the BBS Xchange
the BBS Xchange

  • Pulling the plug on port 23 ...

    From Neozeed@VERT to All on Wed Sep 28 19:27:52 2016
    I've been running my old crappy 99% stock BBS for years now, and the ammount of times I get hangs from scripts hammering away on port 23 is absolutely insane. I have setup (well at least the commands didn't complain, no idea if it actually works) rate limiting on inbound port 23, but it doesn't stop.. As 2016 winds down, is it really feasable to run 90's era software on the internet using port 23?

    I'm the lone one with OS/2 and SIO of all thing. I know that there was some dump last week of public anonymous ftp sites, and I'm certainly not the only one running ancient stuff out there! ... But has anyone experenced any massive downside to not having port 23 accessable?

    I know this is one stop closer to DDNS, and non standard ports, and only having partial available hours... Things I'm doing my best to avoid by running in a VM, that I can put onto a Xeon server that I rent in a data centre so I don't have to worry about stuff like power/cooling/CPU time...

    Thoughts?

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ telnet://vert.synchro.net
  • From Al@VERT/TRMB to Neozeed on Wed Sep 28 20:10:08 2016
    Re: Pulling the plug on port 23 ...
    By: Neozeed to All on Wed Sep 28 2016 07:27 pm

    I've been running my old crappy 99% stock BBS for years now, and the ammount of times I get hangs from scripts hammering away on port 23 is absolutely insane. I have setup (well at least the commands didn't complain, no idea if it actually works) rate limiting on inbound port 23, but it doesn't stop.. As 2016 winds down, is it really feasable to run 90's era software on the internet using port 23?

    I find all that really annoying but so far that is all it is for me. I know that some folks have moved off the standard port to 26 (doesn't seem to be used for anything that I can see) or 2323.

    I don't think that would be a problem, every software I use allows me to enter a different port if needed. I guess you would need to make that know to your users and prospective users in the telnet bbs guide and other places you may be advertising. Doc's place (a busy fido bbs) recently made the switch to port 26 and all his usual users still post from there daily so it hasn't had a negetive impact that I can see.

    ... I tried to drown my problems.. they like beer too!

    ---
    ■ Synchronet ■ The Rusty MailBox - Penticton, BC Canada
  • From Sampsa@VERT/B4BBS to Al on Sat Oct 1 05:28:00 2016
    Al wrote to Neozeed <=-

    I've been running my old crappy 99% stock BBS for years now, and the ammount of times I get hangs from scripts hammering away on port 23 is absolutely insane. I have setup (well at least the commands didn't complain, no idea if it actually works) rate limiting on inbound port 23, but it doesn't stop.. As 2016 winds down, is it really feasable to run 90's era software on the internet using port 23?

    I find all that really annoying but so far that is all it is for me. I know that some folks have moved off the standard port to 26 (doesn't
    seem to be used for anything that I can see) or 2323.

    I don't think that would be a problem, every software I use allows me
    to enter a different port if needed. I guess you would need to make
    that know to your users and prospective users in the telnet bbs guide
    and other places you may be advertising. Doc's place (a busy fido bbs) recently made the switch to port 26 and all his usual users still post from there daily so it hasn't had a negetive impact that I can see.

    I'm running Synchronet on Windows (Server 2003, hey it works, I only let in port 23 anyway so not that stressed about the lack of updates) and installed PeerBlock - basically turned on all the lists, it blocked literally about
    a billion IPs (25% of IPv4 addresses out there) and the flood is now a trickle.

    Not sure about OS/2 though. I've found moving the ports doesn't do very much
    as usually these scripts are seem to be connected to some kind of port scanner.

    Your mileage may vary.

    Sampsa

    ... MultiMail, the new multi-platform, multi-format offline reader!
    --- MultiMail/Darwin v0.49
    ■ Synchronet ■ B4BBS = London, England - b4bbs.sampsa.com:2323 (telnet) or 2222 (ssh)
  • From Neozeed@VERT to Sampsa on Fri Sep 30 20:48:06 2016
    Re: Re: Pulling the plug on port 23 ...
    By: Sampsa to Al on Sat Oct 01 2016 05:28 am

    I'm running Synchronet on Windows (Server 2003, hey it works, I only let in port 23 anyway so not that stressed about the lack of updates) and installed PeerBlock - basically turned on all the lists, it blocked literally about
    a billion IPs (25% of IPv4 addresses out there) and the flood is now a trickle.

    Hmm it appears PeerBlock is a windows port of PeerGuardian... I think something like this is a second option.... I know so many people get all ban happy for SE Asia, especially China, which makes living here sometimes a royal pain in the ass for dealing with government censorship, internet censorship, geolocation, ip bans, and the rest....

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ telnet://vert.synchro.net
  • From Sampsa@VERT/B4BBS to Neozeed on Sat Oct 1 19:29:00 2016
    Neozeed wrote to Sampsa <=-

    Hmm it appears PeerBlock is a windows port of PeerGuardian... I think something like this is a second option.... I know so many people get
    all ban happy for SE Asia, especially China, which makes living here sometimes a royal pain in the ass for dealing with government
    censorship, internet censorship, geolocation, ip bans, and the rest....

    Well, basically since 95% of my bad traffic originates from SE Asia and the former Soviet states (well not like Estonia but the CIS) unfortunately it's
    the sane thing to do - like I said, I had to restart Synchro almost daily because the scripts would get stuck at the "Press Enter" prompt lol.

    Now it's not an issue.

    Anyway, I'm sure you have an SSH server / VPN to somewhere like the UK to
    get around all that BS..

    Sampsa

    PS: You still in HK?


    ... MultiMail, the new multi-platform, multi-format offline reader!
    --- MultiMail/Darwin v0.49
    ■ Synchronet ■ B4BBS = London, England - b4bbs.sampsa.com:2323 (telnet) or 2222 (ssh)
  • From Mro@VERT/BBSESINF to Neozeed on Sun Oct 2 15:25:02 2016
    Re: Re: Pulling the plug on port 23 ...
    By: Neozeed to Sampsa on Fri Sep 30 2016 08:48 pm

    Hmm it appears PeerBlock is a windows port of PeerGuardian... I think something like this is a second option.... I know so many people get all
    ban happy for SE Asia, especially China, which makes living here sometimes


    not exactly. there was peerguardian and then peerblock. and one of the devs made some blocklists.

    the blocklists are pretty stupid and block a lot of regular people so i wouldnt use them. i would use custom lists. the syntax is easy.
    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From Mojo@VERT/MOJO to All on Sun Oct 2 18:33:43 2016
    Re: Re: Pulling the plug on port 23 ...
    By: Mro to Neozeed on Sun Oct 02 2016 03:25 pm

    the blocklists are pretty stupid and block a lot of regular people so i wouldnt use them. i would use custom lists. the syntax is easy.


    I use peerguardian and iblocklist to keep out alot fo the crap logons. When I did not have it running I got so many connects that my system was so busy no one could get on. I have watched some of the connects that come in when I have peerguardian disabled and there is no users trying to connect from all the countries I am blocking just the hack attempts. So I figuire I am not missing much at all as it is now at least if someone wants to connect they can and it is not all tied up with the bogus connects.


    Mojo

    ---
    ■ Synchronet ■ Mojo's World BBS - mojo.synchro.net
  • From Mro@VERT/BBSESINF to Mojo on Sun Oct 2 21:36:05 2016
    Re: Blocklists
    By: Mojo to All on Sun Oct 02 2016 06:33 pm

    I use peerguardian and iblocklist to keep out alot fo the crap logons. When I did not have it running I got so many connects that my system was so busy no one could get on. I have watched some of the connects that come in when
    I have peerguardian disabled and there is no users trying to connect from all the countries I am blocking just the hack attempts. So I figuire I am not missing much at all as it is now at least if someone wants to connect they can and it is not all tied up with the bogus connects.



    yes, that is part of being on the internet. but like i said, residential ip addresses are on those lists. a real user could be in that range.
    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From Neozeed@VERT to Sampsa on Tue Oct 4 04:04:39 2016
    Re: Re: Pulling the plug on port 23 ...
    By: Sampsa to Neozeed on Sat Oct 01 2016 07:29 pm

    Anyway, I'm sure you have an SSH server / VPN to somewhere like the UK to get around all that BS..
    Tunnels... tunnels everywhere..... Well actually motly the EU, and USA.
    Mostly to front services for things like email because of the overall SE asia block, but once I get the tunnel up, they don't know the servers are out here.

    It's a lot more challenging when I travel, becasuse everyone seems to want to restrict stuff

    PS: You still in HK?


    I mostly float between HK & China... wanting to go back to Japan again, clean air, clean water, good food, and lower latency stateside.

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ telnet://vert.synchro.net
  • From Neozeed@VERT to Mro on Tue Oct 4 04:09:11 2016
    Re: Re: Pulling the plug on port 23 ...
    By: Mro to Neozeed on Sun Oct 02 2016 03:25 pm

    the blocklists are pretty stupid and block a lot of regular people so i wouldnt use them. i would use custom lists. the syntax is easy.

    Exactly how I see myself locking myself out.....

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ telnet://vert.synchro.net