's VADV-PHP Home

Message Area

Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Synchronet Multinode BBS Softwar... <-- <---

Return to Home Page

Synchronet Multinode BBS Softwar... [213 / 900]

From

Subject

Date/Time

Daryl Stout

ALL

Active User Hacking Attem

February 22, 2019
1:01 PM *

  Originally to a reply to Mortifis, but I had another issue develop,
that I felt could go under the same topic...so I addressed it to ALL.

***

M>FYI  an person from this IP address 66.70.247.19 has been actively trying to
M>hack my personal accounts ... you may want to keep an eye on your logs or put
M>66.70.247.19 in your ip.can file

  Done.

  On another note, every so often, in the FTP server, I see something
like this -- all Occurred on Feb. 22, 2019 in about a minute of time. I
deleted those date and time stamps from the log file excerpt posted
here.

**

1420 CTRL connection accepted from: 89.238.162.147 port 57848
1420 Hostname: 89-238-162-147.uk1.lunarnetwork.net
1420 Guest: <admin123>
1420 <Guest> logged in (1 today, 36251 total)
1420 <Guest> detailed listing: root in passive mode
1420 <Guest> DATA Transfer successful: 297 bytes sent in 0 seconds (594 cps)
1420 <Guest> downloading 00index.html for / in passive mode
1420 <Guest> DATA Transfer successful: 3263 bytes sent in 0 seconds (6526 cps)
1420 <Guest> file (/Photo.scr) not found for SIZE command
1420 <Guest> file (/Photo.scr) not found for RETR command
1780 CTRL connection accepted from: 89.238.162.147 port 57854
1780 Hostname: 89-238-162-147.uk1.lunarnetwork.net
1780 Guest: <admin123>
1780 <Guest> logged in (2 today, 36252 total)
1780 <Guest> detailed listing: bbs.files library in passive mode
1780 <Guest> DATA Transfer successful: 369 bytes sent in 0 seconds (738 cps)
1780 <Guest> downloading 00index.html for /bbs.files/ in passive mode
1780 <Guest> DATA Transfer successful: 1663 bytes sent in 0 seconds (3326 cps)
1780 <Guest> file (/bbs.files/Photo.scr) not found for SIZE command
1780 <Guest> file (/bbs.files/Photo.scr) not found for RETR command
1888 CTRL connection accepted from: 89.238.162.147 port 57861
1888 Hostname: 89-238-162-147.uk1.lunarnetwork.net
1888 Guest: <admin123>
1888 <Guest> logged in (3 today, 36253 total)
1888 <Guest> detailed listing: /bbs.files/BBSFILES directory in passive mode
1888 <Guest> detailed listing (1761 bytes) of /bbs.files/BBSFILES (21 files) cr
1888 <Guest> DATA Transfer successful: 1761 bytes sent in 0 seconds (3522 cps)
1888 <Guest> downloading 00index.html for /bbs.files/BBSFILES/ in passive mode
1888 <Guest> JavaScript array of /bbs.files/BBSFILES (21 files) created in 0 se
1888 <Guest> DATA Transfer successful: 10352 bytes sent in 0 seconds (20704 cps
1888 <Guest> file (/bbs.files/BBSFILES/Photo.scr) not in database for SIZE comm
1888 <Guest> file (/bbs.files/BBSFILES/Photo.scr) not in database for RETR comm
1888 <Guest> logged off
1888 CTRL thread terminated (2 clients and 3 threads remain, 3 served)
1964 CTRL connection accepted from: 89.238.162.147 port 57867
1964 Hostname: 89-238-162-147.uk1.lunarnetwork.net
1964 Guest: <admin123>
1964 <Guest> logged in (4 today, 36254 total)
1964 <Guest> detailed listing: /bbs.files/UPLOADS directory in passive mode (em
1964 <Guest> DATA Transfer successful: 149 bytes sent in 0 seconds (298 cps)
1964 <Guest> downloading 00index.html for /bbs.files/ in passive mode
1964 <Guest> DATA Transfer successful: 1663 bytes sent in 0 seconds (3326 cps)
1964 <Guest> file (/bbs.files/Photo.scr) not found for SIZE command
1964 <Guest> file (/bbs.files/Photo.scr) not found for RETR command
1964 <Guest> logged off
1964 CTRL thread terminated (2 clients and 3 threads remain, 4 served)
1864 CTRL connection accepted from: 89.238.162.147 port 57875
1864 Hostname: 89-238-162-147.uk1.lunarnetwork.net
1864 Guest: <admin123>
1864 <Guest> logged in (5 today, 36255 total)
1864 <Guest> detailed listing: /bbs.files/SYSOP directory in passive mode (empt
1864 <Guest> DATA Transfer successful: 149 bytes sent in 0 seconds (298 cps)
1864 <Guest> downloading 00index.html for /bbs.files/ in passive mode
1864 <Guest> DATA Transfer successful: 1663 bytes sent in 0 seconds (3326 cps)
1864 <Guest> file (/bbs.files/Photo.scr) not found for SIZE command
1864 <Guest> file (/bbs.files/Photo.scr) not found for RETR command
1420 <Guest> logged off
1780 <Guest> logged off
1420 CTRL thread terminated (2 clients and 3 threads remain,

**

  Because of stuff like this, I decided to LIMIT access to the file
areas for Guest callers or Anonymous FTP logons to just file board 1,
file area 1. I also originally had the majority of the file boards OPEN
(except for selected areas meant only for verified users). Uploads are
also set to go to the Sysop directory, and you have to be a verified
user to upload files.

  Yet, when I was constantly getting stuff like this, was when I "locked
down" the file areas. I've even debated REMOVING the Guest User account
(no more browsing the BBS without an official application for access,
and logon)...and I believe some Sysops have done such.

  The bottom line is, when this occurs, are they actually uploading a
file, or just trying to see if it's "online". And, aside from blocking
said IP address after the fact, is there any harm being done to the
system with this??

Daryl

===
 ■ OLX 1.53 ■ "Ignore Previous Cookie" - Message in fortune cookie.
--- SBBSecho 3.06-Win32
 * Origin: FIDONet: The Thunderbolt BBS - tbolt.synchro.net (1:19/33)

Previous Message | Next Message | Back to Synchronet Multinode BBS Softwar... <-- <---

Return to Home Page

Execution Time: 0.0922 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2024 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
v2.0.140505