On 2017 May 22 09:44:24, you wrote to Joseph Larsen:
JL>> I want to run my board on port 23, but I keep getting unwanted
JL>> connections to it. Mostly from Chinese hackers, I presume. Anyone
JL>> know a way to solve this, with iptables or the like?
RM> That is the reality of todays Internet. Learn to live with it, and use good
RM> passwords.
it is the MIRAI critter looking for DVRs, TVs, IP Cameras and vulnerable
routers that are exposed to the WAN... there's a very short list of usernames
and passwords that it uses... one really only need to list those in the BBS'
rejection files but it won't stop the connections...
i just don't understand why folks can't or won't set up a perimeter firewall
instead of using the shitty firewall in their ISP's modem thing... put the
modem into bridge mode and let the firewall handle the connection... pfsense,
smoothwall, and others work great for handling these types of things... you can
even build and maintain a list of IPs to disallow and let the firewall block
them on their initial SYN... stop the traffic at the perimeter and keep it out
completely... it is a no brainer...
RM> Best is to abandon telnet altogether and switch to SSH.
you cannot switch old-school BBSes to SSH when using virtual modem shims...
there are not existing that speak SSH...
)\/(ark
Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it
wrong...
... My middle name is H-E-N-7-R-Y... the 7 is silent, of course
---
* Origin: (1:3634/12.73)
|
