Forum: Too Lazy BBS

Who's Online
Recent Visitors
- Stern
  Tue Nov 19 16:21:08 2024
  from Davis, California via SSH
- Stern
  Tue Nov 19 16:18:34 2024
  from Davis, California via SSH
- Stingray
  Tue Nov 19 08:03:21 2024
  from A-Net-Online.Lol via Raw
- Stingray
  Sun Nov 17 20:36:00 2024
  from A-Net-Online.Lol via Raw

System Info

Sysop:	Amessyroom
Location:	Fayetteville, NC
Users:	39
Nodes:	6 (0 / 6)
Uptime:	62:51:42
Calls:	171
Files:	117
Messages:	63,104

Session Password recovery

From Vincent Coen@2:250/1 to All on Wed Nov 13 14:10:33 2024

Hello everybody!

I have a node that polls here every minute 24/7 with an unknown password.

In order to satisfy their poll I need to set up the system here with the password used but cannot find out how to show it in the logs, but wsa able in an earlier version some how.

Can anyone provide what I need to do setup wise etc to recover this password which if I can do this might stop this annoying behaviour.

This may need a change to the code base to do so, please help.

Vincent

--- Mageia Linux v9 X64/Mbse v1.1.0/GoldED+/LNX 1.1.5-b20240309
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

From Wilfred van Velzen@2:280/464 to Vincent Coen on Wed Nov 13 15:55:07 2024

Hi Vincent,

On 2024-11-13 14:10:33, you wrote to All:

I have a node that polls here every minute 24/7 with an unknown
password.

In order to satisfy their poll I need to set up the system here with the password used but cannot find out how to show it in the logs, but wsa able in
an earlier version some how.

Can anyone provide what I need to do setup wise etc to recover this password
which if I can do this might stop this annoying behaviour.

If done correctly in the binkp protocol, the password is never send accross the line, only checksums that are generated with the password (I think that is what the OPT CRAM-MD5 is supposed to do). So you can't recover the password from the session.

If you have no other way of communicating with the nodes sysop, I would block them on the firewall, maybe they notice that at some point in the future. Or perhaps an other node that has no session password set with this node, can deliver a crashmail for you?

Btw: I have communicated with a number of the nodes in net 250 in the past regarding AmigaNet links, so maybe if this regards a node in net 250 I have an email address for you, if you can tell me their name in that case?

Bye, Wilfred.

--- FMail-lnx64 2.3.2.4-B20240523
* Origin: FMail development HQ (2:280/464)

From Vincent Coen@2:250/1 to Wilfred van Velzen on Wed Nov 13 20:39:17 2024

Hello Wilfred!

13 Nov 24 15:55, you wrote to me:

It is 2:301/1

Hi Vincent,

On 2024-11-13 14:10:33, you wrote to All:

I have a node that polls here every minute 24/7 with an unknown
password.

In order to satisfy their poll I need to set up the system here
with the password used but cannot find out how to show it in the
logs, but wsa able in an earlier version some how.

Can anyone provide what I need to do setup wise etc to recover
this password which if I can do this might stop this annoying
behaviour.

If done correctly in the binkp protocol, the password is never send
accross the line, only checksums that are generated with the password
(I think that is what the OPT CRAM-MD5 is supposed to do). So you
can't recover the password from the session.

If you have no other way of communicating with the nodes sysop, I
would block them on the firewall, maybe they notice that at some point
in the future. Or perhaps an other node that has no session password
set with this node, can deliver a crashmail for you?

Btw: I have communicated with a number of the nodes in net 250 in the
past regarding AmigaNet links, so maybe if this regards a node in net
250 I have an email address for you, if you can tell me their name in
that case?

Bye, Wilfred.

Vincent

--- Mageia Linux v9 X64/Mbse v1.1.0/GoldED+/LNX 1.1.5-b20240309
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

From Wilfred van Velzen@2:280/464 to Vincent Coen on Wed Nov 13 21:57:02 2024

Hi Vincent,

On 2024-11-13 20:39:17, you wrote to me:

It is 2:301/1

I crashed you a netmail. ;-)

Bye, Wilfred.

--- FMail-lnx64 2.3.2.4-B20240523
* Origin: FMail development HQ (2:280/464)

From Vincent Coen@2:250/1 to Wilfred van Velzen on Wed Nov 13 20:51:27 2024

Hello Wilfred!

13 Nov 24 15:55, you wrote to me:

If done correctly in the binkp protocol, the password is never send
accross the line, only checksums that are generated with the password
(I think that is what the OPT CRAM-MD5 is supposed to do). So you
can't recover the password from the session.

If you have no other way of communicating with the nodes sysop, I
would block them on the firewall, maybe they notice that at some point
in the future. Or perhaps an other node that has no session password
set with this node, can deliver a crashmail for you?

Thanks for that idea, done for both IP and URL.

Now to confirm that works :(

Thanks again.

Vincent

--- Mageia Linux v9 X64/Mbse v1.1.0/GoldED+/LNX 1.1.5-b20240309
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)

From Floris van Unen@2:280/2050 to Vincent Coen on Wed Nov 13 22:03:32 2024

Hello Vincent!

13 Nov 24 20:39, you wrote to Wilfred van Velzen:

It is 2:301/1

according to fidonet.org nodelist lookup the domain is abad1dea.to and there are contact details on that webpage.

Floris

--- GoldED+/LNX 1.1.5--b20170303
* Origin: ----> Fidian on Azure West-Europe (Holland) IPV6. (2:280/2050)

From Vincent Coen@2:250/1 to Floris van Unen on Thu Nov 14 01:58:55 2024

Hello Floris!

13 Nov 24 22:03, you wrote to me:

Hello Vincent!

13 Nov 24 20:39, you wrote to Wilfred van Velzen:

It is 2:301/1

according to fidonet.org nodelist lookup the domain is abad1dea.to and
there are contact details on that webpage.

That address is not ping-able.

I have set its IP address to be blocked everywhere in my router.

Vincent

--- Mageia Linux v9 X64/Mbse v1.1.0/GoldED+/LNX 1.1.5-b20240309
* Origin: Air Applewood, The Linux Gateway to the UK & Eire (2:250/1)