Subj : BBS Documentary 1/2
To : Matt Bedynek
From : Marc Lewis
Date : Sat Jul 04 2015 10:55 pm
Hello Matt.
<On 02Jul2015 07:33 Matt Bedynek (1:19/10) wrote a message to Daryl Stout
regarding BBS Documentary 1/2 >
[snip]
MB> It is unlikely someone is messing with your system. In my opinion,
MB> telnet based bulletin boards to not represent a large enough trophy
MB> for someone to concern themselves with attacking one. It would
MB> most likely be a system update which is having compatibility with
MB> legacy software. Could try seeing if running in 'compatibility'
MB> node would help.
This system takes many hundreds of "hits" per day on port 23. Bombing runs
trying to get to "root" access... Dead ended by OS/2 and VModem that answers
port 23. I look at the bombers and sometimes end up putting an entire /24 or
/16 into the firewall config, depending on where they're coming from. The
config on the BBS machine itself is now over 300 rules long. It's astounding
to watch some moron hitting the port over and over and over and over trying to
break into the system... And then jumping to a different IP and starting the
same nonsense all over again. Idiots. ;-\ Very annoying but ultimately
harmless because of the system itself.
Same stupidity with the POP3 server on a different machine (also OS/2) with
thousands of user name and password attempts. What they don't realise is the
way it's set up, even if they could somehow guess a user name and come up with
that user's password, they'd still be "up the creek without a paddle in a
sinking canoe." Not too many e-mail clients can negotiate APOP, so let'm try
and crack the 20 some-odd character random character passwords plus the salt.
It's amazing to look at the log file.
