why not? Maybe most BBS programs try to emulate the old-school BBS, but there is no reason to do it differently.

    You could make a stupid guest account, but those are useless.

    Most BBS are useless anyway. How many people world-wide do really use a BBS regularly as a user (excluding the Sysop itself)? I bet less than there are Sysops. A BBS is mostly a toy for the Sysop.

    But what I wanted to express: why should I hand out my email address and phone number, before I can see anything of the BBS? Are you willing to do SMS verification for every website you visit? A stupid guest account is not at all useless.





    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Kidd Wicked@21:1/169 to Oli on Sun Jan 15 23:22:46 2023
    On 15 Jan 2023, Oli said the following...

    But what I wanted to express: why should I hand out my email address and phone number, before I can see anything of the BBS? Are you willing to
    do SMS verification for every website you visit? A stupid guest account
    is not at all useless.

    Welllll. A) you use the email addy for a password reset B) users need accounts because EVERYTHING on the bbs centers around an account. Oneliners, message bases, doors ext. C) if you didn't have user accounts it would basically be a website. D) Yes bbs's are mainly a bunch of sysops messing around, BUT.. I just saw a kid with a polaroid instant camera the other day, so..... Everything comes around...

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: Sinner's Haven 2.0 (21:1/169)
  • From esc@21:4/173 to Exodus on Mon Jan 16 02:10:27 2023
    You could make a stupid guest account, but those are useless.

    I've used guest accounts on any board that will let me to see if it's worth signing up. Usually if I'm just out hunting for a file or something it works great.

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From Goose@21:1/177 to esc on Mon Jan 16 10:25:34 2023
    I've used guest accounts on any board that will let me to see if it's worth signing up. Usually if I'm just out hunting for a file or
    something it works great.

    Hi there,

    whu guest accounts ? Use a website and tell about your BBS. What users can find there and its worth to sign up. Many people reading about BBSes but not everyone uses it. They only know websites, forums, facebook and so on...

    Its like every other hobby. Like Amateur Radio, Photography, Games....

    I think a guest account isnt worth to configure.
    Users need a good password to get her accounts safe.
    Mystic BBS has good blacklist function for blocking, i also use the event extension to drop it in iptables, so people cant reach the system login.

    Have a nice day :)
    Goose

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Goosenet BBS (21:1/177)
  • From sPINOZa@21:1/116 to Alonzo on Mon Jan 16 12:54:36 2023
    Yeah, I am thinking about limiting access to ANSI-only. I am getting so sick of these bots and clueless people. It's really taking the fun out
    of it.

    ANSI only won't help, entering A = A for a user in either ASCII or ANSI mode.
    I wonder if those clueless people are people. Looks more like BOTS to me. Change to a port higher than ..... 2000 - check the TCP and UDP port numbers list on wpedia for reserved ports.

    GTx!
    sPI!

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: -.sNd!gRDn.- a box full of Snd&Demo Related filez! (21:1/116)
  • From Kidd Wicked@21:1/169 to Goose on Mon Jan 16 14:58:43 2023
    On 16 Jan 2023, Goose said the following...


    whu guest accounts ? Use a website and tell about your BBS. What users

    Just go to ftelnet.ca and make a link and put it on your website or email it to people.. like this

    https://embed-v2.ftelnet.ca/connect/?BareLFtoCRLF=false&BitsPerSecond=57600&Con nectionType=telnet&Emulation=ansi-bbs&Enter=\r&Font=CP437&ForceWss=false&Hostna me=sinnershaven.com&LocalEcho=false&NegotiateLocalEcho=true&Port=23&ProxyHostna me=p-us-east.ftelnet.ca&ProxyPort=80&ProxyPortSecure=443&ScreenColumns=80&Scree nRows=25&SendLocation=true

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: bbs.SinnersHaven.com (21:1/169)
  • From Oli@21:3/102 to Kidd Wicked on Tue Jan 17 11:44:26 2023
    Kidd wrote (2023-01-15):

    On 15 Jan 2023, Oli said the following...

    But what I wanted to express: why should I hand out my email
    address and phone number, before I can see anything of the BBS? Are
    you willing to do SMS verification for every website you visit? A
    stupid guest account is not at all useless.

    Welllll. A) you use the email addy for a password reset

    How does that work? Is there a password reset option at login?

    The BBS didn't tell me for what the email is needed and used. Maybe it's displayed for everyone to see? How do I know. I only know that many sysops give a shit about privacy (laws).

    B) users need accounts because EVERYTHING on the bbs centers around an account.
    Oneliners, message bases, doors ext.

    And how do I know what is available in the BBS before I register?

    C) if you didn't have user accounts it would basically be a website.

    There are websites with and without user accounts. Web is just another interface. And that is exactly my point. Make BBSs as open and easily accessible as a website.




    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Oli@21:3/102 to Kidd Wicked on Tue Jan 17 11:54:13 2023
    Kidd wrote (2023-01-16):

    On 16 Jan 2023, Goose said the following...


    whu guest accounts ? Use a website and tell about your BBS. What
    users

    Just go to ftelnet.ca and make a link and put it on your website or email it to people.. like this

    So we need the web and man-in-the-middle websites to use a BBS?
    .... and emails
    .... and SMS verification
    .... and 128 GB of RAM for Windows 15 and Google Chrome 451 to run Gmail properly





    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Kidd Wicked@21:1/169 to Oli on Tue Jan 17 07:54:04 2023
    On 17 Jan 2023, Oli said the following...

    Welllll. A) you use the email addy for a password reset

    How does that work? Is there a password reset option at login?

    On mystic there is an option for that if you input the wrong password.

    The BBS didn't tell me for what the email is needed and used. Maybe it's displayed for everyone to see? How do I know. I only know that many
    sysops give a shit about privacy (laws).

    That is true about not telling you what it is needed for but, when bbs's started sysops had your phone numbers which would pinpoint you right down to your house. All I need is a real name and I usually can find out your address and cell number and everything about a person, FREE on the Wicked Wide Web

    B) users need accounts because EVERYTHING on the bbs centers around a account.
    Oneliners, message bases, doors ext.

    And how do I know what is available in the BBS before I register?


    How do you know whats in the bday present before you open it? Its a SURPRISE! But chance are you seen a bbs advertisement for the site and its usually on there what they offer.If not, you risk it to get the biscuit!

    C) if you didn't have user accounts it would basically be a website.

    There are websites with and without user accounts. Web is just another interface. And that is exactly my point. Make BBSs as open and easily accessible as a website.

    But then there is no skin in the game and anyone can come on and violate users privacy. Copy what they are saying. Monitor them without them knowing. Like when a sysop takes their net bases and puts them out on the web in NNTP and you google your handle and see all the shit you wrote on a bbs that you thought was private to the community.

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... The dog ate my .REP packet

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: bbs.SinnersHaven.com (21:1/169)
  • From Kidd Wicked@21:1/169 to Oli on Tue Jan 17 08:12:08 2023
    On 17 Jan 2023, Oli said the following...

    Kidd wrote (2023-01-16):

    On 16 Jan 2023, Goose said the following...


    whu guest accounts ? Use a website and tell about your BBS. What
    users

    Just go to ftelnet.ca and make a link and put it on your website o email it to people.. like this

    So we need the web and man-in-the-middle websites to use a BBS?
    .... and emails
    .... and SMS verification
    .... and 128 GB of RAM for Windows 15 and Google Chrome 451 to run Gmail properly

    I don't understand what your issue is. Tell me, How would you advertise to have people know to visit your bbs, stand in the middle of the street and shout it?? Or use a middleman bbs and post it on theirs? I gave a simple example. I made a video about what a bbs was and me using mine and posted it to my social media site with a link to the web-telnet to try and get people on. Different people come up with different ways.

    BTW, you must be good friends with Bill to have seen Winblows 15. and its 256 TB of ram, MINIMUM, to boot up.

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... If a pig loses its voice, is it disgruntled?

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: bbs.SinnersHaven.com (21:1/169)
  • From Kidd Wicked@21:1/169 to Oli on Tue Jan 17 10:39:54 2023
    And not to beat a dead horse on this subject. But if bbs's were totally open and no logon credentials, You would have to have 1000+ nodes to account for the bots taking up nodes. And if privacy is your issue. FREE email account that is not linked to you. FAKE real name. VPN which if you were smart you would already be using. FREE SMS via TEXTr to validate a number to gain access. There, now yow can try before you buy, yo yo yo!! the pirate way of life for me!!

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... "I am" is the shortest sentence in English. Is 'I do' the longest?

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: bbs.SinnersHaven.com (21:1/169)
  • From DustCouncil@21:1/227 to Oli on Tue Jan 17 19:19:41 2023
    There are websites with and without user accounts. Web is just another interface. And that is exactly my point. Make BBSs as open and easily accessible as a website.

    I sort of wish we lived in a world in which gates and fences were not necessary at all. And yeah, I'm about to say, "but we don't live in that world," but that's not important here. It bugs me, and I'm not going to get over it, the degree to which, under a cloak of anonymity, people choose to do damage, be it spamming, or abuse, or trying to crash/destroy a system. I often wonder what the whole of the Internet would look like if all of the people who spent time causing problems instead tried to contribute or build something.

    Most people seem to have accepted reality. To deal with troublemakers, we've had to spend time making spam filters, implementing captchas, multifactor authentication, and all manner of other things. There seems to be a kind of impunity with which people create havoc which has always irritated me.

    The Internet is a *miracle*. To me, it is something approaching sacred. That people treat it as badly as they do frankly makes me angry and I'm not getting over it and I'm not getting past it.

    Serious question for everyone: has anyone stopped being amazed, that this exists? That there is an *endless* amount of information out there to dig through, music and video to check out, websites, blogs, and so on? I have not stopped being amazed.

    I take none of this for granted.

    As for my BBS:

    No one cares about or calls my board; it is, as you indicate elsewhere, a kind of "toy" of mine. I put it up for one reason: I got sick and tired of two trends on other boards:

    1. Ask me ten billion personal questions to get an account. No. You don't need to know my gender or birthdate, or residential address, full stop. Real name I groan and live with since Fidonet insists on it, but I'd gladly do away with that too if I didn't carry Fidonet (and sometimes I wonder why I do.)

    2. Ridiculously short timeouts, as if resources were limited, like you had phone lines that might stay busy, locking callers out, if people idled (and fair enough, there are still boards like that - retrosystems that can only take a single caller at a time, or people still running actual dial-up). My board lets people idle for a long time, so they can get up and get a sandwich, answer a phone call, or start a UFO cult, and then come back and continue where they left off. I idle for hours at a time, and it feels right. I do that on my various shell systems, IRC, reddit...only my banks time me out.

    I actually agree that it is optimal that people should be able to check out a board before applying for an account and providing all of the personal information people ask for.

    Most boards are not very unique (mine isn't, no flex here) - we routinely call out the folks who put a lot of time into their systems, and rightly so. But there are also countless unmodded out-of-the-box Synchronets out there, for example (Mystics too). They exist for valid reasons I'm sure, but I get a little irritated when I take time to apply for an account only to find out the system is an unmodded board carrying Fidonet and fsxNet, and offering nothing else. It's not that I have a problem with those boards; I just wish I knew that before I took the time to apply.

    I don't think this is actually under debate here, but obviously it follows that people can do whatever they please with their own boards, and be as invasive or locked down as they like or require anything they like. I'm not saying what people ought to feel compelled to do.

    It's just not optimal for me. It's user-hostile. It wastes time.

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Shipwrecks & Shibboleths [San Francisco, CA - USA] (21:1/227)
  • From Exodus@21:1/176 to Oli on Tue Jan 17 17:08:15 2023
    Welllll. A) you use the email addy for a password reset

    How does that work? Is there a password reset option at login?

    On Renegade there is .. I coded one years ago. Just for this very reason.

    --- Renegade vY2Ka2
    * Origin: Joey, do you like movies about gladiators? (21:1/176)
  • From Mickey@21:1/159 to DustCouncil on Tue Jan 17 19:07:10 2023
    Re: Re: hackers
    By: DustCouncil to Oli on Tue Jan 17 2023 07:19 pm

    accessible as a website.

    I sort of wish we lived in a world in which gates and fences were not

    Did you know there were 6,122 Tradewar 2002 servers out there looking for people to play? I know, just kinda relevent.

    :-)

    .

    Mick Manning
    Bad Poetry Blues (badpoet.synchro.net:2300) gopher://centralontarioremote.com:70
    --- SBBSecho 3.14-Win32
    * Origin: Bad Poetry Blues = badpoet.synchro.net (21:1/159)
  • From Taphophile@21:4/141 to Oli on Tue Jan 17 22:01:24 2023
    Re: hackers
    By: Oli to Exodus on Sun Jan 15 2023 03:03 pm

    But what I wanted to express: why should I hand out my email address and phone number, before I can see anything of the BBS? Are you willing to do SMS verification for every website you visit? A stupid guest account is not at all useless.
    I agree in this sense. Back in the days of yesteryear when BBS's required names, phone numbers and more personalizd information, being doxxed wasn't nearly the threat that it is today. With just a little bit of information you can literally determine the color of someone's front door in just a few minutes. The login sequence could be generally updated for todays standards, but will it ever be? We'd be hard pressed to see kind of update like that across boards, unless one currently active BBS software does something like that, and you never call another software board or lesser bit board again. Best bet is to just give out fake or incorrect information. I don't think our friendly local Sysops are out to destroy our lives! Not to mention it is a cakewalk to save your login information in your telnet client and just ALT your way right in. It's painless to login.

    -Tap
    --- SBBSecho 3.11-Win32
    * Origin: -=[conchaos.synchro.net | ConstructiveChaos BBS]=- (21:4/141)
  • From claw@21:1/210 to Kidd Wicked on Wed Jan 18 08:09:13 2023
    buy, yo yo yo!! the pirate way of life for me!!

    -ķ Kdd -
    Wcked

    I believe it Yo, Ho, Ho, Its a Pirates life for me
    :p

    |23|04Dr|16|12Claw
    |16|14Sysop |12Noverdu |14BBS |04(|14Noverdu.com|04)
    |10Standard Ports for SSH/Telnet Web/HTTP://|14Noverdu.com:808
    |20|15fsxNet/MRC Chat/Registered Doors!/50Nodes/No Time Use! Stay On!|16|07

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Noverdu BBS (21:1/210)
  • From Kidd Wicked@21:1/169 to claw on Wed Jan 18 12:47:00 2023
    buy, yo yo yo!! the pirate way of life for me!!

    -ķ Kdd -
    Wcked

    I believe it Yo, Ho, Ho, Its a Pirates life for me

    I'm a ghetto pirate.. :)

    |11|03-|09|01ķ |15K|07|08dd |01|09-|03 |11
    |01 |15W|07ck|08ed |01

    ... Computers all wait at the same speed!

    --- Mystic BBS v1.12 A48 (Windows/32)
    * Origin: bbs.SinnersHaven.com (21:1/169)
  • From Geri Atricks@21:4/102 to Alonzo on Sat Jan 7 13:04:32 2023
    Put your board on a non-standard port number, that tends to cut the bots way down. Also, when you catch them be sure to add their IP to an IP Black List.

    --- Mystic BBS v1.12 A47 2021/09/29 (Windows/64)
    * Origin: Legends of Yesteryear (furmenservices.net:23322) (21:4/102)
  • From tenser@21:1/101 to Kidd Wicked on Fri Jan 20 04:56:47 2023
    On 17 Jan 2023 at 10:39a, Kidd Wicked pondered and said...

    And not to beat a dead horse on this subject. But if bbs's were
    totally open and no logon credentials, You would have to have 1000+
    nodes to account for the bots taking up nodes.

    No one cares about BBSes. Seriously. Statistically speaking,
    the total number of BBS users is in the noise around 0% globally.

    BBSes are basically useless for botnets or whatever; most bots
    mindlessly try to run a few commands and automatically disconnect
    if they don't work. Listen on a nonstandard port if the noise
    bothers you, but the idea that bots are going to suck up BBS
    capacity is unsupported by evidence.

    For that matter, node limits and timeouts are an anachronism.
    I suspect they survive in the "modern" BBS era simply because
    that's how things have always been done.

    And if privacy is your
    issue. FREE email account that is not linked to you. FAKE real name. VPN which if you were smart you would already be using. FREE SMS via TEXTr
    to validate a number to gain access. There, now yow can try before you buy, yo yo yo!! the pirate way of life for me!!

    Harder to link to you, perhaps, but that's different than "not."

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From apam@21:1/182 to tenser on Fri Jan 20 07:36:28 2023
    For that matter, node limits and timeouts are an anachronism.
    I suspect they survive in the "modern" BBS era simply because
    that's how things have always been done.

    that and multinode doors would be interesting to set up without a concept
    of nodes. (i'm thinking of the ones that require config files for each
    node)

    andrew

    --- Talisman v0.46-dev (Windows/x64)
    * Origin: Smuggler's Cove - Private BBS (21:1/182)
  • From tenser@21:1/101 to apam on Fri Jan 20 11:36:31 2023
    On 20 Jan 2023 at 07:36a, apam pondered and said...

    For that matter, node limits and timeouts are an anachronism.
    I suspect they survive in the "modern" BBS era simply because
    that's how things have always been done.

    that and multinode doors would be interesting to set up without a concept of nodes. (i'm thinking of the ones that require config files for each node)

    I think it's ok to have a concept of a "node", it's just
    the artificially low limits on them that I balk at in 2023.
    A Raspberry Pi is absurdly more powerful than what people
    were running multinode BBSes on back in the 90s, so why do
    we limit the systems the way we did back then?

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Exodus@21:1/176 to Tenser on Thu Jan 19 21:11:48 2023
    For that matter, node limits and timeouts are an anachronism.
    I suspect they survive in the "modern" BBS era simply because
    that's how things have always been done.

    Timeout on my board is 3 minutes ... has been since 1993. Why would I want someone to just tie up one of my 4 telnet nodes just sitting there all day. Are all 4 nodes going to be filled at one time in 2023, probably not. But still, I don't want to come home to see some fool that has respect for other people's stuff to just "sit there and leave". If that was the case, there would be no /G goodbye cmds.

    Not like it's hard to telnet back in within seconds and get back on. Not like you'll have to wait for a modem to negoiate or get a busy signal anymore.

    I just don't understand people. You're not only wasting MY resources by idling there, but also yours. Granted it's a tiny amount, but still a waste on resources and bandwidth.

    --- Renegade vY2Ka2
    * Origin: Joey, do you like movies about gladiators? (21:1/176)
  • From Exodus@21:1/176 to Tenser on Thu Jan 19 21:13:40 2023
    I think it's ok to have a concept of a "node", it's just
    the artificially low limits on them that I balk at in 2023.
    A Raspberry Pi is absurdly more powerful than what people
    were running multinode BBSes on back in the 90s, so why do

    When you have 400+ door games, and it takes a million config files to setup doors for each node because each node has to have a drop file, there's one example. Secondly ... After you get 4 or 5 people on one time ... things start to chug along.

    --- Renegade vY2Ka2
    * Origin: Joey, do you like movies about gladiators? (21:1/176)
  • From tenser@21:1/101 to Exodus on Sat Jan 21 03:50:17 2023

    On 19 Jan 2023 at 09:11p, Exodus pondered and said...

    For that matter, node limits and timeouts are an anachronism.
    I suspect they survive in the "modern" BBS era simply because
    that's how things have always been done.

    Timeout on my board is 3 minutes ... has been since 1993. Why would I want someone to just tie up one of my 4 telnet nodes just sitting there all day. Are all 4 nodes going to be filled at one time in 2023, probably not. But still, I don't want to come home to see some fool
    that has respect for other people's stuff to just "sit there and
    leave". If that was the case, there would be no /G goodbye cmds.

    What kind of computer do you run your BBS on? Why not 40,
    or 400 nodes? Why have a baked-in limit at all?

    Not like it's hard to telnet back in within seconds and get back on.
    Not like you'll have to wait for a modem to negoiate or get a busy
    signal anymore.

    I dunno. Someone might be in the middle of typing a
    message, get up to use the restroom, make a quick snack,
    and find themselves disconnected with a timeout that
    short. Since most BBS packages suck at saving drafts,
    they'd have to start over. Or more likely just not
    bother.

    I just don't understand people. You're not only wasting MY resources by idling there, but also yours. Granted it's a tiny amount, but still a waste on resources and bandwidth.

    This is what I'm talking about.

    What bandwidth do you think an established but
    otherwise idle TCP connection consumes? Compare
    that to the resources used in tearing-down and
    re-establishing a TCP connection. (Hint: an
    "idle" TCP connection, aside from _maybe_ the
    occasional TCP keepalive, IF you turned that on,
    uses no bandwidth. The threeway handshake to set
    one up and the _four_ packets to tear it down do.
    All of that is independent of the option negotiation
    that the TELNET protocol does, not to mention the
    bandwidth of actually logging in, etc.)

    It is, of course, your prerogative how you use
    your own resources. But if you care so much
    about those tiny amounts, it begs the question:
    why run a BBS in the first place?

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From tenser@21:1/101 to Exodus on Sat Jan 21 03:52:10 2023
    On 19 Jan 2023 at 09:13p, Exodus pondered and said...

    I think it's ok to have a concept of a "node", it's just
    the artificially low limits on them that I balk at in 2023.
    A Raspberry Pi is absurdly more powerful than what people
    were running multinode BBSes on back in the 90s, so why do

    When you have 400+ door games, and it takes a million config files to setup doors for each node because each node has to have a drop file, there's one example.

    If only there were a way to automate the generation of
    largely templatized text files. If only a small computer
    like a Raspberry Pi, that runs effectively a version of
    Unix, came with software that could do that trivially....

    Secondly ... After you get 4 or 5 people on one
    time ... things start to chug along.

    I don't believe you.

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Alonzo@21:1/130 to MaNDaRaX on Thu Jan 26 20:14:18 2023
    Yeah, an ANSI restriction may limit SOME bots. However, even many regular linux terms wil return they can render ANSI to that check.

    Limiting my BBS to ANSI-only has reduced the number of people trying to break in by about 90%. The bots get stuck because you are forced to type either a 1 or a 0 and they can't figure it out, and the humans are too lazy to pick one.

    ... A program is used to turn data into error messages.

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From Alonzo@21:1/130 to Oli on Thu Jan 26 20:16:32 2023
    I don't ask for anything except a handle and a password.

    ... Top secret! Burn before reading!

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From GOM@21:1/177.5 to Alonzo on Fri Jan 27 03:36:19 2023
    Hello Alonzo,


    Yeah, an ANSI restriction may limit SOME bots. However, even many
    regular linux terms wil return they can render ANSI to that check.

    Limiting my BBS to ANSI-only has reduced the number of people trying to break in by about 90%. The bots get stuck because you are forced to type either a 1 or a 0 and they can't figure it out, and the humans are too
    lazy to pick one.

    ... A program is used to turn data into error messages.

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)


    Why you got so many people who want hack into a bbs ? It make no sense to me ?!


    GOM
    --- WinPoint 411.0
    * Origin: Gom @ 21:1/177.5 (21:1/177.5)
  • From poindexter FORTRAN@21:4/122 to Alonzo on Fri Jan 27 06:19:00 2023
    Alonzo wrote to MaNDaRaX <=-

    Limiting my BBS to ANSI-only has reduced the number of people trying to break in by about 90%. The bots get stuck because you are forced to
    type either a 1 or a 0 and they can't figure it out, and the humans are too lazy to pick one.

    That's a great idea.



    ... Contact is inevitable, leading to information bleed.
    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From poindexter FORTRAN@21:4/122 to GOM on Fri Jan 27 06:20:00 2023
    GOM wrote to Alonzo <=-

    Why you got so many people who want hack into a bbs ? It make no sense
    to me ?!

    They're looking for exploitable routers and IOT devices, most likely.



    ... Contact is inevitable, leading to information bleed.
    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From GOM@21:1/177.5 to poindexter FORTRAN on Fri Jan 27 17:38:11 2023
    //Hello poindexter,//

    on *27.01.23* at *14:20:00* You wrote in area *FSX_BBS*
    to *GOM* about *"Re: hackers"*.

    GOM wrote to Alonzo <=-

    Why you got so many people who want hack into a bbs ? It make no sense
    to me ?!

    They're looking for exploitable routers and IOT devices, most likely.



    ... Contact is inevitable, leading to information bleed.
    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)

    Ok, thst make more sense to me :)

    Thanks


    Regards,
    GOM
    --- WinPoint 411.0
    * Origin: Gom's Point (21:1/177.5)
  • From Alonzo@21:1/130 to GOM on Sat Jan 28 19:49:58 2023
    Why you got so many people who want hack into a bbs ? It make no sense

    They don't know what they are trying to hack. Most of them are bots.

    ... Confucius say: "Man who runs behind car gets exhausted"

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)
  • From nugax@21:1/167 to Alonzo on Wed Mar 8 20:58:07 2023
    On 07 Jan 23 15:15:51, Alonzo wrote:
    change the port from 23 to some other port number.

    Good idea. I will give that a try.

    ... Thats not a bug its an undocumented feature

    --- Mystic BBS v1.12 A47 2021/12/25 (Windows/64)
    * Origin: The Unmarked Van (21:1/130)


    I run on port 6023. Get very little of it.
    -Nugax (cbbs)


    --- CyberBBS v1.0.10 2023/03/08 [Debian Linux/x64]
    * Origin: CyberBBS WHQ BBS | http://www.cyberbbs.co (21:1/167)
  • From nugax@21:1/167 to sPINOZa on Wed Mar 8 20:56:05 2023
    On 16 Jan 23 12:54:36, sPINOZa wrote:
    Yeah I am thinking about limiting access to ANSI-only. I am getting so sick of these bots and clueless people. Its really taking the fun out
    of it.

    ANSI only wont help entering A = A for a user in either ASCII or ANSI mode. S>I wonder if those clueless people are people. Looks more like BOTS to me. S>Change to a port higher than ..... 2000 - check the TCP and UDP port numbers list on wpedia for reserved ports.

    GTx!
    sPI!

    --- Mystic BBS v1.12 A48 (Linux/64)
    * Origin: -.sNd!gRDn.- a box full of Snd&Demo Related filez! (21:1/116)


    I drop all Non-ANSI clients with CyberBBS. Its almost always 99.9% bots, not anyone with a dumb terminal or whatever. You won't regret it.
    -Nugax (cbbs)


    --- CyberBBS v1.0.10 2023/03/08 [Debian Linux/x64]
    * Origin: CyberBBS WHQ BBS | http://www.cyberbbs.co (21:1/167)
  • From tosanog648@21:1/137 to Blue White on Fri Apr 7 21:10:06 2023

    Thanks for the update. I really appreciate the efforts you have made for this blog.
    https://ukmenuprice.today/tim-hortons-birmingham-menu-prices/
    --- SBBSecho 3.20-Linux
    * Origin: Digital Distortion: digdist.synchro.net (21:1/137)
  • From BUCKO@21:4/176 to Alonzo on Mon May 29 21:15:40 2023
    I haven't thought of actually blocking countries at the router. I've been letting Mystic take care of that. But if it gets worse, I'll try that. Thanks.

    No sweat.. :)

    Al
    --- Platinum Xpress/Win/WINServer v7.0
    * Origin: The Hobby Line! BBS - hobbylinebbs.com (21:4/176)