Hi all,

I want to run my board on port 23, but I keep getting unwanted connections to it. Mostly from Chinese hackers, I presume. Anyone know a way to solve this, with iptables or the like?

Thanks,
Joseph

|09ignatius |07(|15cia|07)

--- DayDream BBS/UNIX (Linux) 2.15a
* Origin: catch22bbs.com >>> >> > (1:340/800)

Hello Joseph!

21 May 17 23:52, you wrote to all:

I want to run my board on port 23, but I keep getting unwanted
connections to it. Mostly from Chinese hackers, I presume. Anyone know
a way to solve this, with iptables or the like?

I use this on my servers, and find it's very good.

https://github.com/tlhackque/BlockCountries


Stephen


--- GoldED+/LNX 1.1.5-b20161221
* Origin: Dragon's Lair ---:- dragon.vk3heg.net -:--- (3:633/280)

* An ongoing debate between Joseph Larsen and All rages on ...

I want to run my board on port 23, but I keep getting unwanted
connections to it. Mostly from Chinese hackers, I presume. Anyone know
a way to solve this, with iptables or the like?
--- DayDream BBS/UNIX (Linux) 2.15a
* Origin: catch22bbs.com >>> >> > (1:340/800)

You could install the linux flavor of Mystic BBS as it has the ability to block

connects by country. To be honest, you'll get some hack attempts from everywhere, including the US, but most come from China as you pointed out {chuckle}. My access log by Country:

=== Cut ===

Mystic Telnet Connection(s) Summary

The Positronium Repository telnet://cmech.dynip.com

_______________________________________________________________________________

Albania ........................................... : 30
Andorra ........................................... : 54 0.1%
Argentina ......................................... : 1,061 2.2%
Armenia ........................................... : 13
Australia ......................................... : 281 0.5%
Austria ........................................... : 7
Azerbaijan ........................................ : 9
Bahamas ........................................... : 5
Bahrain ........................................... : 2
Bangladesh ........................................ : 25
Barbados .......................................... : 2
Belarus ........................................... : 40
Belgium ........................................... : 51 0.1%
Belize ............................................ : 2
Bolivia ........................................... : 35
Bonaire, Sint Eustatius and Saba .................. : 17
Botswana .......................................... : 11
Brazil ............................................ : 2,163 4.4%
Brunei Darussalam ................................. : 2
Bulgaria .......................................... : 245 0.5%
Cambodia .......................................... : 36
Canada ............................................ : 138 0.2%
Chile ............................................. : 64 0.1%
China ............................................. : 11,873 24.6%
Colombia .......................................... : 289 0.6%
Costa Rica ........................................ : 156 0.3%
C⌠te d'Ivoire ..................................... : 2
Croatia ........................................... : 25
Curaτao ........................................... : 1
Czech Republic .................................... : 364 0.7%
Denmark ........................................... : 12
Dominican Republic ................................ : 93 0.1%
Ecuador ........................................... : 298 0.6%
Egypt ............................................. : 344 0.7%
El Salvador ....................................... : 1
Estonia ........................................... : 1
Ethiopia .......................................... : 2
Finland ........................................... : 25
France ............................................ : 187 0.3%
Georgia ........................................... : 1
Germany ........................................... : 98 0.2%
Greece ............................................ : 70 0.1%
Guatemala ......................................... : 26
Honduras .......................................... : 27
Hong Kong ......................................... : 121 0.2%
Hungary ........................................... : 120 0.2%
India ............................................. : 1,429 2.9%
Indonesia ......................................... : 110 0.2%
Iran .............................................. : 578 1.2%
Iraq .............................................. : 13
Ireland ........................................... : 4
Israel ............................................ : 148 0.3%
Italy ............................................. : 242 0.5%
Jamaica ........................................... : 20
Japan ............................................. : 44
Jordan ............................................ : 18
Kazakhstan ........................................ : 167 0.3%
Korea, Republic of ................................ : 1,771 3.6%
Kuwait ............................................ : 22
Latvia ............................................ : 60 0.1%
Lebanon ........................................... : 1
Lithuania ......................................... : 26
Macao ............................................. : 5
Macedonia, the former Yugoslav Republic of ........ : 15
Malaysia .......................................... : 121 0.2%
Maldives .......................................... : 11
Malta ............................................. : 11
Martinique ........................................ : 3
Mauritius ......................................... : 3
Mexico ............................................ : 1,112 2.3%
Moldova, Republic of .............................. : 128 0.2%
Mongolia .......................................... : 24
Montenegro ........................................ : 4
Morocco ........................................... : 95 0.1%
Mozambique ........................................ : 1
Nepal ............................................. : 4
Netherlands ....................................... : 218 0.4%
New Caledonia ..................................... : 6
New Zealand ....................................... : 26
Nicaragua ......................................... : 2
Nigeria ........................................... : 5
Norway ............................................ : 72 0.1%
Oman .............................................. : 57 0.1%
Pakistan .......................................... : 129 0.2%
Palestine, State of ............................... : 33
Panama ............................................ : 47
Paraguay .......................................... : 2
Peru .............................................. : 136 0.2% Philippines ....................................... : 50 0.1%
Poland ............................................ : 388 0.8%
Portugal .......................................... : 49 0.1%
Puerto Rico ....................................... : 86 0.1%
Qatar ............................................. : 61 0.1%
Romania ........................................... : 782 1.6%
Russian Federation ................................ : 4,470 9.2%
Saint Vincent and the Grenadines .................. : 1
Saudi Arabia ...................................... : 114 0.2%
Senegal ........................................... : 28
Serbia ............................................ : 78 0.1%
Seychelles ........................................ : 79 0.1%
Singapore ......................................... : 46
Slovakia .......................................... : 21
Slovenia .......................................... : 4
Somalia ........................................... : 2
South Africa ...................................... : 48
Spain ............................................. : 813 1.6%
Sri Lanka ......................................... : 2
Sweden ............................................ : 441 0.9% Switzerland ....................................... : 186 0.3%
Syrian Arab Republic .............................. : 4
Taiwan, Province of China ......................... : 1,490 3.0%
Tajikistan ........................................ : 2
Tanzania, United Republic of ...................... : 2
Thailand .......................................... : 359 0.7%
Trinidad and Tobago ............................... : 36
Tunisia ........................................... : 31
Turkey ............................................ : 1,538 3.1%
Uganda ............................................ : 3
Ukraine ........................................... : 7,913 16.4%
United Arab Emirates .............................. : 31
United Kingdom .................................... : 241 0.5%
United States ..................................... : 1,117 2.3%
Uruguay ........................................... : 17
Uzbekistan ........................................ : 33
Venezuela ......................................... : 82 0.1%
Viet Nam .......................................... : 2,082 4.3%

_______________________________________________________________________________

Total Connects = 48,104

=== Cut ===

.- Keep the faith, --------------------------------------------------.
| |
| Ben aka cMech Web: http|ftp|binkp|telnet://cmech.dynip.com |
| Email: fido4cmech(at)lusfiber.net |
| Home page: http://cmech.dynip.com/homepage/ | `----------- WildCat! Board 24/7 +1-337-984-4794 any BAUD 8,N,1 ---'

... He who can't endure the bad won't live to see the good. Yiddish Proverb
--- GoldED+/W32-MSVC v1.1.5-b20170303 ... via Mystic BBS!
* Origin: FIDONet - The Positronium Repository (1:393/68)

Hello mark!

23 May 17 02:34, you wrote to Richard Menedetter:

perhaps you can explain how to put MBSE or BBBS on SSH then?

MBSE doesn't need to be told anything about ssh. Once your account is created you simply ssh to the machine and login.

I haven't tried creating a new account via ssh, but I would assume that
won't work due to the nature of ssh.

Shawn

... Sow your wild oats on Saturday night, then on Sunday pray for crop failure --- GoldED+/LNX 1.1.5-b20160322
* Origin: Tiny's BBS - www.tinysbbs.com (1:229/452.3)

On 2017 May 23 05:19:28, you wrote to me:

perhaps you can explain how to put MBSE or BBBS on SSH then?

MBSE doesn't need to be told anything about ssh. Once your account is created you simply ssh to the machine and login.

interesting... i was under the impression that it was spawned using telnet...

I haven't tried creating a new account via ssh, but I would assume
that won't work due to the nature of ssh.

sounds legit ;)

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Why are you wasting your time reading taglines?
---
* Origin: (1:3634/12.73)

Hi mark!

23 May 2017 02:34, from mark lewis -> Richard Menedetter:

Then it is time to abandon modem shims.
We are not chiseling stone tablets any more ...

perhaps you can explain how to put MBSE or BBBS on SSH then?

By abandoning them?

I can only say that I would not dare to make anything listen on a public telnet
port in todays internet ...

CU, Ricsi

--- GoldED+/LNX
* Origin: Don't rattle my cage. The door is not locked! (2:310/31)

On 2017 May 23 20:00:12, you wrote to me:

Then it is time to abandon modem shims. We are not chiseling stone
tablets any more ...

perhaps you can explain how to put MBSE or BBBS on SSH then?

By abandoning them?

they're relatively new tech, man...

I can only say that I would not dare to make anything listen on a
public telnet port in todays internet ...

and here i have no problems with several frontdoor nodes on one system as well as SBBS on another dealing with these... they connect, they get blocked, done...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Always make sure you understand completely what you're jumping into.
---
* Origin: (1:3634/12.73)

Hello Shawn!

23 May 17 05:19, you wrote to mark lewis:

I haven't tried creating a new account via ssh, but I would assume
that won't work due to the nature of ssh.

Correct. The bbs account (used for new user registration) does not have a password, and therefore cannot be logged into via SSH.

In theory one could add a password to that account, but then you would need a method to distribute the password to potential new users.

Andrew

--- GoldED+/LNX 1.1.5-b20170303
* Origin: Phoenix BBS * phoenix.bnbbbs.net (1:320/219)

Hello mark!

23 May 17 11:46, you wrote to Shawn Highfield:

MBSE doesn't need to be told anything about ssh. Once your
account is created you simply ssh to the machine and login.

interesting... i was under the impression that it was spawned using telnet...

MBSE's mblogin program replaces the standard login for telnet connections. For SSH connections, the standard ssh login procedure prevails. Since the BBS users have unix accounts with /opt/mbse/bin/mbsebbs as their shell, the SSH users are connected directly to the BBS after they successfully log in.

Andrew

--- GoldED+/LNX 1.1.5-b20170303
* Origin: Phoenix BBS * phoenix.bnbbbs.net (1:320/219)

Hello mark!

23 May 17 11:46, you wrote to me:

interesting... i was under the impression that it was spawned using telnet...

MBSE unlike the rest doesn't have a built in telnet daemon, it uses the
tools in the OS itself. That's why when creating a new user it logs you
off and you have to reconnect using the newly created account (as the 'bbs' user runs the newuser script)

I haven't tried creating a new account via ssh, but I would
assume that won't work due to the nature of ssh.

sounds legit ;)

I just tried... It didn't work for me, however I also didn't try
with syncterm ssh which /may/ allow it to work.

If you want to try, the telnet port is 2323 and the ssh port is 22
here at tinysbbs.com and those ports direct you to my pi.

Shawn

... Go on, be yourself! There isn't anyone better qualified.
--- GoldED+/LNX 1.1.5-b20160322
* Origin: Tiny's BBS - www.tinysbbs.com (1:229/452.3)

On 2017 May 23 16:41:58, you wrote to Shawn Highfield:

I haven't tried creating a new account via ssh, but I would assume
that won't work due to the nature of ssh.

Correct. The bbs account (used for new user registration) does not
have a password, and therefore cannot be logged into via SSH.

In theory one could add a password to that account, but then you would need a method to distribute the password to potential new users.

similar to how some underground and scene boards have one hidden in their text screens that you're supposed to read when signing up... possibly something on the initial screen with the initial prompts... assuming that SSH servers can even transmit a login screen in the first place...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... My hard disk is full! Maybe I'll try this message section thing.
---
* Origin: (1:3634/12.73)

On 2017 May 23 16:46:04, you wrote to me:

MBSE doesn't need to be told anything about ssh. Once your account
is created you simply ssh to the machine and login.

interesting... i was under the impression that it was spawned using
telnet...

MBSE's mblogin program replaces the standard login for telnet
connections. For SSH connections, the standard ssh login procedure prevails. Since the BBS users have unix accounts with /opt/mbse/bin/mbsebbs as their shell, the SSH users are connected
directly to the BBS after they successfully log in.

interesting... i'm learning, slowly over time, that MBSE is truely built into/around the *nix system it is installed on... much like Waffle BBS was initially before they developed the DOS mimic which so many ran...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Tell me, have you ever woken up and realized you were doomed?
---
* Origin: (1:3634/12.73)

Joseph Larsen wrote to All <=-

Hi all,

I want to run my board on port 23, but I keep getting unwanted
connections to it. Mostly from Chinese hackers, I presume. Anyone know
a way to solve this, with iptables or the like?

Joseph

I know it's a real pain to try and deal with it. Try google and search for the keyword iptables block ip address. To block a whole country there is some information posted on google that will explain how to do it.

Phil
... MultiMail, the new multi-platform, multi-format offline reader!
___ MultiMail/Win v0.51

--- Mystic BBS/QWK v1.12 A39 2018/04/21 (Windows/32)
* Origin: Mystic.dynu.net 2310 (1:275/201)

Stephen Walsh wrote to Joseph Larsen <=-

Hello Joseph!

21 May 17 23:52, you wrote to all:

I want to run my board on port 23, but I keep getting unwanted
connections to it. Mostly from Chinese hackers, I presume. Anyone know
a way to solve this, with iptables or the like?

I allow my bbs system to conenct to port 23 but due to getting to much abuse I switched it to port 2300.


... MultiMail, the new multi-platform, multi-format offline reader!
___ MultiMail/Win v0.51

--- Mystic BBS/QWK v1.12 A39 2018/04/21 (Windows/32)
* Origin: Mystic.dynu.net 2310 (1:275/201)

You should all try this:

https://github.com/punktniklas/NiKom/tree/master/Extras/Botcheck

Me and others have been using it for quite a while to stop script kiddies taking down our Amiga BBS:es with too many telnet connections and it works great.


--- NiKom v2.4.0
* Origin: Delta City (deltacity.se, Vallentuna, Sweden) (2:201/120.0)

I personally have no problem blocking countries that want to act like dumb asses...

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Black Flag <ACiD Telnet HQ> blackflagbbs.com (1:135/369)

Great, now how do I get a copy of it without downloading some swedish BBS system I do not need? LOL

--- Mystic BBS v1.12 A43 2019/03/03 (Windows/32)
* Origin: Black Flag <ACiD Telnet HQ> blackflagbbs.com (1:135/369)

Great, now how do I get a copy of it without downloading some swedish BBS system I do not need? LOL

A Swedish BBS system sounds cool!? Where can I get a copy?

--- Mystic BBS v1.12 A43 2019/03/03 (Raspberry Pi/32)
* Origin: Alcoholiday / Est. 1995 / alco.bbs.io (1:123/525)