1. Forum
  2. MicroNet
  3. MIN BBS

  • Re: Pro-active firewall?

    From Shurato@618:300/50 to Jas Hud on Tue Dec 31 20:51:00 2024

    To: T.J. Mcmillen
    Re: Re: Pro-active firewall? By: T.J. Mcmillen to Jas Hud on Thu Aug
    08 2024 04:03 pm

    From Newsgroup: micronet.bbs

    They used those exploits and put ransomeware on it and did the
    little
    txt f on the desktop where i had to send them money to a bitcoin address.

    With windows firewall up, they wouldn't be able to do that. My
    other
    win7 were fine.

    I think the Win7 firewall is up, yeah, the stock one is .... I know I
    had it
    down when I was having issues with net2bbs (which ending up being my
    router
    needing powered off for like 15 mins) .... Weirdest damn thing ...
    just
    would unhook the port for no reason. Crazy electric things! <G>


    i still miss blackice defender.

    I just found a version of Snort for Window 32 bit. It works on 7 up I
    believe. I wrote some short scripts to send IP addresses to its rule list to block and then refresh the rule list at a regular basis. It makes Snort work as an IPS instead of just an IDS. I just have my bbs send the IP address of the offender (anyone using a raw connection) in a snort rule to the list, making sure it's not duplicated, then another script kills and restarts
    Snort every 30 minutes to reload the list. I'm sure a better solution
    could have been done, but this works for me. The compile of Snort I found doesn't allow for refreshing the rules without killing the task. I don't
    know if source is available or not.

    --
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,999) (ssh login 'bbs' password 'shsbbs')


    *** THE READER V4.50 [freeware]
    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (618:300/50)