Russian incursion... to my bulletin board.

mark prgrmr at gmail.com
Mon May 28 22:14:00 EDT 2018 

Get blockhosts, it works very well across multiple services using multiple
methods:  https://www.aczoom.com/archive-2016/blockhosts/

mark

On Mon, May 28, 2018 at 1:16 PM, Ken D'Ambrosio <ken at jots.org> wrote:

> Hey, all. I belong to the last of a dying breed, a bulletin board.  (No,
> we no longer do dialup; it's accepted telnet since '90 or so.)  And it's
> currently under the purview of someone, though he hasn't been able to
> give it the attention it needs, so I think it's about to go to Digital
> Ocean.  (Indeed, as I type this, it's offline -- which is responsible
> for the whole line of thinking for this e-mail.)  Migration would
> normally be unremarkable, and not require an e-mail here, but... the
> damn Russian botnet problem (the one that brought Dyn down last year)
> has also caused us an issue.  The current admin has largely mitigated it
> through blacklists, but I was wondering if there might be a more
> graceful approach.  Issue: the botnet attempts to expand by searching
> for other embedded devices (generally, cameras)... by way of port 23.
> Telnet.  At any given time, we may have a dozen bogus connections from
> botnets, all trying to log in as "admin".  Of course, they fail, but
> they chew up ports, and seem to even have uncovered a bug in the BBS
> code, just by raw number of connections.  Can anyone think of a way to
> act as a proxy and:
> * Accept a telnet connection
> * Offer a login prompt
> * Reject/close the connection if the username offered is "admin"
> * Forward on the connection/credentials and act as a proxy if it's
> literally anything else?
>
> I've taken a stab at it in Ruby, but seem to have issues understanding
> exactly how the telnet module works...
>
> Thanks kindly for any thoughts or insights,
>
> -Ken
>
> P.S.  If/when it comes back up: telnet://bbs.iscabbs.com if you're that
> interested in logging in like it's 1993.  Apologies to Prince.
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.gnhlug.org/pipermail/gnhlug-discuss/attachments/20180528/428b365c/attachment.html

More information about the gnhlug-discuss mailing list