Subj : Automatically blocking connection attempts if they come too quickly
To   : fluid
From : Digital Man
Date : Mon Jun 03 2024 12:20 pm

 Re: Automatically blocking connection attempts if they come too quickly
 By: fluid to All on Mon Jun 03 2024 02:48 pm

> I have a pretty simple system I wrote on a whim last night to try and filter
> out some of the bots/scripts I kept seeing attempt to login. It requires the
> connecting client press two keys in 15 seconds. If they do not do it, they
> get disconnected.
>
> Because I wrote that system I suspect that Synchronet's built-in protection
> cannot catch bad offenders, because for a lot of them there is no "login
> attempt" to count.

Correct, you're defeating Synchronet built-in mechanisms for throttling bots.

If you look at login.js, it also automatically limits the inactivity of bot connections (based on lack of ANSI terminal detection) and that timeout is configurable in modopts.ini.

> I have read through the security documentation and I do not see any type of
> "connection attempt" thresholds that can be configured.

Bots generally try to login, so that's the mechanism used (failed login attempts) for counting/throttling - not connections. If something connects and disconnects rapidly, who cares? There is a built-in/configurable limiter for concurrent connections (from the same IP) without login, and that's a useful bot control mechanism too. Have you set the concurrent connection limit?

> If I develop a module to log connection times and IP addresses so I can see
> how many times an IP attempted to connect in a given amount of time (say the
> past hour), what would the best way to store that data be?

A database with IP addresses as keys, most likely. If you're just talking about logs of connections, then a tab-delimited text files of line-records, or possibly JSONL would work nice.

> What data storage and retrieval capability is built into Synchronet that I
> can leverage from Javascript?

.ini files and JSON are first-class data file formats for Synchronet-JS.

> Or, does the ability to throttle connection
> attempts already exist and I am just missing it? I know I saw something
> about being able to write and retrieve binary data...but I can't find that
> for the life of me today.

The JS File class has methods for reading and writing binary data. I don't think you'd want to do that (store/read binary data) for the use case you're describing.
--
                                           digital man (rob)

Synchronet "Real Fact" #11:
DOVE-Net was originally an exclusive ("elite") WWIVnet network in O.C., Calif
Norco, CA WX: 63.2�F, 79.0% humidity, 2 mph W wind, 0.00 inches rain/24hrs

---
� Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

You are viewing proxied material from bbs.kd3.us. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.