Hi everyone,

Is there a telnet new user captcha mod available anywhere?

Thanks,
Skatin

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Telnet New User Captcha
By: Skatin to All on Wed Apr 22 2015 02:58 pm

Hi everyone,

Is there a telnet new user captcha mod available anywhere?

Did you try using the magic word setting? It's not exactly a captcha, but it serves a similar purpose.

digital man

Synchronet "Real Fact" #51:
Answers to Frequently Asked Questions: http://wiki.synchro.net/faq:index
Norco, CA WX: 61.8øF, 63.0% humidity, 1 mph ENE wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

On Wed, 22 Apr 2015, Skatin wrote to All:

Is there a telnet new user captcha mod available anywhere?

how do you propose to do captcha over telnet?

why not just enable the new login password thing where folks have to know that before they can even begin to sign up?

)\/(ark


* Origin: (1:3634/12)

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Telnet New User Captcha
By: Skatin to All on Wed Apr 22 2015 02:58 pm

Is there a telnet new user captcha mod available anywhere?
Thanks,

Mro whipped one up a while back, but I don't remember seeing it the last time I called his board(s) so maybe he decided it wasn't worth it. I don't see how it could be too incredible useful really.

One idea would be use the new user password and place it in the welcome screen - that way someone would have had to at least read that message before logging in, but you wont have to tell someone the NUP before they can even call. It'd basically be a captcha.

|01-|03nolageek


---
þ Synchronet þ Capitol Shrill BBS - Washington, DC - capitolshrill.com

Re: Telnet New User Captcha
By: Skatin to All on Wed Apr 22 2015 02:58 pm

Hi everyone,

Is there a telnet new user captcha mod available anywhere?

you can make one like i did. works pretty well.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Telnet New User Captcha
By: mark lewis to Skatin on Wed Apr 22 2015 08:31 pm

On Wed, 22 Apr 2015, Skatin wrote to All:

Is there a telnet new user captcha mod available anywhere?

how do you propose to do captcha over telnet?

you show them text and they have to type it in the input box.

on mine, if they fail the challenge they are ip blocked because that connection is probably a port scanner. i give them an 'are you sure' just incase they screw up in typing.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: Telnet New User Captcha
By: nolageek to Skatin on Thu Apr 23 2015 11:40 am

Mro whipped one up a while back, but I don't remember seeing it the last time I called his board(s) so maybe he decided it wasn't worth it. I don't see how it could be too incredible useful really.

you only see it once. then your ip is whitelisted. i didnt want it to be very annoying.


it is one of my favorite mods, actually. i have a big list of blocked ips
from port scanners and attackers.

screen - that way someone would have had to at least read that message before logging in, but you wont have to tell someone the NUP before they
can even call. It'd basically be a captcha.

yeah that works too.
what i like about mine is if they drop the connection their ip is still in my blacklist. only when they solve the challege are they removed from that list and whitelisted. so that means big list of blocked attackers for me.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Is there a telnet new user captcha mod available anywhere?

Did you try using the magic word setting? It's not exactly a captcha, but it serves a similar purpose.

I considered using the magic word but I really like the idea of having a randomized code for each new user. I'm using ReCaptcha on the web side and thought it would be cool to use something comparable on the telnet side too. I think I may just try to borrow some code from /exec/emailval.js and simply print the code to the screen instead of emailing the user.

BTW: Which file loads before newuser.js? Specifically, which file asks the new user if they have an ansi terminal? I would like to add the random code question at the beginning of the new user process.

Thanks,
Skatin

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Is there a telnet new user captcha mod available anywhere?

how do you propose to do captcha over telnet?

I simply want to print a random code to the screen that the user must enter upon registering an account.

why not just enable the new login password thing where folks have to know that before they can even begin to sign up?

I might do this if my plan A (mentioned in my reply to Digital Man) doesn't work out! :)

Kind regards,
Skatin

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

On Thu, 23 Apr 2015, Mro wrote to mark lewis:

Is there a telnet new user captcha mod available anywhere?

how do you propose to do captcha over telnet?

you show them text and they have to type it in the input box.

that much i know ;)

on mine, if they fail the challenge they are ip blocked because that connection is probably a port scanner. i give them an 'are you
sure' just incase they screw up in typing.

but that's not a traditional "captcha" as seen on web pages, right? in a text only environment, captcha would be way easy to figure out automatically... even
easier than the micreatants do with OCR and graphic texts...

)\/(ark


* Origin: (1:3634/12)

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Re: Telnet New User Captcha
By: Skatin to Digital Man on Thu Apr 23 2015 18:17:47

BTW: Which file loads before newuser.js? Specifically, which file asks the new user if they have an ansi terminal? I would like to add the random code question at the beginning of the new user process.

If I'm not mistaken from my code diving, it looks like login.js starts the process unless you have an alternate login configured in modopts. Someone correct me if I'm wrong.
---
Kostie Muirhead
AKA Underminer
The Undermine - undermine.ddns.net
Fido: 1:342/17



---
þ Synchronet þ The Undermine - undermine.ddns.net

BTW: Which file loads before newuser.js? Specifically, which file asks the new user if they have an ansi terminal? I would like to add the random code question at the beginning of the new user process.

If I'm not mistaken from my code diving, it looks like login.js starts the >> process unless you have an alternate login configured in modopts. Someone >> correct me if I'm wrong.

I'm using the following process:

login.bin (user enters "new" at login prompt) -> unknown -> newuser.js -> logon.js

unknown = The file that asks the new user if their terminal supports ansi, to enter a username, enter real name, enter email address, etc..

The first question I find in newuser.js asks the user if the account is to be used for QWK networking. So I assume there must be some other file between login.bin and newuser.js that contains the account creation questions....right?

Kind regards,
Skatin

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Re: Telnet New User Captcha
By: Skatin to Digital Man on Thu Apr 23 2015 06:17 pm

Is there a telnet new user captcha mod available anywhere?

Did you try using the magic word setting? It's not exactly a captcha, but it serves a similar purpose.

I considered using the magic word but I really like the idea of having a randomized code for each new user. I'm using ReCaptcha on the web side and thought it would be cool to use something comparable on the telnet side too. I think I may just try to borrow some code from /exec/emailval.js and simply print the code to the screen instead of emailing the user.

BTW: Which file loads before newuser.js?

login.js (usually)

Specifically, which file asks the new user if they have an ansi terminal?

That question is actually hard-coded, but the text is in ctrl/text.dat. You could actually use an @exec:<mod>@ code to execute a module (JS script) there if you really wanted to, but it would also appear when changing user settings/defaults and you probably wouldn't want that.

I would like to add the random code
question at the beginning of the new user process.

There is a text.dat line called StartingNewUserRegistration. You could @exec a module there to display and prompt for your random code and hangup the user if they don't respond correctly. That should work.

digital man

Synchronet "Real Fact" #15:
Synchronet first supported FidoNet networking (with SBBSFIDO) in 1992.
Norco, CA WX: 56.0øF, 85.0% humidity, 6 mph ESE wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

On Thu, 23 Apr 2015, Skatin wrote to mark lewis:

Is there a telnet new user captcha mod available anywhere?

how do you propose to do captcha over telnet?

I simply want to print a random code to the screen that the user
must enter upon registering an account.

that should be easy enough to do with a bit of baja or javascript code which is
executed at the desired place during the new user registration process...

why not just enable the new login password thing where folks have to
know that before they can even begin to sign up?

I might do this if my plan A (mentioned in my reply to Digital Man) doesn't work out! :)

in a way, it is kinda designed for this purpose :)

)\/(ark


* Origin: (1:3634/12)

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

I would like to add the random code
question at the beginning of the new user process.

There is a text.dat line called StartingNewUserRegistration. You could @exec a module there to display and prompt for your random code and hangup the user if they don't respond correctly. That should work.

I knew I was missing something---I couldn't find that string in my text.dat and then realized I was probably the only person still running v3.15b. I just upgraded to v3.16 and the StartingNewUserRegistration string worked out perfectly for running the module.

Thank you for your time and assistance Digital Man!

Kind regards,
Skatin

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ telnet://vert.synchro.net

Re: Telnet New User Captcha
By: nolageek to Skatin on Thu Apr 23 2015 11:40:25

Is there a telnet new user captcha mod available anywhere?

Mro whipped one up a while back, but I don't remember seeing it the last time I called his board(s) so maybe he decided it wasn't worth it. I don't see how it could be too incredible useful really.

It'd be a cutesy gimmicky way of solving a problem that probably doesn't exist.

Do people actually get a lot of bot signups on their boards? The typical new-user signup questionnaire would probably be enough to stop most skid bots trying to bust into an open telnet server. At most, email verification (which others have mentioned) prior to validation ought to suffice.

OTOH a CAPTCHA is easy enough to make. Use some figlet fonts, make the user type in some gibberish, meh, it's not much of a hardship for the developer or any new user.

One idea would be use the new user password and place it in the welcome screen - that way someone would have had to at least read that message before logging in, but you wont have to tell someone the NUP before they can even call. It'd basically be a captcha.

There you go. Non-problem solved.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com - 416-273-7230
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Re: Telnet New User Captcha
By: mark lewis to Mro on Thu Apr 23 2015 20:50:27

but that's not a traditional "captcha" as seen on web pages, right? in a text only environment, captcha would be way easy to figure out automatically... even easier than the micreatants do with OCR and graphic texts...

One option would be to use ASCII art "fonts" to generate the captcha image. These could still be interpreted by a script, but not as easily as plain letters.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com - 416-273-7230
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Re: Telnet New User Captcha
By: echicken to mark lewis on Sat Apr 25 2015 02:33 am

One option would be to use ASCII art "fonts" to generate the captcha image. These could still be interpreted by a script, but not as easily as plain letters.

That would rock -- and fit in with the look and feel of most BBSes out there.

---
þ Synchronet þ realitycheckBBS -- http://realitycheckBBS.org

Re: Telnet New User Captcha
By: mark lewis to Mro on Thu Apr 23 2015 08:50 pm

on mine, if they fail the challenge they are ip blocked because that connection is probably a port scanner. i give them an 'are you
sure' just incase they screw up in typing.

but that's not a traditional "captcha" as seen on web pages, right? in a text only environment, captcha would be way easy to figure out automatically... even easier than the micreatants do with OCR and graphic texts...

i'm not so sure someone would design a system to get past the challenge
system of just my one bbs.

and if i wanted to, i could use figlet to generate an ascii graphic.
anyways, i made it for me and it works for me.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::