• Re: Script kiddie

    From Mike Powell@618:250/1 to SEAN DENNIS on Fri Mar 26 10:17:00 2021
    I haven't had any issues after putting those into my OS/2 firewall, thankfully. I'm glad it worked. The kiddies were hitting so hard
    they had all four ports locked up in less than a second.

    Sometimes those scripts seem to contain logon info, like they are trying to
    log into a pi or smart appliance that is still using the default
    credentials. In this case, it looked like they were just blasting the port with garbage data. They were taking my 3 DOS nodes down every half hour
    or so.

    Mike


    * SLMR 2.1a * Warning! Incomprehensible action is about to occur.
    --- SBBSecho 3.12-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (618:250/1)
  • From Sean Dennis@618:618/10 to Mike Powell on Fri Mar 26 18:03:06 2021
    Hello Mike,

    Friday March 26 2021 10:17, you wrote to me:

    Sometimes those scripts seem to contain logon info, like they are
    trying to log into a pi or smart appliance that is still using the
    default credentials. In this case, it looked like they were just
    blasting the port with garbage data. They were taking my 3 DOS nodes down every half hour or so.

    That's exactly what was happening. My VMODEM log shows garbage being sent immediately when it answered ... more than likely it seems to be control characters (ASCII 32 and below) so I agree with you. They were causing VMODEM to immediately lock up as soon as it answered as the calls were not even being passed to the BBS.

    Later,
    Sean

    --- GoldED/2 3.0.1
    * Origin: Outpost BBS // bbs.outpostbbs.net:10123 (618:618/10)