Hello Robert.
10 May 16 17:44, you wrote to me:
RW> -=> Jeff Smith wrote to All <=-
JS>> Any tips or suggestions as to a way to limit/avoids telnet login
JS>> attacks on BBBS?
JS>> Lately I have been getting numerious telnet login attempts by
JS>> IP's that reversely resolve to Asian countries. The same IP will
JS>> try to login to all available nodes. No actual login is
JS>> attempted. Each open node will sit open at the login name
JS>> prompt.I have been adding up to 5 IP's at a time to the INET.BBB
JS>> file. Which then blocks those IP's. But there are plenty of other
JS>> IP's. :-)
RW> Yeah, I think that this is a problem for every one of us that runs a
RW> BBS. It got to the poing where I have inbound telnet and binkp
RW> connections running on only a certain group of nodes and web services
RW> running on another group of nodes.
I posted the above message shortly after I setup BBBS and noticed a rash
of "root" and "sysop" login attempts. As well as DOS (Denial of Service)
attempts by trying to login to all available nodes from the same IP. I
quickly configured BBBS to reject logins using invvalid user info. As well
as blocking DOS Ip's for a time. At one point I had some 5000 IP's that
were being blocked. That type of activity has dimished considerably over
the last year.
RW> * Suicidal dyslexic jumps behind train - film at 11
RW> * TagIt!/2 Version 1.00 for OS/2
RW> --- BBBS/2 v4.10 Dada-1
RW> * Origin: Neptune's Lair/2 (1:116/17)
Jeff
--- GoldED+/W32-MINGW 1.1.5-b20070503
* Origin: Region 14 IP Server - ftn.region14.org (1:14/5)
|