• Stupid Sysops & Nonstandard Ports

    From dragon@1:103/705 to DOVE-Net.Synchronet_Discussion on Sunday, April 03, 2022 12:12:14
    To: DOVE-Net.Synchronet_Discussion
    Subject: Stupid Sysops & Nonstandard Ports
    @MSGID: <6249C760.37342.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security
    system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Andre@1:103/705 to dragon on Sunday, April 03, 2022 13:25:30
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    What does that matter? It just says how people have configured their BBS.

    You're missing any info about what the risks are, have any been breached, etc. I could easily make the opposite claims that most of these BBS have no regular users other than the sysop, which is caused by being on a nonstandard port. I have no data to support that, of course.

    Point is that the first step in hardening is not changing to a nonstandard port. It's just not.


    - Andre

    ---
    ï¿­ Synchronet ï¿­ Radio Mentor BBS - bbs.radiomentor.org
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From MRO@1:103/705 to dragon on Sunday, April 03, 2022 15:04:53
    Re: Stupid Sysops & Nonstandard Ports
    By: dragon to DOVE-Net.Synchronet_Discussion on Sun Apr 03 2022 12:12 pm

    The use of nonstandard ports is a good first part of a layered security system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or

    that's your opinion.

    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    it won't protect against anything.

    i've had all my bbses up for many many years on standard ports.
    they get attacks like everyone else.

    bbses don't get attacked any more than anybody else that run services on the internet and they arent crippled.

    your opinion is foolish and poorly thought out.
    running a bbs on a non standard port just makes it more difficult for the user to find the system and visit it. the most successful bbses that have been on the internet in over 20 years have not ran on a nonstandard port.

    I think you are just using this threat as a shill advertisement for your site. ---
    þ Synchronet þ ::: BBSES.info - free BBS services :::
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From The Millionaire@1:103/705 to dragon on Sunday, April 03, 2022 15:16:22

    To: DOVE-Net.Synchronet_Discussion
    Subject: Stupid Sysops & Nonstandard Ports
    @MSGID: <6249C760.37342.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    ---
    � Synchronet � IPTIA - bbs2.ipingthereforeiam.com:2323


    Sysops are not stupid.

    $ The Millionaire $
    --- SBBSecho 3.15-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to Andre on Sunday, April 03, 2022 17:01:04
    Subject: Re: Stupid Sysops & Nonstandard Ports
    @MSGID: <624A0B12.37345.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <6249E69A.5590.dove-syncdisc@bbs.radiomentor.org>
    @TZ: ff10
    On 4/3/2022 2:25 PM, Andre wrote:
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on
    nonstandard ports.

    What does that matter? It just says how people have configured their BBS.


    It says that a significant number of sysops thought there was at least
    some value in it.

    You're missing any info about what the risks are, have any been breached, etc.
    I could easily make the opposite claims that most of these BBS have no regular
    users other than the sysop, which is caused by being on a nonstandard port. I have no data to support that, of course.

    Or, they have small userbases because they are catering to a smaller,
    more tech-savvy crowd.

    Preventing breeches is not the only reason to do this. A constant
    barrage of door-rattling eats up resources and bloats log files. The
    point is that it's an OPTION.


    Point is that the first step in hardening is not changing to a nonstandard port. It's just not.


    - Andre

    ---
    � Synchronet � Radio Mentor BBS - bbs.radiomentor.org

    I didn't say it was the first step or the only step. I just said it is
    a POSSIBLE step that others have found worthwhile. Why do you guys take
    this so personally? I don't care if you use the standard port. I'm not trying to change your minds.

    In fact, I'm not trying to anything other then offer an OPTION to the
    original poster. I really didn't expect to get into a long argument
    about it.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Andre@1:103/705 to dragon on Sunday, April 03, 2022 19:46:09
    Re: Re: Stupid Sysops & Nonstandard Ports
    By: dragon to Andre on Sun Apr 03 2022 05:01 pm

    It says that a significant number of sysops thought there was at least some value in it.

    Keeping Up with the Kardashians made them collectively worth like $2B. People finding value in something doesn't necessarily mean it's good idea.


    - Andre

    ---
    þ Synchronet þ Radio Mentor BBS - bbs.radiomentor.org
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to MRO on Sunday, April 03, 2022 22:07:12
    Subject: Re: Stupid Sysops & Nonstandard Ports
    @MSGID: <624A52D3.37358.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <6249FDE5.6559.sync@bbses.info>
    @TZ: ff10
    On 4/3/2022 4:04 PM, MRO wrote:
    Re: Stupid Sysops & Nonstandard Ports
    By: dragon to DOVE-Net.Synchronet_Discussion on Sun Apr 03 2022 12:12 pm

    > The use of nonstandard ports is a good first part of a layered security
    > system in that it filters out the script kiddies and those scanning for
    > "low hanging fruit". Will it protect against a targeted attack and/or

    that's your opinion.

    > "low hanging fruit". Will it protect against a targeted attack and/or
    > experienced hackers? No.

    it won't protect against anything.

    i've had all my bbses up for many many years on standard ports.
    they get attacks like everyone else.

    bbses don't get attacked any more than anybody else that run services on the internet and they arent crippled.

    your opinion is foolish and poorly thought out.
    running a bbs on a non standard port just makes it more difficult for the user to find the system and visit it. the most successful bbses that have been on the internet in over 20 years have not ran on a nonstandard port.

    I think you are just using this threat as a shill advertisement for your site.
    ---
    � Synchronet � ::: BBSES.info - free BBS services :::

    So far you've called me foolish and stupid on multiple occasions. At
    first I thought you were just an ass, but this last suggestion that my
    opinion on using nonstandard ports is somehow a contrivance to get
    people to visit my website is laughable.

    I was sincerely trying to help the original poster. I don't see how you connected that with me trying to increase usage of my website. In fact,
    I hope no one with your level of negativity comes anywhere near it.

    Now, be so kind as to fuck off.

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From dragon@1:103/705 to The Millionaire on Sunday, April 03, 2022 22:12:41
    Subject: Re: Stupid Sysops & Nonstandard Ports
    @MSGID: <624A541B.37360.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @REPLY: <624A1CB6.46640.sync@vert.synchro.net>
    @TZ: ff10
    On 4/3/2022 6:16 PM, The Millionaire wrote:
    To: DOVE-Net.Synchronet_Discussion
    Subject: Stupid Sysops & Nonstandard Ports
    @MSGID: <6249C760.37342.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on
    nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security
    system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or
    experienced hackers? No.

    ---
    � Synchronet � IPTIA - bbs2.ipingthereforeiam.com:2323


    Sysops are not stupid.

    $ The Millionaire $

    ---
    � Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro.net

    I agree. This was in response to MRO stating that all sysops using nonstandard ports were "stupid".

    ---
    þ Synchronet þ IPTIA - bbs2.ipingthereforeiam.com:2323
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)