Re: Re: Has anyone received one of these?
  By: Todd Yatzook to Bradley D. Thornton on Thu Sep 05 2019 10:55 am

 >
 >  BD> It was kind of a shocker. I've had customers who were bad actors before 
and had to whack their services and accounts, but I've never gotten
 >  BD> something that pretty much insists that I close an open port on one of
 >  BD> my machines.
 >
 > I'd suggest that they review what a BBS is, and point them to various sites
 > of BBS-related material on the internet, showing that while telnet is 
*techincally* a way for people to acquire passwords and such, it's a medium 
that
 > also relies on closed systems and "security through obscurity".
 >

That's kind of what I was thinking. I mean, it would be unreasonable to 
actually demand that someone close this port just because of an assumption that 
it's running Telnet, because it may not be, and further, it's actually in 
/etc/services, assigned by IANA as a valid, allocated port for legitimate 
services.

 > access to one computer running a BBS wouldn't be worth it.
 >

Yes, a BBS is some seriously low hanging fruit that has a net worth of zero for 
the aggregation of a botnet lol.

 > Just sounds like you got caught up in a sweep that checks for open port 
vulnerabilites, with an automated response. I'd still follow up on a
 > response, though.

I read it over about three times, looking for an actual threat, and didn't see 
one, so perhaps an explantion, as you suggest, will make their emails stop. On 
the other hand, If push comes to shove, I'll need to consider moving to another 
port - which makes little sense to me, considering that it isn't the port on 
any given system that is vulnerable, but rather, the particular service itself.
--- SBBSecho 3.09-Linux