TIP: Click on subject to list as thread! ANSI
echo: bbbs.english
to: JEFF SMITH
from: JANIS KRACHT
date: 2016-05-11 12:34:00
subject: Telnet Login Attacks?
Hi Jeff,

>> Yeah, I think that this is a problem for every one of us that runs a
>> BBS.  It got to the poing where I have inbound telnet and binkp
>> connections running on only a certain group of nodes and web services
>> running on another group of nodes.


> I posted the above message shortly after I setup BBBS and noticed a rash
> of "root" and "sysop" login attempts. As well as DOS (Denial of Service)
> attempts by trying to login to all available nodes from the same IP. I
> quickly configured BBBS to reject logins using invvalid user info. As well
> as blocking DOS Ip's for a time. At one point I had some 5000 IP's that
> were being blocked. That type of activity has dimished considerably over
> the last year.


These are the lines I use for iptables under linux to keep the buggers away
from my bbbs daemons.

Note that these lines wrap on this screen but should be entered on one line.
You enter in two lines per port, first one (#1 below), followed by the second
line (#2 below) for each port.

You change the port where necessarey (i.e., 8080 for WWW if that's what you use
for your BBBSD web server, etc.) or to add additional port.

In the second line (#2 below) you can change the seconds to a higher or lower
number, and number of hits iptables counts before it drops the connection.

====cut here====

1)sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m
 recent --set

2)sudo iptables -I INPUT -p tcp --dport 23 -i eth0 -m state --state NEW -m
 recent --update --seconds 60 --hitcount 4 -j DROP

Simply repeat each of the above to lines for different ports that you want
iptables to take care of.

Additonal Commands:
   These two commands will flush your iptables filewall, and
   remove all currently active rules. I've numbered them #3 and #4 for
   clarity but you can use them at any time.  Again, enter #3 then #4.

3)sudo iptables -F
4)sudo iptables -X

If you reboot, you will have to set iptables lines again as in #1 and #2.

To look at what you have set currently, you can type: 5)sudo iptables -L

====cut here====

Hope this helps anyone looking for help with marauders on BBBS :)

Take care,
Janis

--- BBBS/Li6 v4.10 Dada-2
* Origin: Prism bbs (1:261/38)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.