Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp. It really slows everything else down. I'd like to require an account to use the nntp.

Thanks!

---
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * 1-502-875-8938

Re: Disable guest logon for NNTP
By: Dumas Walker to All on Sat Dec 23 2017 01:51 pm

Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp. It really slows everything else down. I'd like to require an account to use the nntp.

Add "-na" (no-anonymous) to your nntpservice.js command-line in your ctrl/services.ini file.

digital man

Synchronet/BBS Terminology Definition #15:
DOS = Disk Operating System (as in PC-DOS and MS-DOS)
Norco, CA WX: 58.3øF, 23.0% humidity, 0 mph S wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: Disable guest logon for NNTP
By: Dumas Walker to All on Sat Dec 23 2017 13:51:56

Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest

Invoke nntpservice.js with the '-na' argument, eg. in 'ctrl/services.ini':

[NNTP]
Command = nntpservice.js -f -na

---
echicken
electronic chicken bbs - bbs.electronicchicken.com - 416-273-7230
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

On 2017 Dec 23 13:51:56, you wrote to All:

Is there a way to allow a guest logon for such things as ftp but to

disable

it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp.

what's the IP? i know there are a few bots that rummage through nntp... one of them is looking for file entries in the messages so they can add them to their database...

199.187.125.26 findthatfile.com nntp spider
Find That File LLC
401 North Broad St
Philadelphia, PA 19103

apparently affiliated with
Database by Design, LLC
1650 Market Street
Suite 3600
Philadelphia, PA 19103


some quick blurbs on them...

FINDTHATFILE: FINDS WHAT NOBODY ELSE DOES
www.findthatfile.com
FindThatFile claims to be the most extensive file search tool on the
internet, covering 47 file types. Google's advanced search only offers
10. [...]

and this note from "teacher tech" back in 2011...

Findthatfile is a way to search for downloadable files (audio, video,
image, document and software are among the many options) on the web.
It offers ways to search for all files in a particular topic or just
a certain type of media. Unlike a regular search engine, It DOESN'T
give you links to webpages or [...]



https://www.google.com/search?q=findthatfile


they say that if their spider causes problems and they are contacted about it, they will remove the IP from their searches... i say it is easier to just block
them at the perimeter firewall and be done with it... REJECT their connections to be nice, DROP their connections to let their bot flounder waiting on network
timeouts...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Keep it up and you'll be a strange smell in the attic.
---
* Origin: (1:3634/12.73)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Add "-na" (no-anonymous) to your nntpservice.js command-line in your ctrl/services.ini file.

AWESOME, thanks!

---
þ SLMR 2.1a þ A distant ship, smoke on the horizon....
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * 1-502-875-8938

Invoke nntpservice.js with the '-na' argument, eg. in 'ctrl/services.ini': [NNTP]
Command = nntpservice.js -f -na

Now in place. I was wondering what that -f is for, so I am glad to see you
have it, too. :)

I will consult the wiki when I get some free time. Thanks!

---
þ SLMR 2.1a þ Isn't this where....
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * 1-502-875-8938

Re: Disable guest logon for N
By: Dumas Walker to ECHICKEN on Sun Dec 24 2017 08:48:00

Now in place. I was wondering what that -f is for, so I am glad to see you have it, too. :)

I will consult the wiki when I get some free time. Thanks!

It doesn't look like the command line switches for nntpservice.js are documented on the wiki, but these comments are from the top of the script itself:

// Available Command-line options:
//
// -d debug output
// -f filter bogus client IP addresses
// -na no anonymous logins (requires user authentication)
// -mail expose entire mail database as newsgroup to Sysops
// -auto automatic login based on IP address (no password necessary)
// -nolimit unlimited message lengths
// -notag do not append tear/tagline to local messages for Q-rest accounts // -ascii convert ex-ASCII to ASCII

Perusing the script a bit, it looks like -f tells the script to add the client's IP address to ip.can if the client sends too many 'bogus' commands. Bogus commands appear to be stuff happening out of order, violating the protocol, trying to select newsgroups that don't exist on the server, etc. Pretty much anything that a crappy bot or poorly written client would do.

---
echicken
electronic chicken bbs - bbs.electronicchicken.com - 416-273-7230
þ Synchronet þ electronic chicken bbs - bbs.electronicchicken.com

Mark,

what's the IP? i know there are a few bots that rummage through nntp... one ML>them is looking for file entries in the messages so they can add them to the ML>database...

199.187.125.26 findthatfile.com nntp spider

I went ahead and put that IP in my ip.can file...and have also blocked
the domain as well.

Daryl

---
þ OLX 1.53 þ Cartoonist found dead in home. Details are sketchy.
þ Synchronet þ The Thunderbolt BBS - wx1der.dyndns.org

Re: Disable guest logon for NNTP
By: Dumas Walker to All on Sat Dec 23 2017 01:51 pm

Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp. It really slows everything else down. I'd like to require an account to use the nntp.

Add "-na" (no-anonymous) to your nntpservice.js command-line in your ctrl/services.ini file.

hmm, might be a good one for the faq on the synchro wiki


---

Rob Starr
Lord Time SysOp of
Time Warp of the Future BBS
Telnet://Time.Darktech.Org:24 or
Telnet://Time.Synchro.Net:24 (qwk or ftn & e-mail)
ICQ # 11868133 or # 70398519 Jabber : lordtime2000@gmail.com
Astra : lord_time
X-Box : Lord Time 2000 oovoo : lordtime2000 Skype : lordtime@tds.net
---
þ Synchronet þ Time Warp of the Future BBS - Home of League 10 IBBS Games

Re: Re: Disable guest logon for NNTP
By: Lord Time to Digital Man on Sun Dec 24 2017 06:13 pm

Re: Disable guest logon for NNTP
By: Dumas Walker to All on Sat Dec 23 2017 01:51 pm

Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp. It really slows everything else down. I'd like to require an account to use the nntp.

Add "-na" (no-anonymous) to your nntpservice.js command-line in your ctrl/services.ini file.

hmm, might be a good one for the faq on the synchro wiki

We added it to the wiki page for the nntp service module. I don't think it's at the level of a "FAQ" though yet. :-)

digital man

Synchronet/BBS Terminology Definition #38:
NUL = ASCII 0
Norco, CA WX: 69.5øF, 31.0% humidity, 0 mph W wind, 0.00 inches rain/24hrs

---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

what's the IP? i know there are a few bots that rummage through nntp... one of >them is looking for file entries in the messages so they can add them to their >database...

I have not paid that close attention, but I am pretty sure it is a bot or spider. It goes through them pretty quick, but pretty often.

---
þ SLMR 2.1a þ "Buck McCoy?!? He was bigger than opium!"
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * 1-502-875-8938

On 2017 Dec 26 17:00:00, you wrote to me:

what's the IP? i know there are a few bots that rummage through nntp...
one of them is looking for file entries in the messages so they can add
them to their database...

I have not paid that close attention, but I am pretty sure it is a bot
or spider. It goes through them pretty quick, but pretty often.

i don't have to tell you this but you really should look at those logs and see what IP they are coming from... the one i posted may not be your culprit but i know that i've had a similar problem with the one i did post... i did post to them from one of my security addresses and they responded as indicated... i didn't feel it was so bad that i couldn't just drop them and then allow them access later... it would no tsurprise me to find ou that they may originate from the BBS community at some point... i have no idea how they may be processing our various file announcement messages so they can provide a viable link to the files they do index...

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it wrong...
... Dear GOD, Who draws the lines around the countries?
---
* Origin: (1:3634/12.73)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Is there a way to allow a guest logon for such things as ftp but to disable it for nntp? I have been getting hit pretty hard lately by a guest who reads through every single message available via nntp. It really slows everything else down. I'd like to require an account to use the nntp.

Add "-na" (no-anonymous) to your nntpservice.js command-line in your ctrl/services.ini file.

hmm, might be a good one for the faq on the synchro wiki

We added it to the wiki page for the nntp service module. I don't think it's at the level of a "FAQ" though yet. :-)

saw it after I type that :(


---

Rob Starr
Lord Time SysOp of
Time Warp of the Future BBS
Telnet://Time.Darktech.Org:24 or
Telnet://Time.Synchro.Net:24 (qwk or ftn & e-mail)
ICQ # 11868133 or # 70398519 Jabber : lordtime2000@gmail.com
Astra : lord_time
X-Box : Lord Time 2000 oovoo : lordtime2000 Skype : lordtime@tds.net
---
þ Synchronet þ Time Warp of the Future BBS - Home of League 10 IBBS Games