I tried to use net2bbs, but for some reason, every time elebbs connects, it drops carrier immediately. Is there anything I can use with my BBS software that will identify repeated attacks and put them in a blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I saw wail2ban, but that only identifies login attempts for the OS.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

I tried to use net2bbs, but for some reason, every time elebbs connects, it drops carrier immediately. Is there anything I can use with my BBS software that will identify repeated attacks and put them in a
blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I saw wail2ban, but that only identifies
login attempts for the OS.

I added a text to shell command in logo.asc, which tells the user to screw
off if they're not using ansi and runs netsh to add their ip to a block in
the windows firewall. I think that's as good as it'll get!

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to All on Mon Jul 01 2024 05:27 pm

From Newsgroup: micronet.bbs

I tried to use net2bbs, but for some reason, every time elebbs connects, it drops carrier immediately. Is there anything I can use with my BBS software that will identify repeated attacks and put them in a blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I saw wail2ban, but that only identifies login attempts for the OS.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').

you can use peerblock and add bad ips to a list it can use.
but it wont do it automatically.

if you use something that's blocking shit you're going to end up blocking callers.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to Shurato on Tue Jul 02 2024 09:41 pm

I added a text to shell command in logo.asc, which tells the user to screw off if they're not using ansi and runs netsh to add their ip to a block in the windows firewall. I think that's as good as it'll get!

okay well what if it just detects their terminal wrong?

you should use synchronet as a front end for your bbses.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

I tried to use net2bbs, but for some reason, every time elebbs connects, it
drops carrier immediately. Is there anything I can use with my BBS software
that will identify repeated attacks and put them in a blacklist? I'm
already
running Mystic for MRC, and don't want to run another BBS for this... I saw
wail2ban, but that only identifies login attempts for the OS.

net2bbs works well (I used it) did you copy the .dll to the system32 dir?

Nick

--- SLMAIL v5.1 (#SLO409KEDG15G098)
* Origin: The Trashcan - The BEST Rubbish * bbs.thenet.gen.nz (618:510/10)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Nick Mackechnie said:

I tried to use net2bbs, but for some reason, every time elebbs connects,

it

drops carrier immediately. Is there anything I can use with my BBS

software

that will identify repeated attacks and put them in a blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I

saw

wail2ban, but that only identifies login attempts for the OS.

net2bbs works well (I used it) did you copy the .dll to the system32 dir?

The BBS drops carrier right upon connection and yes I copied netfoss.dll to system32, but it's not using it until dos doors are loaded.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall? By: Shurato to Shurato on Tue Jul 02 2024
09:41 pm

I added a text to shell command in logo.asc, which tells the user to

screw

off if they're not using ansi and runs netsh to add their ip to a block

in

the windows firewall. I think that's as good as it'll get!

okay well what if it just detects their terminal wrong?

you should use synchronet as a front end for your bbses.

I certainly don't want people to have to log in twice...

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Nick Mackechnie on Sat Jul 06 2024 11:50 am

net2bbs works well (I used it) did you copy the .dll to the system32 dir?

The BBS drops carrier right upon connection and yes I copied netfoss.dll to system32, but it's not using it until dos doors are loaded.

Basically you set it up wrong and need to set it up correctly.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to Jas Hud on Sat Jul 06 2024 11:51 am

okay well what if it just detects their terminal wrong?

you should use synchronet as a front end for your bbses.

I certainly don't want people to have to log in twice...

they wouldn't be logging in twice if you did it correctly.
you would be using synchronet as a front end.
it would pick up and you could use the fossil for your inferior bbs that doesn't have a fossil. you could also benefit from the banning/blocking features.

People have been doing it for 24 years.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

On 02 Jul 24 21:41:00, Shurato said the following to Shurato:

I added a text to shell command in logo.asc, which tells the user to screw off if they're not using ansi and runs netsh to add their ip to a block in the windows firewall. I think that's as good as it'll get!

What you're doing is akin to Snort in Pfsense which if you're running that or any decent firewall it should be good enough.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Nick Andre
Re: Re: Pro-active firewall?
By: Nick Andre to Shurato on Sat Jul 06 2024 08:00 pm

From Newsgroup: micronet.bbs

On 02 Jul 24 21:41:00, Shurato said the following to Shurato:

I added a text to shell command in logo.asc, which tells the user to screw off if they're not using ansi and runs netsh to add their ip to a block in the windows firewall. I think that's as good as it'll get!

What you're doing is akin to Snort in Pfsense which if you're running that or any decent firewall it should be good enough.

well he should atleast have a capcha they can solve. that's what i do and really all i have is a huge huge blocklist. the amount of attackers is almost infinite.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Jas Hud said:

To: Shurato Re: Re: Pro-active firewall? By: Shurato to Nick
Mackechnie on Sat Jul 06 2024 11:50 am

net2bbs works well (I used it) did you copy the .dll to the system32

dir?

The BBS drops carrier right upon connection and yes I copied

netfoss.dll to

system32, but it's not using it until dos doors are loaded.

Basically you set it up wrong and need to set it up correctly.

I've tried 1.25 and 1.26 beta. I've got the command line c:\ele\elebbs.exe -N*N -H*H (I've also tried adding -B115200, where it drops carrier) and it times out trying to initialize the modem. I've asked Mike and even he
doesn't know what I'm doing wrong.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Jas Hud said:

To: Shurato Re: Pro-active firewall? By: Shurato to Jas Hud on Sat
Jul 06 2024 11:51 am

okay well what if it just detects their terminal wrong?

you should use synchronet as a front end for your bbses.

I certainly don't want people to have to log in twice...

they wouldn't be logging in twice if you did it correctly. you would
be using synchronet as a front end. it would pick up and you could
use the fossil for your inferior bbs that doesn't have a fossil.
you could also benefit from the banning/blocking features.

People have been doing it for 24 years.

It's a Win32 BBS and doesn't need a fossil except for when running DOS doors, which netfoss is written for. I could use syncfoss as well if I wanted to.
I could use Mystic just as easily.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Nick Andre said:

On 02 Jul 24 21:41:00, Shurato said the following to Shurato:

I added a text to shell command in logo.asc, which tells the user to

screw

off if they're not using ansi and runs netsh to add their ip to a block

in

the windows firewall. I think that's as good as it'll get!

What you're doing is akin to Snort in Pfsense which if you're running that or any decent firewall it should be good enough.

I've just for Windows Firewall for a firewall. It will only hold a total of 1000 rules, though, so I need a solution that won't require me to purge the list every 2-3 days.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

On 06 Jul 24 20:41:00, Shurato said the following to Nick Andre:

What you're doing is akin to Snort in Pfsense which if you're running that or any decent firewall it should be good enough.

I've just for Windows Firewall for a firewall. It will only hold a total of 1000 rules, though, so I need a solution that won't require me to purge the list every 2-3 days.

Snort is a solution.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Jas Hud on Sat Jul 06 2024 08:38 pm

Basically you set it up wrong and need to set it up correctly.

I've tried 1.25 and 1.26 beta. I've got the command line c:\ele\elebbs.exe -N*N -H*H (I've also tried adding -B115200, where it drops carrier) and it times out trying to initialize the modem. I've asked Mike and even he doesn't know what I'm doing wrong.

you need to show him your command line. dont just type it in. show him
actual screenshots or provide your setup file. i've screwed up stuff too. you were probably rushing.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to Jas Hud on Sat Jul 06 2024 08:40 pm

It's a Win32 BBS and doesn't need a fossil except for when running DOS doors, which netfoss is written for. I could use syncfoss as well if I wanted to.
I could use Mystic just as easily.

You took ONE thing from that and you're missing out on all the other stuff i said you could benefit from. a front end with protection that you are looking for. also you could add or remove scripts.

net2bbs isn't really going to help your issue. it uses those blocklists but there's a lot of residential ip addresses on it. you know, ones your callers will be on.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Nick Andre on Sat Jul 06 2024 08:41 pm

I've just for Windows Firewall for a firewall. It will only hold a total of 1000 rules, though, so I need a solution that won't require me to purge the list every 2-3 days.

i already told you about peerblock.

windows firewall will start acting like shit and acting up if you add a bunch of rules to it the way you are.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Nick Andre said:

On 06 Jul 24 20:41:00, Shurato said the following to Nick Andre:

What you're doing is akin to Snort in Pfsense which if you're running

that

or any decent firewall it should be good enough.

I've just for Windows Firewall for a firewall. It will only hold a

total of

1000 rules, though, so I need a solution that won't require me to purge

the

list every 2-3 days.

Snort is a solution.

I'll try to look into that, but I have no idea what Snort is.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Jas Hud said:

To: Shurato Re: Re: Pro-active firewall? By: Shurato to Jas Hud on
Sat Jul 06 2024 08:38 pm

Basically you set it up wrong and need to set it up correctly.

I've tried 1.25 and 1.26 beta. I've got the command line

c:\ele\elebbs.exe

-N*N -H*H (I've also tried adding -B115200, where it drops carrier) and

it

times out trying to initialize the modem. I've asked Mike and even he doesn't know what I'm doing wrong.

you need to show him your command line. dont just type it in. show him actual screenshots or provide your setup file. i've screwed up stuff too. you were probably rushing.

I sent him the setup file.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

On 07 Jul 24 10:18:00, Shurato said the following to Nick Andre:

I'll try to look into that, but I have no idea what Snort is.

A plugin for Pfsense.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Re: Pro-active firewall?
By: Shurato to All on Mon Jul 01 2024 05:27 pm

I tried to use net2bbs, but for some reason, every time elebbs connects, it drops carrier immediately. Is there anything I can use with my BBS software that will identify repeated attacks and put them in a blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I saw wail2ban, but that only identifies login attempts for the OS.

If the attacks you defend against leaves a fingerprint in some logfile, you can either shoehorn fail2ban into parsing that logfile and identifying the attacks, or write a custom script that runs every so often, scans the log file and triggers a response when the attack is detected.

The script that runs periodically is not a great alternative (because if you have a scan periodicity of, say, 5 minutes, attackers can do as they want until thy are caught by the next iteration of the scaner). It s simple, though.

I am not familiar with the software you are trying to protect so I cannot be of much help.


--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Nick Andre said:

On 07 Jul 24 10:18:00, Shurato said the following to Nick Andre:

I'll try to look into that, but I have no idea what Snort is.

A plugin for Pfsense.

Oh, I just have the windows Firewall, not pfsense. It wouldn't be a solution for me; as well I wouldn't know how to add an IP address from the BBS to it.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

On 07 Jul 24 12:53:00, Shurato said the following to Nick Andre:

Oh, I just have the windows Firewall, not pfsense. It wouldn't be a solutio for me; as well I wouldn't know how to add an IP address from the BBS to it.

You don't.

Snort is an IDS. It automatically detects script kids, DDOS, POD etc and tells Pfsense to block them. An IDS is far superior than any Windows firewall.

Its part of a larger conversation about running a commercial-grade firewall at home to stop this and other crap at the source, so you are not trying to retrofit Internet security into silly hobby software never designed for such.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Arelor said:

Re: Pro-active firewall? By: Shurato to All on Mon Jul 01 2024 05:27
pm

I tried to use net2bbs, but for some reason, every time elebbs

connects, it

drops carrier immediately. Is there anything I can use with my BBS

software

that will identify repeated attacks and put them in a blacklist? I'm already running Mystic for MRC, and don't want to run another BBS for this... I saw wail2ban, but that only identifies login attempts for

the OS.

If the attacks you defend against leaves a fingerprint in some logfile,
you can either shoehorn fail2ban into parsing that logfile and identifying the attacks, or write a custom script that runs every so often, scans the log file and triggers a response when the attack is detected.

The script that runs periodically is not a great alternative (because if
you have a scan periodicity of, say, 5 minutes, attackers can do as they want until thy are caught by the next iteration of the scaner). It s
simple, though.

I am not familiar with the software you are trying to protect so I cannot
be of much help.

I'm using Windows, not Linux. fail2ban isn't an option. There is nothing other than repeated connections from the same IP, so your option wouldn't
work, no failed items in the log.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Nick Andre said:

On 07 Jul 24 12:53:00, Shurato said the following to Nick Andre:

Oh, I just have the windows Firewall, not pfsense. It wouldn't be a

solutio

for me; as well I wouldn't know how to add an IP address from the BBS

to it.

You don't.

Snort is an IDS. It automatically detects script kids, DDOS, POD etc and tells Pfsense to block them. An IDS is far superior than any Windows firewall.

Its part of a larger conversation about running a commercial-grade
firewall at home to stop this and other crap at the source, so you
are not trying to retrofit Internet security into silly hobby
software never designed for such.

Yeah, but I don't have the ability to run pfssense.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to Arelor on Mon Jul 08 2024 09:15 am

I'm using Windows, not Linux. fail2ban isn't an option. There is nothing other than repeated connections from the same IP, so your option wouldn't work, no failed items in the log.

just use peerblock, then.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Jas Hud said:

To: Shurato Re: Pro-active firewall? By: Shurato to Arelor on Mon Jul
08 2024 09:15 am

I'm using Windows, not Linux. fail2ban isn't an option. There is

nothing

other than repeated connections from the same IP, so your option

wouldn't

work, no failed items in the log.

just use peerblock, then.

I have been I was just hoping that there was a proactive option for Windows.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Pro-active firewall?
By: Shurato to Jas Hud on Mon Jul 08 2024 03:52 pm

I have been I was just hoping that there was a proactive option for Windows.

https://www.peerblock.com/

create custom lists, import country lists.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Nick Andre <=-

I've just for Windows Firewall for a firewall. It will only hold a
total of 1000 rules, though, so I need a solution that won't require me
to purge the list every 2-3 days.

I highly recommend looking at running pfSense as your edge firewall. I run it here, along with iptables and fail2ban, and while I do get script kiddies on ports 22 and 23, I can automatically block troublesome subnets for 26 weeks (!) using a special f2b filter (Linux only).

What you're doing is okay but you're putting a Band-Aid on a compound fracture.

pfSense is open source, based on FreeBSD, and when properly configured, damn near bulletproof.

-- Sean

... "I never think of the future. It comes soon enough." - A. Einstein
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Nick Andre <=-

I'll try to look into that, but I have no idea what Snort is.

Google is your friend but Snort is an open source intrusion dectection system or IDS.

-- Sean

... "Getting ready is the secret of success." - Henry Ford
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Digimaus said:

Shurato wrote to Nick Andre <=-

I've just for Windows Firewall for a firewall. It will only hold a total of 1000 rules, though, so I need a solution that won't require

me

to purge the list every 2-3 days.

I highly recommend looking at running pfSense as your edge firewall. I
run it here, along with iptables and fail2ban, and while I do get
script kiddies on ports 22 and 23, I can automatically block
troublesome subnets for 26 weeks (!) using a special f2b filter
(Linux only).

Wouldn't I need extra hardware for this? I don't have that capability.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Digimaus <=-

Wouldn't I need extra hardware for this? I don't have that capability.

Yes, you would. It's "standard practice" to have an edge firewall and then a firewall on the machine with open
ports to protect only the open ports.

Windows is horrible for security--always has been--and you will pull your hair out trying to get what you need
done under Windows. I spent the better part of 35 years dealing with Windows professionally and I'm glad I
don't have to do it anymore.

I wish you luck and good hunting on the Web to find a solution to your issues using a single Windows-only
solution.

Have you talked to rob, et al. about this?

-- Sean


... Welcome to the assumption club! I think we all know why we are here.
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Digimaus <=-

Wouldn't I need extra hardware for this? I don't have that

capability.

Yes, you would. It's "standard practice" to have an edge firewall and then a firewall on the machine with open ports to protect only the
open ports.

I'm in a studio apartment, with very little income and can't afford the room
or price of additional hardware.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Yes, you would. It's "standard practice" to have an edge firewall and then a firewall on the machine with open ports to protect only the
open ports.

I'm in a studio apartment, with very little income and can't afford the room or price of additional hardware.

Do you have a router? Many/most of them have an initial firewall built in.

Mike


* SLMR 2.1a * Oooo, Better run, Mr. Wino!!!
---
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to SHURATO, Mike Powell said:

Yes, you would. It's "standard practice" to have an edge firewall

and

then a firewall on the machine with open ports to protect only the open ports.

I'm in a studio apartment, with very little income and can't afford the

room

or price of additional hardware.

Do you have a router? Many/most of them have an initial firewall built
in.

Yes, I do. It just has a basic firewall, like Windows. I've got an instance of Mystic running now on the telnet end to forward connections to eleserv and block bots that way.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Mike Powell on Sun Jul 28 2024 09:49 am

Yes, I do. It just has a basic firewall, like Windows. I've got an instance of Mystic running now on the telnet end to forward connections to eleserv and block bots that way.

if you did a synchronet front end you could benefit from the blocking abilities. also i mentioned using peerblock software.

you could also just run it on a different port.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall? By: Shurato to Mike Powell on Sun Jul
28 2024 09:49 am

Yes, I do. It just has a basic firewall, like Windows. I've got an instance of Mystic running now on the telnet end to forward connections

to

eleserv and block bots that way.

if you did a synchronet front end you could benefit from the blocking abilities. also i mentioned using peerblock software.

you could also just run it on a different port.

The Mystic front end seems lower weight than Synchronet and does the job,
with country blocking and blocking any number of hits over a period of time. Changing ports would be confusing to existing users. I am using peerblock
as well, but with that I would have to have noticed the port bashing and then manually block that IP address. Thanks, though.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Jas Hud on Sun Jul 28 2024 05:31 pm

if you did a synchronet front end you could benefit from the blocking abilities. also i mentioned using peerblock software.

you could also just run it on a different port.

The Mystic front end seems lower weight than Synchronet and does the job,

why do you think it's 'lower weight'?
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Do you have a router? Many/most of them have an initial firewall built in.

Yes, I do. It just has a basic firewall, like Windows. I've got an instance of Mystic running now on the telnet end to forward connections to eleserv and block bots that way.

That will work.

Supposedly, you can also do what you are doing with mystic by using synchronet but I have not figured out exactly how just yet.

Mike

* SLMR 2.1a * Gone crazy, be back later, please leave message.
---
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall? By: Shurato to Jas Hud on Sun Jul 28
2024 05:31 pm

if you did a synchronet front end you could benefit from the

blocking

abilities. also i mentioned using peerblock software.

you could also just run it on a different port.

The Mystic front end seems lower weight than Synchronet and does the

job,

why do you think it's 'lower weight'?

Installing Mystic was only a couple of megs, where a whole Synchronet install seems like it would be quite a bit mor than that. It was also easy to set
up where I wouldn't have a clue how to do it with Sync.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Digimaus <=-

I'm in a studio apartment, with very little income and can't afford the room or price of additional hardware.

Me as wall. I live off of Social Security and live in a Section 8
apartment. I'm physically disabled and cannot work due to that and
doctor's orders (having teo heart attacks is a bad thing). I have
stuffed the BBS server, my pfSense firewall, and my WAP under and on
a small end table I bought from Walmart. I am hoping to get this
desk by the end of the year: https://tinyurl.com/247fg7qt
(wayfair.com) so I can move everything out to my living room and no
more computers in the bedroom save for a thin client.

I've received most of my comupters as castoffs from friends. Since
I don't run Windows, except for a VM for medical devices, my needs
are fairly light. I did buy the HPE ProLiant ML110 Gen6 for $110
(free shipping) off of eBay.

-- Sean

... Oxygen and magnesium are dating. OMg!
--- MultiMail/Win v0.52
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Digimaus <=-

I'm in a studio apartment, with very little income and can't afford

the

room or price of additional hardware.

Me as wall. I live off of Social Security and live in a Section 8 apartment. I'm physically disabled and cannot work due to that and doctor's orders (having teo heart attacks is a bad thing). I have
stuffed the BBS server, my pfSense firewall, and my WAP under and on
a small end table I bought from Walmart. I am hoping to get this
desk by the end of the year: https://tinyurl.com/247fg7qt
(wayfair.com) so I can move everything out to my living room and no
more computers in the bedroom save for a thin client.

Ok, I'm thinking about getting a mini-pc for pfsense. What is the minimal configuration I could get away with? I'm thinking 4 core, 4 thread, 8GB RAM and a 256-512GB NVME SSD.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Mike Powell
Re: Re: Pro-active firewall?
By: Mike Powell to SHURATO on Mon Jul 29 2024 09:41 am

Supposedly, you can also do what you are doing with mystic by using synchronet but I have not figured out exactly how just yet.

you mean how to run synchronet as a front end and pass off to another bbs?
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Shurato
Re: Re: Pro-active firewall?
By: Shurato to Jas Hud on Mon Jul 29 2024 01:22 pm

Installing Mystic was only a couple of megs, where a whole Synchronet install seems like it would be quite a bit mor than that. It was also easy

oh, i dont even LOOK at how much space. it's not that much though.

to set
up where I wouldn't have a clue how to do it with Sync.

hey you could have asked. also they have real good documentation unlike most other bbs softwares.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Digimaus
Re: Re: Pro-active firewall?
By: Digimaus to Shurato on Sun Jul 28 2024 05:30 pm

stuffed the BBS server, my pfSense firewall, and my WAP under and on
a small end table I bought from Walmart. I am hoping to get this
desk by the end of the year: https://tinyurl.com/247fg7qt
(wayfair.com) so I can move everything out to my living room and no

that looks fucking enormous.
I have a six foot metal and wood folding table that is real tough.
it can hold several hundred pounds.

it's something like this BUT it folds in half and has a handle so you can
carry it like a large suitcase that is heavy ass hell.

https://tinyurl.com/bigfntable
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Supposedly, you can also do what you are doing with mystic by using synchronet but I have not figured out exactly how just yet.

you mean how to run synchronet as a front end and pass off to another bbs?

Correct. I know how to do it via the doors menu, but not how to have synchronet take the call and then automatically/semi-automatically pass off without requiring a synchronet logon first.


* SLMR 2.1a * Overhead the albatross hangs motionless upon the air...
---
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Mike Powell
Re: Re: Pro-active firewall?
By: Mike Powell to JAS HUD on Fri Aug 02 2024 08:12 am

From Newsgroup: micronet.bbs

Supposedly, you can also do what you are doing with mystic by using synchronet but I have not figured out exactly how just yet.

you mean how to run synchronet as a front end and pass off to another bbs?

Correct. I know how to do it via the doors menu, but not how to have synchronet take the call and then automatically/semi-automatically pass off without requiring a synchronet logon first.

oh, that is very easy. you just use the telegate script and make it your login module.

you can even do it a few other ways.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Hello Shurato,

Thursday August 01 2024 19:24, you wrote to Digimaus:

Ok, I'm thinking about getting a mini-pc for pfsense. What is the
minimal configuration I could get away with? I'm thinking 4 core, 4 thread, 8GB RAM and a 256-512GB NVME SSD.

You could buy a pfSense firewall box preconfigured for $189 that is basically plug-and-pay: https://shop.pfsense.com/products/1100-pfsense

I'd go the preconfigured route myself. Much easier.

-- Sean

... ARRRRRGGGHHH!!!! Tension breaker, had to be done.
--- GoldED/2 3.0.1
* Origin: Outpost BBS, Johnson City, TN / bbs.outpostbbs.net:10323 (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Hello Jas,

Thursday August 01 2024 23:41, you wrote to Digimaus:

that looks fucking enormous.

It is but I need all of that real estate. It can hold all of my computers and my ham radio set up.

I have a six foot metal and wood folding table that is real tough.
it can hold several hundred pounds.

I had one too until my dad ruined it.

-- Sean

... Morfy's law: enythink thit ken go rong willl.
--- GoldED/2 3.0.1
* Origin: Outpost BBS, Johnson City, TN / bbs.outpostbbs.net:10323 (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Correct. I know how to do it via the doors menu, but not how to have
synchronet take the call and then automatically/semi-automatically pass off >> without requiring a synchronet logon first.

oh, that is very easy. you just use the telegate script and make it your login module.

you can even do it a few other ways.

Thanks, I will have to play with that some. I wonder if it allows for
multiple connections, i.e. multi-node? I will have to test that.

I thought about the login module but wasn't sure what to plug in there.

Mike

* SLMR 2.1a * Come in Number 51, Your Time Is Up!
---
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Mike Powell
Re: Re: Pro-active firewall?
By: Mike Powell to JAS HUD on Sun Aug 04 2024 05:11 pm

login module.

you can even do it a few other ways.

Thanks, I will have to play with that some. I wonder if it allows for multiple connections, i.e. multi-node? I will have to test that.

multiple connections to what
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

login module.

you can even do it a few other ways.

Thanks, I will have to play with that some. I wonder if it allows for multiple connections, i.e. multi-node? I will have to test that.

multiple connections to what

Another board that accepts multi-node connections.

Mike

* SLMR 2.1a * She cried away her life since she fell off the cradle!!
---
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: Mike Powell
Re: Re: Pro-active firewall?
By: Mike Powell to JAS HUD on Mon Aug 05 2024 09:40 am

Thanks, I will have to play with that some. I wonder if it allows for multiple connections, i.e. multi-node? I will have to test that.

multiple connections to what

Another board that accepts multi-node connections.

you arent being specific enough.
with a dos bbs picking up you'd have to work that out.

anyways, it's not complicated.

--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

* In a message originally to Shurato, Sean Dennis said:

Hello Shurato,

Thursday August 01 2024 19:24, you wrote to Digimaus:

Ok, I'm thinking about getting a mini-pc for pfsense. What is the minimal configuration I could get away with? I'm thinking 4 core, 4 thread, 8GB RAM and a 256-512GB NVME SSD.

You could buy a pfSense firewall box preconfigured for $189 that is basically plug-and-pay: https://shop.pfsense.com/products/1100-pfsense

I'd go the preconfigured route myself. Much easier.

I have a friend sending me one, so I'm set. It'll be preconfigured as well.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Hello Shurato!

06 Aug 24 18:33, you wrote to me:

I have a friend sending me one, so I'm set. It'll be preconfigured as well.

I have my pfSense box running on an old HP Elitedesk 705 desktop (3.4Ghz i5, 8GB RAM, 1TB HDD, with dual PCIe Intel PRO/1000 NICs)...absolute overkill for a firewall but it's what I had laying around in spare parts. Handles everything that gets thrown at it very nicely.

Like I said before, an edge firewall will not protect open ports. You have to have a good firewall on the machine with open ports so it can protect itself.

Sean


... "A handful of good life is better than a bushel of learning." - George Herbert
--- GoldED+/LNX 1.1.5-b20240309
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Hello Shurato!

06 Aug 24 18:33, you wrote to me:

I have a friend sending me one, so I'm set. It'll be preconfigured

as

well.

I have my pfSense box running on an old HP Elitedesk 705 desktop (3.4Ghz i5, 8GB RAM, 1TB HDD, with dual PCIe Intel PRO/1000 NICs)...absolute overkill for a firewall but it's what I had laying around in spare
parts. Handles everything that gets thrown at it very nicely.

Like I said before, an edge firewall will not protect open ports. You have to have a good firewall on the machine with open ports so it
can protect itself.

What would you suggest for Win32 for the latter? I've got Bitdefender
running, but I've been using the Windows firewall. I have some services
under Win64 and some under Linux. Win64 is running the Windows Firewall with MalwareBytes helping and Linux just has UFW.

--
Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


*** THE READER V4.50 [freeware]
---
* Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

What would you suggest for Win32 for the latter? I've got Bitdefender running, but I've been using the Windows firewall. I have some services under Win64 and some under Linux. Win64 is running the Windows Firewall wit

Are you doing this just for fun or what? I don't even think I have the firewall turned on the BBS machine. I don't see the point. My RGBOT program stops 99% of them from hitting the BBS .... yeah it gets pinged a lot, but who gives a shit. There's nothing but 2 TB of files and 950 doors ... they are more than welcome to. It's a BBS ... not a security credit card site where money is involved. There is no data there worth grabbing, well, maybe those LORD scores ....

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

On 07 Aug 24 12:51:00, Shurato said the following to Sean Dennis:

What would you suggest for Win32 for the latter? I've got Bitdefender

Nothing. Relax.

Please take it from someone who was laughed at by several when upgrading from Windows 2000 to the first OEM iteration of XP in 2002... during the round
of security nonsense that happened... that I'll be "hacked tomorrow" and "buh-bye darkrealms" and "You will never run a hub and survive a hack running that piece of shit OS or Renegade".

22 years later... I'm still here and ALL of them are lonnnnnnnnnnng gone.

Very similar hilarious popcorn entertainment just like those who claimed Hillary would win by a landslide and not a snowballs chance in hell for the orange-man.

Nick

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Shurato wrote to Sean Dennis <=-

What would you suggest for Win32 for the latter? I've got Bitdefender running, but I've been using the Windows firewall. I have some
services under Win64 and some under Linux. Win64 is running the
Windows Firewall with MalwareBytes helping and Linux just has UFW.

To be honest, I have never had to use Windows for a firewall. You can use Windows Firewall but it can be very complicated. Unfortunately, I can't
help much there.

Personally, I have never used Windows Firewall as I've always used an edge firewall and simply refused all inbound connections the Windows box didn't already initiate.

Under Slackware, I am using a custom rc.firewall that I initially created
with an online wizard then customized for myself. It's iptables-based but
does contain some Slackware-specific functions and paths.

-- Sean


--- MultiMail/Linux
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: T.J. Mcmillen
Re: Re: Pro-active firewall?
By: T.J. Mcmillen to Shurato on Wed Aug 07 2024 03:56 pm

From Newsgroup: micronet.bbs

What would you suggest for Win32 for the latter? I've got Bitdefender running, but I've been using the Windows firewall. I have some services under Win64 and some under Linux. Win64 is running the Windows Firewall wit

Are you doing this just for fun or what? I don't even think I have the firewall turned on the BBS machine. I don't see the point. My RGBOT

You should really turn on something, dude.
When those windows exploits got leaked I had a vm on the server running, but it wasn't doing anything and not accepting connections. It was a blank install of win7.

I was lazy and turned off the firewall because I didn't want to dick around with permissions for a ftp server i was going to run on it temporarily to xfer files.

They used those exploits and put ransomeware on it and did the little txt file on the desktop where i had to send them money to a bitcoin address.

With windows firewall up, they wouldn't be able to do that. My other win7 vms were fine.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: digimaus
Re: Re: Pro-active firewall?
By: digimaus to Shurato on Wed Aug 07 2024 09:52 pm

Windows Firewall with MalwareBytes helping and Linux just has UFW.

To be honest, I have never had to use Windows for a firewall. You can use Windows Firewall but it can be very complicated. Unfortunately, I can't help much there.

Well windows firewall is pretty easy.
the thing is, if you add a lot of entries it starts acting weird, or atleast for me it did.

You can also add entries via commandline line (what I did via a script).

I would only use windows firewall as a secondary measure.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

They used those exploits and put ransomeware on it and did the little txt f on the desktop where i had to send them money to a bitcoin address.

With windows firewall up, they wouldn't be able to do that. My other win7 were fine.

I think the Win7 firewall is up, yeah, the stock one is .... I know I had it down when I was having issues with net2bbs (which ending up being my router needing powered off for like 15 mins) .... Weirdest damn thing ... just would unhook the port for no reason. Crazy electric things! <G>

--- Renegade vY2Ka2
* Origin: Joey, do you like movies about gladiators? (618:500/24)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

To: T.J. Mcmillen
Re: Re: Pro-active firewall?
By: T.J. Mcmillen to Jas Hud on Thu Aug 08 2024 04:03 pm

From Newsgroup: micronet.bbs

They used those exploits and put ransomeware on it and did the little txt f on the desktop where i had to send them money to a bitcoin address.

With windows firewall up, they wouldn't be able to do that. My other win7 were fine.

I think the Win7 firewall is up, yeah, the stock one is .... I know I had it down when I was having issues with net2bbs (which ending up being my router needing powered off for like 15 mins) .... Weirdest damn thing ... just would unhook the port for no reason. Crazy electric things! <G>

i still miss blackice defender.
--- Synchronet 3.19b-Win32 NewsLink 1.113
* bbses.info - http://bbses.info - telnet://bbses.info
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Hello Jas!

07 Aug 24 21:42, you wrote to me:

Well windows firewall is pretty easy.
the thing is, if you add a lot of entries it starts acting weird, or atleast for me it did.

I made a lot of GPOs to assist Windows Firewall but yeah, get a lot of entries in it and it starts to get really unstable.

-- Sean

... May the Schwartz be with you.
--- GoldED+/LNX 1.1.5-b20240309
* Origin: Outpost BBS * Johnson City, TN (618:618/1)
* Synchronet * CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP