Subj : Re: Three Password Cracking Techniques and How to Defend Against Them
To   : digimaus
From : TheCivvie
Date : Fri Feb 28 2025 11:59:18

-=> digimaus wrote to TCOB1 <=-

 TC>> Passwords are rarely appreciated until a security breach occurs;
 di>
 di> I get a kick out of running lastb and look at the strange names people
 di> use to try to break in my system.

I got my standard telnet port hit by a russian bot and it just kept recycling all the nodes. BBBS stood up load but it showed the bad firewall in my gateway's firewall. A new 4 thernet port PC has been ordered to become the gateway.

 di>
 di> Most of the names are expected, like "root", "ubuntu", "admin", and such.
 di>

Yeah I got a few of them on telnet

 di> Looks like someone in Romania was bored today.

For me it was Russia

 di>
 di> The best part is when fail2ban kicks in.  I have a very customized
 di> install of f2b that has a "subnet-recidive" filter in it that blocks
 di> problematic subnets for 26 weeks at a time.
 di>
 di> I also have a firewall set up on the BBS box and pfSense as my edge
 di> firewall device.
 di>
 di> While there's no perfect solution, no one has ever been successful in
 di> breaking into my system yet.
 di>
 di> I should change some passwords though...been using them for a long time.
 di>

Yeah the gateway I have has a firewall and I think until I opened port 23, it was ok. But opening that showed the lack of a decent firewall on the gateway. It is a decent enough system but a new firewall is being built.

Sean


.... TCOB1: https://binkd.rima.ie telnet: binkd.rima.ie:10023

--- BBBS/LiR v4.10 Toy-7
 * Origin: TCOB1: https/binkd/telnet binkd.rima.ie (618:500/14)

.