Subj : Re: Has anyone received one of these?
To   : Bradley D. Thornton
From : Todd Yatzook
Date : Thu Sep 05 2019 10:55 am

On 05 Sep 2019, Bradley D. Thornton said the following...

BD> It was kind of a shocker. I've had customers who were bad actors before
BD> and had to whack their services and accounts, but I've never gotten
BD> something that pretty much insists that I close an open port on one of
BD> my machines.

I'd suggest that they review what a BBS is, and point them to various sites
of BBS-related material on the internet, showing that while telnet is
*techincally* a way for people to acquire passwords and such, it's a medium
that also relies on closed systems and "security through obscurity".

In all the years that telnet has been available for BBSes, I have yet to hear
about anyone's system being compromised in any fashion. The only way I could
see it happening is if someone were to get the account of a sysop, drop to
DOS (if it's even available on that particular BBS), and *maybe* install some
malware. Which wouldn't even make sense. People looking to exploit systems
are trying to do it on a wide scale, and the effort needed to just gain
access to one computer running a BBS wouldn't be worth it.

Just sounds like you got caught up in a sweep that checks for open port
vulnerabilites, with an automated response. I'd still follow up on a
response, though.

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: http://www.throwbackbbs.com -\- meriden, ct -\- (1:142/799)