1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • bots // Adobe After Effects Crack

    From DesotoFireflite@VERT/VALHALLA to MRO on Sat Jul 9 07:54:58 2022
    Re: bots // Adobe After Effects Crack
    By: MRO to DesotoFireflite on Fri Jul 08 2022 11:53 pm

    Re: bots // Adobe After Effects Crack
    By: DesotoFireflite to John Dovey on Fri Jul 08 2022 03:21 pm

    posting spam to the messgae base. MRO cought that and alerted me. I
    still didn't want to punish the 90% to 95% good users that register
    for a few childish brats. I also looked back in my user base, and
    found that same person registered with many different names. I solved
    this issue with 2 steps, and was able to leave the system wide open to
    honest users.


    so did you check the ip address and what email address service were they using? some throw away one?

    No, not this time, but I based it on the info in the user database, and how they all used the same email address and the near likeness of the username. they didn't even try to hide the fact it was the same user. Next time I will check the log, just forgot this time.

    i've been trying to look for forums that are talking about how easy synchronet bbses are to compromise, but havent found anything yet.

    Great, I following this tread closely, as this affects us all.

    SysOp: C.G. Learn, AKA: DesotoFireflite
    Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
    A Gamers Paradise - Over 250 Registered Online Game Doors!

    ---
    ■ Synchronet ■ Valhalla Home Services ■ USA ■ http://valhalla.synchro.net
  • From Dumas Walker@VERT/CAPCITY2 to DIGITAL MAN on Sun Jul 10 14:48:00 2022
    Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
    v4

    ; Allow new users to register via the web interface (default: no) user_registration = false

    If you don't allow web registrations, is there a screen that will give the
    user instructions on how to register so they can access the web interface?

    Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised
    that several of them only knew "how to BBS" via a web interface. Getting
    legit users like that to register via another means without instruction
    would be difficult.


    * SLMR 2.1a * Boss spelled backwards is "double SOB".

    ---
    ■ Synchronet ■ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP
  • From MRO@VERT/BBSESINF to Dumas Walker on Sun Jul 10 21:54:27 2022
    Re: bots // Adobe After Effec
    By: Dumas Walker to DIGITAL MAN on Sun Jul 10 2022 02:48 pm

    Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.

    yeah i know there's a few people that are like that. i'm not sure who brought them in. they could always use a newsreader program with synchronet.

    i'm not sure if they were even using synchronet and using some other web inteface like ozzmosis.
    ---
    ■ Synchronet ■ ::: BBSES.info - free BBS services :::
  • From Digital Man@VERT to Dumas Walker on Mon Jul 11 11:08:39 2022
    Re: bots // Adobe After Effec
    By: Dumas Walker to DIGITAL MAN on Sun Jul 10 2022 02:48 pm

    Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
    v4

    ; Allow new users to register via the web interface (default: no) user_registration = false

    If you don't allow web registrations, is there a screen that will give the user instructions on how to register so they can access the web interface?

    So long as the BBS has a "guest" account, ecWeb still allows access to the web interface without authenticating. Guest's normally cannot post messages, so while they can still browse/read without authenticating, they cannot post messages (e.g. SPAM).

    Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.

    ecWeb is very extensible, so the sysop can add additional instruction text or pages, as they see fit, very easily.
    --
    digital man (rob)

    Rush quote #37:
    Ignorance and prejudice and fear go hand in hand
    Norco, CA WX: 78.8°F, 52.0% humidity, 3 mph E wind, 0.00 inches rain/24hrs

    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Tracker1@VERT/TRN to DaiTengu on Fri Jul 15 11:42:23 2022
    On 7/7/22 08:14, DaiTengu wrote:

    I had that problem a few years back. I disallowed HTTP registrations.

    I thought about allowing HTTP users to register, and then putting them
    into a separate security group to be manually validated with access to
    post locally only, but it just didn't seem worth it, and I wasn't sure
    if I could segregate HTTP registrations off from regular BBS signups.

    Should be super easy to change the security level for new HTTP users.
    Should also be easy enough to integrate an email validation for both
    telnet and internet users. Working on doing an email and sms validation before being able to create an account, and having users login with
    their registered email address.

    That said, using say 40 for new user security level vs. 50 should be a
    pretty easy edit on ecweb or the older runescape web.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com

    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com
  • From Tracker1@VERT/TRN to DaiTengu on Fri Jul 15 11:45:32 2022
    On 7/7/22 13:40, DaiTengu wrote:

    Honestly it probably would have been easier to create some kind of
    database bridge between SMB and MySQL

    Would love something like that myself... though PostgreSQL (can't stand MySQL).
    --
    Michael J. Ryan - tracker1@roughneckbbs.com

    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com
  • From Tracker1@VERT/TRN to MRO on Fri Jul 15 12:06:14 2022
    On 7/7/22 21:06, MRO wrote:
    vBulletin is just another web interface though, isn't it?

    yeah but it's good and it's not slow. the synchronet web interface is
    slow usually. vbulletin is just better all around.

    I think that's mostly down to Synchronet's access model for data, you
    can largely work around those issues with a good caching proxy in front
    of it. Some refactoring of the UI/API access and some form of caching
    service would be really helpful, but a lot of work.

    Not sure if it's feasible to have the SMB index in memory at the service level, that would probably boost web and nntp access quite a bit. Beyond
    that would be a request for a given

    who was that? i only know of you, me and hax0r from unknownrealm
    running vbulletin with the nntp hack. if you have your shit wide
    open, of course you are going to have spam bots.

    this spamming on the synchronet web interface seems to be a lot more prominent now. like i said, i think someone knows about synchronet
    and created a kiddy script for it.

    Probably... there's a lot of spam that gets into echojs.com, but I try
    to clean it up at least once a day.
    --
    Michael J. Ryan - tracker1@roughneckbbs.com

    ---
    þ Synchronet þ Roughneck BBS - roughneckbbs.com