Mensajeria: Fercho BBS

Telnet, TelnetS, and SSH Connections

From Rob Swindell@1:103/705 to Scott Street on Mon Aug 11 15:27:34 2025

Re: Telnet, TelnetS, and SSH Connections
By: Scott Street to All on Mon Aug 11 2025 03:50 pm

To my fellow Sysop's with Telnet, TelnetS, and SSH ports open to the Internet:

A question, perhaps even a poll, what kind of 'protection' do you have in place for abusive connections?

For example, I already have entire country IP assignments blocked and if a host (IP) connects more then 5 times in a 60 second window, that IP is blocked, and added to my firewall's drop rules. These seems to have reduced the number of unwanted connections over the last year or so.

Does anyone have a better scheme?

Synchronet has support for multiple schemes:

- limiting the number of concurrent connections from the same IP address
(authenticated connnections, e.g. logged-in users, are exempt from this)
- auto-throttling and temp-blocking IPs with multiple consecutive failed login attempts
- short inactivity timeout for dumb (e.g. non-ANSI) terminals

For more info: https://wiki.synchro.net/howto:block-hackers
--- SBBSecho 3.29-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

From Scott Street@1:266/625 to All on Mon Aug 11 15:50:56 2025

To my fellow Sysop's with Telnet, TelnetS, and SSH ports open to the Internet:

A question, perhaps even a poll, what kind of 'protection' do you have in place for abusive connections?

For example, I already have entire country IP assignments blocked and if a host (IP) connects more then 5 times in a 60 second window, that IP is blocked, and added to my firewall's drop rules. These seems to have reduced the number of unwanted connections over the last year or so.

Does anyone have a better scheme?

Cheers,
Scott

--- Mystic BBS v1.12 A49 2024/05/29 (Linux/64)
* Origin: <=-{ The Digital Post }-=> (1:266/625)

From Fernando Toledo@4:902/26 to All on Tue Aug 12 20:16:50 2025

El 11/8/25 a las 16:50, Scott Street (1:266/625) escribió:

To my fellow Sysop's with Telnet, TelnetS, and SSH ports open to the Internet:

A question, perhaps even a poll, what kind of 'protection' do you have in place for abusive connections?

For example, I already have entire country IP assignments blocked and if a host (IP) connects more then 5 times in a 60 second window, that IP is blocked, and added to my firewall's drop rules. These seems to have reduced the number of unwanted connections over the last year or so.

Does anyone have a better scheme?

fail2ban works fine.
--- SBBSecho 3.27-Linux
* Origin: Dock Sud BBS - http://bbs.docksud.com.ar (4:902/26)

Quien está en Línea
Visitas Recientes
- Don Epi
  Wed Jan 1 12:11:34 2025
  desde Lanus, Bs As vía Telnet
- Looptech
  Wed Jul 9 21:51:42 2025
  desde Bs.As. vía Telnet
- Jack Sinner
  Fri Jul 11 23:58:29 2025
  desde Mar Del Plata, Buenos Aires vía Telnet
- Pinkstone
  Sat Aug 9 17:01:07 2025
  desde Caballito vía Raw

System Info

Sysop:	Fercho
Lugar:	La Plata, Buenos Aires
Usuarios:	29
Nodos:	10 (0 / 10)
Uptime:	199:58:43
Llamadas:	126
Archivoss:	15,607
Mensajes:	36,626

Novedades:

Servidor de Quake 3 Arena Online! - Conectate a ferchobbs.ddns.net, puerto 27960 y vence con tu equipo!