BBS Telnet Access Closed Due To Penetration Attempts

BBS Telnet Access is Temporarily Closed due to Brute Force Penetration Attempts. 09/21/16 see resolution update posted below.

Someone has been brute force attacking the BBS via port 23 – Telnet. Unfortunately for the time being we were forced to close Wildcat’s telnet port shutting off anyone trying to connect to the bbs via this method.

BBS Telnet Probing
Wildcat BBS Online Controller showing massive Telnet probing

Wildcat 5 BBS software was way advanced in its day and is highly configurable. The ability to change ports on the web http side was also an advance feature, but unfortunately the only Telnet option is to turn it on or off, but not change the access port.

Wildcat BBS Desktop View
Wildcat BBS SysOp’s view also showing Platinum Express mail tosser and BAP Stats

We only have a couple of Telnet users accessing the bbs. Unfortunately due to security concerns for our network Telnet access must be closed. We are working on a solution. Possibly running the bbs under our existing CloudFlare account.

Update 09/21/16: It is being reported that certain SOHO Routers have an inherit vulnerability that can allow an attacker network access on port 23. This is what so called “script kiddies” are remotely scanning for. It’s a form of War Driving, similar to modem dialing a series of phone numbers looking for modems that answered (Movie War Games) but scanning a block of IP’s instead.

We have reached a solution that is allowing BBS Telnet access again, but are not announcing it in this post for security reasons. Users accessing the BBS by Telnet have been notified of the new login routine. 😉

Subscribe
Notify of
guest
4 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ozz Nixon
Ozz Nixon
June 27, 2017 8:35 AM

The more expensive routers in the SOHO market (like Cisco) call this PAT instead of NAT. I have done PenTest against many Windows based Telnet/BBSes – none had a vulnerability that could jeopardize the host integrity. Yes, many Windows Winsock listeners fall for DoS attacks when a raw SYN_ packet is sent by never followed through with an ACK the listener has already pulled the handle from the Queue and left hanging for 2 to 5 minutes (depending upon your OS level and version). In a 10 node environment, it takes about 50ms to DoS from a single site. *… Read more »

John Draugr
John Draugr
October 25, 2016 11:10 PM

WOW! I just put my Wildcat BBS back online last night after being down for years and immediately my 10 node system was showing connection attempts like crazy. I logged in and it said Node 21 (I only have a 10 node license). I quickly took the server down and tonight I started looking for info on changing the Telnet port in Wildcat 6.x. This was the first page that I read and was not expecting to see the exact same issue I had last night (10-25-2016). I guess its all over for my use of Wildcat. I only care… Read more »