Subj : Re: Has anyone received one of these?
To   : Todd Yatzook
From : Bradley D. Thornton
Date : Thu Sep 05 2019 01:18 pm

 Re: Re: Has anyone received one of these?
 By: Todd Yatzook to Bradley D. Thornton on Thu Sep 05 2019 10:55 am

>
>  BD> It was kind of a shocker. I've had customers who were bad actors before and had to whack their services and accounts, but I've never gotten
>  BD> something that pretty much insists that I close an open port on one of
>  BD> my machines.
>
> I'd suggest that they review what a BBS is, and point them to various sites
> of BBS-related material on the internet, showing that while telnet is *techincally* a way for people to acquire passwords and such, it's a medium that
> also relies on closed systems and "security through obscurity".
>

That's kind of what I was thinking. I mean, it would be unreasonable to actually demand that someone close this port just because of an assumption that it's running Telnet, because it may not be, and further, it's actually in /etc/services, assigned by IANA as a valid, allocated port for legitimate services.

> access to one computer running a BBS wouldn't be worth it.
>

Yes, a BBS is some seriously low hanging fruit that has a net worth of zero for the aggregation of a botnet lol.

> Just sounds like you got caught up in a sweep that checks for open port vulnerabilites, with an automated response. I'd still follow up on a
> response, though.

I read it over about three times, looking for an actual threat, and didn't see one, so perhaps an explantion, as you suggest, will make their emails stop. On the other hand, If push comes to shove, I'll need to consider moving to another port - which makes little sense to me, considering that it isn't the port on any given system that is vulnerable, but rather, the particular service itself.