Re: Re: Has anyone received one of these?
  By: Todd Yatzook to Bradley D. Thornton on Thu Sep 05 2019 10:55 am

 >
 >  BD> It was kind of a shocker. I've had customers who were bad
actors before and had to whack their services and accounts, but I've never
gotten
 >  BD> something that pretty much insists that I close an open port on one of
 >  BD> my machines.
 >
 > I'd suggest that they review what a BBS is, and point them to various sites
 > of BBS-related material on the internet, showing that while telnet is
*techincally* a way for people to acquire passwords and such, it's a medium
that
 > also relies on closed systems and "security through obscurity".
 >

That's kind of what I was thinking. I mean, it would be unreasonable to
actually demand that someone close this port just because of an assumption
that it's running Telnet, because it may not be, and further, it's actually
in /etc/services, assigned by IANA as a valid, allocated port for
legitimate services.

 > access to one computer running a BBS wouldn't be worth it.
 >

Yes, a BBS is some seriously low hanging fruit that has a net worth of zero
for the aggregation of a botnet lol.

 > Just sounds like you got caught up in a sweep that checks for open
port vulnerabilites, with an automated response. I'd still follow up on a
 > response, though.

I read it over about three times, looking for an actual threat, and didn't
see one, so perhaps an explantion, as you suggest, will make their emails
stop. On the other hand, If push comes to shove, I'll need to consider
moving to another port - which makes little sense to me, considering that
it isn't the port on any given system that is vulnerable, but rather, the
particular service itself.
--- SBBSecho 3.09-Linux