Hi Mark,

>> Any tips or suggestions as to a way to limit/avoids telnet login
>> attacks on BBBS?

>they're scripts looking for unpatched telnet servers or those that they can ru
> a dictionary attack against using the lists of usernames and passwords they
> have gathered...

Yes, agree there.  These logins that Jeff mentions have been happening here as
well... most times they don't attempt to login... just connect, then sprout
another node, disconnect, & on and on. They sometimes come in droves 

>most are likey to be botnets since those folks over there seem to prefer to ru
> pirated OSes which can't or won't be patched... then again, many over there
> probably don't even know they've been hacked and taken over...

> i've found the best protection is in the perimeter firewall using an active
> response system that blocks connections based on the traffic they transmit...

Do you mean block out say ip ranges? Outside of that I can't figure out how to
deal with this since it's now not only china, but korea, today I saw a number
of them from Mexico ... geez.

>> Then there are those few that try to login via telnet as "Root".
>> :-)

> yeah, you should put that one as well as admin and administrator in your bad
> names file... and 1234, 12345 as well

Yes, have done that early on 

> and also in your bad passwords file...

Hmm.. I don't think BBBS has a bad passwords file.. there is a bad username
file though...


Take care,
Janis

--- BBBS/Li6 v4.10 Dada-2