• Stupid Sysops & Nonstandard Ports

    From dragon@VERT/IPTIA to DOVE-Net.Synchronet_Discussion on Sun Apr 3 12:12:14 2022
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security
    system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323
  • From Andre@VERT/RDOMENTR to dragon on Sun Apr 3 13:25:30 2022
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    What does that matter? It just says how people have configured their BBS.

    You're missing any info about what the risks are, have any been breached, etc. I could easily make the opposite claims that most of these BBS have no regular users other than the sysop, which is caused by being on a nonstandard port. I have no data to support that, of course.

    Point is that the first step in hardening is not changing to a nonstandard port. It's just not.


    - Andre

    ---
    Synchronet Radio Mentor BBS - bbs.radiomentor.org
  • From MRO@VERT/BBSESINF to dragon on Sun Apr 3 15:04:53 2022
    Re: Stupid Sysops & Nonstandard Ports
    By: dragon to DOVE-Net.Synchronet_Discussion on Sun Apr 03 2022 12:12 pm

    The use of nonstandard ports is a good first part of a layered security system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or

    that's your opinion.

    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    it won't protect against anything.

    i've had all my bbses up for many many years on standard ports.
    they get attacks like everyone else.

    bbses don't get attacked any more than anybody else that run services on the internet and they arent crippled.

    your opinion is foolish and poorly thought out.
    running a bbs on a non standard port just makes it more difficult for the user to find the system and visit it. the most successful bbses that have been on the internet in over 20 years have not ran on a nonstandard port.

    I think you are just using this threat as a shill advertisement for your site. ---
    Synchronet ::: BBSES.info - free BBS services :::
  • From The Millionaire@VERT to dragon on Sun Apr 3 15:16:22 2022
    To: DOVE-Net.Synchronet_Discussion
    Subject: Stupid Sysops & Nonstandard Ports
    @MSGID: <6249C760.37342.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or experienced hackers? No.

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323


    Sysops are not stupid.

    $ The Millionaire $

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From dragon@VERT/IPTIA to Andre on Sun Apr 3 17:01:04 2022
    On 4/3/2022 2:25 PM, Andre wrote:
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on
    nonstandard ports.

    What does that matter? It just says how people have configured their BBS.


    It says that a significant number of sysops thought there was at least
    some value in it.

    You're missing any info about what the risks are, have any been breached, etc.
    I could easily make the opposite claims that most of these BBS have no regular
    users other than the sysop, which is caused by being on a nonstandard port. I have no data to support that, of course.

    Or, they have small userbases because they are catering to a smaller,
    more tech-savvy crowd.

    Preventing breeches is not the only reason to do this. A constant
    barrage of door-rattling eats up resources and bloats log files. The
    point is that it's an OPTION.


    Point is that the first step in hardening is not changing to a nonstandard port. It's just not.


    - Andre

    ---
    Synchronet Radio Mentor BBS - bbs.radiomentor.org

    I didn't say it was the first step or the only step. I just said it is
    a POSSIBLE step that others have found worthwhile. Why do you guys take
    this so personally? I don't care if you use the standard port. I'm not trying to change your minds.

    In fact, I'm not trying to anything other then offer an OPTION to the
    original poster. I really didn't expect to get into a long argument
    about it.

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323
  • From Andre@VERT/RDOMENTR to dragon on Sun Apr 3 19:46:09 2022
    Re: Re: Stupid Sysops & Nonstandard Ports
    By: dragon to Andre on Sun Apr 03 2022 05:01 pm

    It says that a significant number of sysops thought there was at least some value in it.

    Keeping Up with the Kardashians made them collectively worth like $2B. People finding value in something doesn't necessarily mean it's good idea.


    - Andre

    ---
    Synchronet Radio Mentor BBS - bbs.radiomentor.org
  • From dragon@VERT/IPTIA to MRO on Sun Apr 3 22:07:12 2022
    On 4/3/2022 4:04 PM, MRO wrote:
    Re: Stupid Sysops & Nonstandard Ports
    By: dragon to DOVE-Net.Synchronet_Discussion on Sun Apr 03 2022 12:12 pm

    > The use of nonstandard ports is a good first part of a layered security
    > system in that it filters out the script kiddies and those scanning for
    > "low hanging fruit". Will it protect against a targeted attack and/or

    that's your opinion.

    > "low hanging fruit". Will it protect against a targeted attack and/or
    > experienced hackers? No.

    it won't protect against anything.

    i've had all my bbses up for many many years on standard ports.
    they get attacks like everyone else.

    bbses don't get attacked any more than anybody else that run services on the internet and they arent crippled.

    your opinion is foolish and poorly thought out.
    running a bbs on a non standard port just makes it more difficult for the user to find the system and visit it. the most successful bbses that have been on the internet in over 20 years have not ran on a nonstandard port.

    I think you are just using this threat as a shill advertisement for your site.
    ---
    Synchronet ::: BBSES.info - free BBS services :::

    So far you've called me foolish and stupid on multiple occasions. At
    first I thought you were just an ass, but this last suggestion that my
    opinion on using nonstandard ports is somehow a contrivance to get
    people to visit my website is laughable.

    I was sincerely trying to help the original poster. I don't see how you connected that with me trying to increase usage of my website. In fact,
    I hope no one with your level of negativity comes anywhere near it.

    Now, be so kind as to fuck off.

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323
  • From dragon@VERT/IPTIA to The Millionaire on Sun Apr 3 22:12:41 2022
    On 4/3/2022 6:16 PM, The Millionaire wrote:
    To: DOVE-Net.Synchronet_Discussion
    Subject: Stupid Sysops & Nonstandard Ports
    @MSGID: <6249C760.37342.dove-syncdisc@bbs2.ipingthereforeiam.com>
    @TZ: ff10
    Here are some actual numbers for those that care about those things.

    There are 2332 current active entries in the IPTIA database. Of these,
    about 1050 are BBSes. A little less than half of these (462) run on
    nonstandard ports.

    https://www.ipingthereforeiam.com/bbs/

    The use of nonstandard ports is a good first part of a layered security
    system in that it filters out the script kiddies and those scanning for
    "low hanging fruit". Will it protect against a targeted attack and/or
    experienced hackers? No.

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323


    Sysops are not stupid.

    $ The Millionaire $

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net

    I agree. This was in response to MRO stating that all sysops using nonstandard ports were "stupid".

    ---
    Synchronet IPTIA - bbs2.ipingthereforeiam.com:2323