Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am

https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.

is it possible to add some type of challenge to trip them up?
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: MRO to digital man on Sun Jul 03 2022 04:56 pm

Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am

https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.

Yup, spammers have been doing that for years.

is it possible to add some type of challenge to trip them up?

Sure. The first question is: which web interface is/was being used?

The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?

I just disabled posting access from that QWKnet node and netmailed the sysop to fix his board before I'll restore posting privileges.
--
digital man (rob)

Rush quote #70:
He's got a problem with his power, with weapons on patrol .. New World Man Norco, CA WX: 78.1øF, 53.0% humidity, 11 mph SSW wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.

Yup, spammers have been doing that for years.

well i havent seen them really create an account on the web and then post. did they do that with runmaster's web?

Sure. The first question is: which web interface is/was being used?

i think it's the ecweb.

The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?

i talked to marisa today and they pulled the bbs down until they can talk to the person.

so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000 ( it is down now, as i said)

so this is the runemaster web, right
https://i.imgur.com/fynL92r.png
s
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: MRO to Digital Man on Sun Jul 03 2022 07:46 pm

Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm

So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the msg subs.

Yup, spammers have been doing that for years.

well i havent seen them really create an account on the web and then post.

Yeah, the spammers have been doing it for years.

did they do that with runmaster's web?

Yes the legacy/runemaster web UI and ecWeb (different versions).

Sure. The first question is: which web interface is/was being used?

i think it's the ecweb.

The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?

i talked to marisa today and they pulled the bbs down until they can talk to the person.

so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000 ( it is down now, as i said)

so this is the runemaster web, right
https://i.imgur.com/fynL92r.png

Correct, that's the legacy/Runemaster web UI.
--
digital man (rob)

This Is Spinal Tap quote #6:
David St. Hubbins: He was the patron saint of quality footwear.
Norco, CA WX: 75.1øF, 58.0% humidity, 12 mph SSE wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the msg subs.

Yup, spammers have been doing that for years.

Its not often that I use the "delete message" button when reading messages - but when there is obvious spam I do.

Not sure if you are aware, but if you press delete, and you are not on the last message (in a sub), then after confirming the delete, you automatically advance to the next message (in a sub).

However, if you press delete on the last message (of a sub), after you confirm the delete, you are presented with the same message. It's triped me up a few times - where pressing "delete" again actually undeletes it (without a confirmation - but that is OK).

Can you change it so that pressing delete on the last message (in a sub) acts like "next" after deleting it, and takes you out of the message area (or to the next area when you are reading new messages).


...ëîåï

---
þ Synchronet þ Alterant | an SBBS in Docker on Pi!

Re: bots // Adobe After Effects Crack
By: MRO to Digital Man on Sun Jul 03 2022 07:46 pm

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in
the msg subs.

Yup, spammers have been doing that for years.

i think it's the ecweb.

I think you might be right. As you well know, we had a similar experience here. I don't know how they got in, but for safety sake we shut down the registrations on the web. If a new user wants to register now, they will have to go through the bbs window, and register on the bbs itself.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
A Gamers Paradise - Over 250 Registered Online Game Doors!

--- Don't eat the yellow snow!
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the
msg subs.

Yup, spammers have been doing that for years.

well i havent seen them really create an account on the web and then post. di
they do that with runmaster's web?

The ones that did it here initially created an account via telnet or SSH.
They even left an intelligible message to the sysop. I am not sure which interface the bot used (probably the web).

I changed the new user access level to a number less than the level
required to access echoes. Now if they try it, they at least don't get automatic access to post beyond local areas.

AFAICT, that is the only current way to fix it. I think there *might be*
an add-on that uses some sort of CAPTCHA to prevent bots from creating accounts. Seems like I have seen Daryl Stout talking about it before.


* SLMR 2.1a * Keyboard not found. Visualize "F1" to continue.

---
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Re: bots // Adobe After Effects Crack
By: DesotoFireflite to MRO on Mon Jul 04 2022 06:35 am

Yup, spammers have been doing that for years.

i think it's the ecweb.

I think you might be right. As you well know, we had a similar experience here. I don't know how they got in, but for safety sake we shut down the registrations on the web. If a new user wants to register now, they will have to go through the bbs window, and register on the bbs itself.

well i guess it's both of them.

i think there's a guy who knows that we run servers that can be compromised that way and he's making scripts and putting them in some kiddy script pack or something like that.

the best way is to just disable the new user signups via the web.
or put in some type of challenge.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effec
By: Dumas Walker to MRO on Mon Jul 04 2022 08:56 am

well i havent seen them really create an account on the web and then post. di
they do that with runmaster's web?

The ones that did it here initially created an account via telnet or SSH. They even left an intelligible message to the sysop. I am not sure which interface the bot used (probably the web).

wow, really. that's crazy.
I never had any problems like that but 5 years ago i madecapcha thing to just mess up the bots.

when they post it's on the web.

AFAICT, that is the only current way to fix it. I think there *might be*
an add-on that uses some sort of CAPTCHA to prevent bots from creating accounts. Seems like I have seen Daryl Stout talking about it before.

i dont think daryl has the mental fortitude to setup something like that.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: MRO to DesotoFireflite on Mon Jul 04 2022 02:05 pm

Re: bots // Adobe After Effects Crack
By: DesotoFireflite to MRO on Mon Jul 04 2022 06:35 am

Yup, spammers have been doing that for years.

i think it's the ecweb.

I think you might be right. As you well know, we had a similar
experience here. I don't know how they got in, but for safety sake we
shut down the registrations on the web. If a new user wants to
register now, they will have to go through the bbs window, and
register on the bbs itself.

well i guess it's both of them.

i think there's a guy who knows that we run servers that can be compromised that way and he's making scripts and putting them in some kiddy script pack or something like that.

the best way is to just disable the new user signups via the web.

I already did. You know, I never allowed new user signups via web, and the minute I allowed it, the problem started, so I removed it again.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
A Gamers Paradise - Over 250 Registered Online Game Doors!

---
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Re: bots // Adobe After Effects Crack
By: deon to Digital Man on Mon Jul 04 2022 05:12 pm

Re: bots // Adobe After Effects Crack
By: Digital Man to MRO on Sun Jul 03 2022 04:23 pm

So it seems like someone wrote a script for synchronet bbses so they can have a bot apply and login on the web interface and then post in the msg subs.

Yup, spammers have been doing that for years.

Its not often that I use the "delete message" button when reading messages - but when there is obvious spam I do.

Not sure if you are aware, but if you press delete, and you are not on the last message (in a sub), then after confirming the delete, you automatically advance to the next message (in a sub).

However, if you press delete on the last message (of a sub), after you confirm the delete, you are presented with the same message. It's triped me up a few times - where pressing "delete" again actually undeletes it (without a confirmation - but that is OK).

Can you change it so that pressing delete on the last message (in a sub) acts like "next" after deleting it, and takes you out of the message area (or to the next area when you are reading new messages).

If you set SCFG->Message Options->Users Can View Deleted Messages to "No", then it'll behave as you described. You won't have the option to undelete messages using the built-in message reader, but perhaps that's what you want.
--
digital man (rob)

Synchronet/BBS Terminology Definition #43:
IHA = Ille Homine Albe (Steve Deppe)
Norco, CA WX: 78.7øF, 48.0% humidity, 11 mph S wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

On Sun, 3 Jul 2022 16:56:58 -0500
"MRO" <mro@VERT/BBSESINF> wrote:

Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am

https://idmfullversion.com/movavi-video-editor-plus-full-version/ https://idmfullversion.com/movavi-video-editor-plus-full-version/

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in
the msg subs.

is it possible to add some type of challenge to trip them up?
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Guests come in at level 50, not sure why I have it set that high but
there you go. To be able to post to any group you need at least 60. I
only advance the level once the user has sent the sysop a message and I
can be pretty certain they're for real.
Guests can post in the local areas so at least they have something to
do and any spam can be easily mitigated and the account deleted and ip
blocked.
--
End Of The Line BBS - Plano, TX
telnet endofthelinebbs.com 23
---
þ Synchronet þ End Of The Line BBS - endofthelinebbs.com

Re: Re: bots // Adobe After Effects Crack
By: Nelgin to All on Mon Jul 04 2022 07:52 pm

is it possible to add some type of challenge to trip them up?

Guests come in at level 50, not sure why I have it set that high but
there you go. To be able to post to any group you need at least 60. I
only advance the level once the user has sent the sysop a message and I
can be pretty certain they're for real.
Guests can post in the local areas so at least they have something to
do and any spam can be easily mitigated and the account deleted and ip blocked.

no. i don't mean that shit. you can't expect all these absentee sysops to do this. and they would lose good users if they didn't monitor it every single day.

I'm talking about a challenge when they sign up on the web. But, another guy said someone signed up to his bbs via telnet, left a real msg to sysop and then posted the spam later.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: Digital Man to deon on Mon Jul 04 2022 04:23 pm

If you set SCFG->Message Options->Users Can View Deleted Messages to "No", then it'll behave as you described. You won't have
the option to undelete messages using the built-in message reader, but perhaps that's what you want.

So I have that for users - but for me its not what I want.

My usual workflow is login and read all new messages (N.A), so as I read through a message, "next" takes me to the next message in the same sub, or the next message in the next sub.

If I delete messages, then the usability for me is not there - ie: when there are more messages in the same sub, "delete" deletes the current message and advances - but on the last message, it repeats it.

I hope that makes sense. It would be good if it didnt do that, but I thought I'd share it in case you werent aware of change in function.

(BTW: It doesnt do that when reading email - it functions as I would expect (deleting the last email advances to the next, or exits if that was the last email.)

...ëîåï

---
þ Synchronet þ Alterant | an SBBS in Docker on Pi!

Re: bots // Adobe After Effects Crack
By: deon to Digital Man on Tue Jul 05 2022 04:36 pm

So I have that for users - but for me its not what I want.

Okay, I just committed a change that hopefully is what you want. Let me know, --
digital man (rob)

This Is Spinal Tap quote #9:
David St. Hubbins: I mean, it's not your job to be as confused as Nigel.
Norco, CA WX: 77.0øF, 56.0% humidity, 3 mph E wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: Digital Man to deon on Tue Jul 05 2022 12:24 pm

So I have that for users - but for me its not what I want.

Okay, I just committed a change that hopefully is what you want. Let me know,

Much better, thank you :)


...ëîåï

---
þ Synchronet þ Alterant | an SBBS in Docker on Pi!

Re: bots // Adobe After Effects Crack
By: MRO to digital man on Sun Jul 03 2022 04:56 pm

Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am

https://idmfullversion.com/movavi-video-editor-plus-full-version/
https://idmfullversion.com/movavi-video-editor-plus-full-version/

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the
msg subs.

Yup, spammers have been doing that for years.

is it possible to add some type of challenge to trip them up?

Sure. The first question is: which web interface is/was being used?

The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?

I just disabled posting access from that QWKnet node and netmailed the sysop to fix his board before I'll restore posting privileges. --
digital man (rob)

Hi Rob,
I've been trying to find where the problem is. So far no luck.

JD
--- AfterShock/Android 1.6.8
* Origin: Firecat Mobile (4:920/1.1)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000

Ok, that suddenly makes a lot more sense.
That was the original host that Marisa had for me. There was a major malfunction and that host was trashed. I asked Marisa to fix it for me and she rather created a new host where I dos a completely clean install.
I have no access to that host so will ask Marisa to take a look at it.
Thanks for your patience.
JD
--- AfterShock/Android 1.6.8
* Origin: Firecat Mobile (4:920/1.1)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: John Dovey to MRO on Wed Jul 06 2022 02:06 pm

so i went on thewayback machine and it appears his web is on http://elgato.synchronetbbs.org:2000

Ok, that suddenly makes a lot more sense.
That was the original host that Marisa had for me. There was a major

no, that doesnt prove where your host was running when you had attacks.
i just grabbed it from the wayback machine from some other date.

That was the original host that Marisa had for me. There was a major malfunction and that host was trashed. I asked Marisa to fix it for me and

didn't you make backups?

she rather created a new host where I dos a completely clean install.
I have no access to that host so will ask Marisa to take a look at it. Thanks for your patience.

marissa said that is your host and she disabled it when i told her about spamming. She said you didn't reply to her emails.

are you running your bbs from another host now?

either way, lock it down.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: John Dovey to MRO on Wed Jul 06 2022 02:06 pm

so i went on thewayback machine and it appears his web is on
http://elgato.synchronetbbs.org:2000

Ok, that suddenly makes a lot more sense.
That was the original host that Marisa had for me. There was a major

no, that doesnt prove where your host was running when you had attacks.
i just grabbed it from the wayback machine from some other date.

My current host is https://gatofuego.synchronetbbs.org

That was the original host that Marisa had for me. There was a major
malfunction and that host was trashed. I asked Marisa to fix it for me and

didn't you make backups?

she rather created a new host where I dos a completely clean install.
I have no access to that host so will ask Marisa to take a look at it.
Thanks for your patience.

marissa said that is your host and she disabled it when i told her about spamming. She said you didn't reply to her emails.

I have a conversation via email I can share with you.

are you running your bbs from another host now?

Yes. I thought I'd made that clear.

either way, lock it down.

I have no access to the old host.

JD
--- AfterShock/Android 1.6.8
* Origin: Firecat Mobile (4:920/1.1)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 02:04 pm

Re: bots // Adobe After Effects Crack
By: MRO to digital man on Sun Jul 03 2022 04:56 pm

Re: Adobe After Effects Crack
By: movavijunes1 to gaho12 on Sun Jul 03 2022 07:07 am

https://idmfullversion.com/movavi-video-editor-plus-full-version/
https://idmfullversion.com/movavi-video-editor-plus-full-version/

So it seems like someone wrote a script for synchronet bbses so they
can have a bot apply and login on the web interface and then post in the
msg subs.

Yup, spammers have been doing that for years.

is it possible to add some type of challenge to trip them up?

Sure. The first question is: which web interface is/was being used?

The BBS the referenced spam came from, Boondock's El Gato de Fuego BBS (elgato.synchronetbbs.org), doesn't appear to be running any Synchronet web server on TCP ports 80 or 443 and his listing in the Synchronet BBS list doesn't specify any web server address/port, so who knows?

I just disabled posting access from that QWKnet node and netmailed the sysop to fix his board before I'll restore posting privileges. --

I've been trying to find where the problem is. So far no luck.

Apparently you are (or were) allowing new user registrations and posting via HTTP and using an old/unsupported Synchronet Web UI: the legacy/Runemaster web interface. Pretty simple: don't do that.

1. Switch to use ecWebv4: http://wiki.synchro.net/config:webv4

2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--
digital man (rob)

Sling Blade quote #3:
Karl (re: killing Doyle): That second one just plum near cut his head in two. Norco, CA WX: 80.5øF, 52.0% humidity, 6 mph S wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

JD
--- AfterShock/Android 1.6.8
* Origin: Firecat Mobile (4:920/1.1)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: John Dovey to MRO on Wed Jul 06 2022 02:57 pm

no, that doesnt prove where your host was running when you had attacks. i just grabbed it from the wayback machine from some other date.

My current host is https://gatofuego.synchronetbbs.org

you're just getting confused.
i looked it up via the archive.org goback machine
stop thinking about that.

https://i.imgur.com/lG5JUib.png
^^ this is the spammer host.
gatofuego.synchronetbbs.org

marissa said that is your host and she disabled it when i told her about spamming. She said you didn't reply to her emails.

I have a conversation via email I can share with you.

i dont want to see your conversation. your bbs is the one that is spamming.

either way, lock it down.

I have no access to the old host.

it's not the old host that's spamming. it's your current one. https://i.imgur.com/lG5JUib.png

jesus christ.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm

2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

just dont do web registrations.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm

2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction
--

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

Hm... I'm not sure how well that'll work. Do you expect new users to actually be able to *use* the BBS with no access to any message groups?

Restricting *posting* privileges to networked-groups only is all that was needed and you can do that with a simple restriction flag:
http://wiki.synchro.net/access:restrictions
--
digital man (rob)

Synchronet/BBS Terminology Definition #53:
NAPLPS = North American Presentation Layer Protocol Syntax (ANSI X3.110)
Norco, CA WX: 71.1øF, 67.0% humidity, 5 mph S wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: Digital Man to John Dovey on Wed Jul 06 2022 01:40 pm

1. Switch to use ecWebv4: http://wiki.synchro.net/config:webv4

2. Either don't allow new-user registrations via HTTP or give new users a network-posting restriction

I had that problem a few years back. I disallowed HTTP registrations.

I thought about allowing HTTP users to register, and then putting them into a separate security group to be manually validated with access to post locally only, but it just didn't seem worth it, and I wasn't sure if I could segregate HTTP registrations off from regular BBS signups.

DaiTengu

... How do you tell when you're out of invisible ink?

---
þ Synchronet þ War Ensemble BBS - The sport is war, total war - warensemble.com

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

It will, but you'll need to stay on top of new user registrations then, and validate everyone.

Honestly, just disable HTTP registration. It might not be a bad idea for Marissa to do that by default with her Synchronet installs. :)

Heck, it may be a good idea for that to be disabled by default in Synchronet/ecWeb with a great big warning about the potential spam issues if it's enabled. (If it's not done already)

DaiTengu

... A jury -- twelve persons chosen to decide who has the better lawyer.

---
þ Synchronet þ War Ensemble BBS - The sport is war, total war - warensemble.com

Re: bots // Adobe After Effects Crack
By: DaiTengu to John Dovey on Thu Jul 07 2022 10:18 am

Honestly, just disable HTTP registration. It might not be a bad idea for Marissa to do that by default with her Synchronet installs. :)

Heck, it may be a good idea for that to be disabled by default in Synchronet/ecWeb with a great big warning about the potential spam issues if it's enabled. (If it's not done already)

Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:webv4

; Allow new users to register via the web interface (default: no) user_registration = false
--
digital man (rob)

Breaking Bad quote #22:
I got one more shot at that little skid mark. - Hank Schrader
Norco, CA WX: 81.3øF, 50.0% humidity, 5 mph ESE wind, 0.00 inches rain/24hrs ---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: DaiTengu to John Dovey on Thu Jul 07 2022 10:18 am

Heck, it may be a good idea for that to be disabled by default in Synchronet/ecWeb with a great big warning about the potential spam issues if it's enabled. (If it's not done already)

what i did was just make the link script for the new user apply go to a page that had text on it with a url they would cut and paste.

really, i'm still not a fan of these web interfaces. they're slow. you can make them look however you want but they're slow. when i had my msg areas on vbulletin that was a lot better. it was fast and feature rich and usable.
i had a script that would poll the msg bases via nntp and import.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: MRO to DaiTengu on Thu Jul 07 2022 02:18 pm

really, i'm still not a fan of these web interfaces. they're slow. you can make them look however you want but they're slow. when i had my msg areas on vbulletin that was a lot better. it was fast and feature rich and usable. i had a script that would poll the msg bases via nntp and import.

Yeah, I think I set that vbulletin NNTP gateway up at one point years ago too.

I started trying to write a tosser in PHP at one point, but never got very far. I'm pretty sure I got confused/overwhelmed by packet specs, and all the stupid FTN requirements that I'd have to account for between vBulletin and FTN messages. It wasn't a great project for someone just learning PHP, or coding in general.

Honestly it probably would have been easier to create some kind of database bridge between SMB and MySQL

DaiTengu

... Take my advice, I don't use it anyway.

---
þ Synchronet þ War Ensemble BBS - The sport is war, total war - warensemble.com

Re: bots // Adobe After Effects Crack
By: MRO to DaiTengu on Thu Jul 07 2022 02:18 pm

really, i'm still not a fan of these web interfaces. they're slow. you can make them look however you want but they're slow. when i had my msg areas on vbulletin that was a lot better. it was fast and feature rich and usable. i had a script that would poll the msg bases via nntp and import.

vBulletin is just another web interface though, isn't it?

Also, I remember some sysops running vBulletin who had a spam problem due to users (or bots) posting on the vBulletin interface. Same issue as with ecwebv4 or the Runemaster web interface for Synchronet.

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com

Re: bots // Adobe After Effects Crack
By: Nightfox to MRO on Thu Jul 07 2022 02:05 pm

vBulletin is just another web interface though, isn't it?

yeah but it's good and it's not slow. the synchronet web interface is slow usually. vbulletin is just better all around.

Also, I remember some sysops running vBulletin who had a spam problem due to users (or bots) posting on the vBulletin interface. Same issue as with ecwebv4 or the Runemaster web interface for Synchronet.

who was that? i only know of you, me and hax0r from unknownrealm running vbulletin with the nntp hack. if you have your shit wide open, of course you are going to have spam bots.

this spamming on the synchronet web interface seems to be a lot more prominent now. like i said, i think someone knows about synchronet and created a kiddy script for it.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm

2. Either don't allow new-user registrations via HTTP or give new

users DM> a network-posting restriction

--

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

Hm... I'm not sure how well that'll work. Do you expect new users to actually be able to *use* the BBS with no access to any message groups?

Restricting *posting* privileges to networked-groups only is all that was needed and you can do that with a simple restriction flag: http://wiki.synchro.net/access:restrictions --
digital man (rob)

At this point, I just wanted to stop any possibility of further issues.
I'll work on easing this more.
JD
--- AfterShock/Android 1.6.8
* Origin: Firecat Mobile (4:920/1.1)
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

Re: bots // Adobe After Effects Crack
By: MRO to Nightfox on Thu Jul 07 2022 11:06 pm

Also, I remember some sysops running vBulletin who had a spam problem
due to users (or bots) posting on the vBulletin interface. Same issue
as with ecwebv4 or the Runemaster web interface for Synchronet.

who was that? i only know of you, me and hax0r from unknownrealm running vbulletin with the nntp hack. if you have your shit wide open, of course you are going to have spam bots.

I don't remember who it was coming from at the time. I remember cr1mson (Jon Justvig) was also running vBulletin for a while too, years ago.

Nightfox

---
þ Synchronet þ Digital Distortion: digitaldistortionbbs.com

Re: bots // Adobe After Effects Crack
By: John Dovey to Digital Man on Wed Jul 06 2022 06:42 pm

I've set new users to 10 and access to all msg groups to >= 51

Hopefully, that will prevent future problems.

I had some similar issues on Valhalla, with some of the kids registering and posting spam to the messgae base. MRO cought that and alerted me. I still didn't want to punish the 90% to 95% good users that register for a few childish brats. I also looked back in my user base, and found that same person registered with many different names. I solved this issue with 2 steps, and was able to leave the system wide open to honest users.

1 - I stopped the registration process from my web sight, and now you can only regester by using the ftelnet window or by telnetting in to the actual bbs site.

2 - Implemented a email verification system. I figured if you were able to supply a valid email, you would behave yourself and be welcome.

So far, it's done the trick.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
A Gamers Paradise - Over 250 Registered Online Game Doors!

--- Don't eat the yellow snow!
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Re: bots // Adobe After Effects Crack
By: DesotoFireflite to John Dovey on Fri Jul 08 2022 03:21 pm

posting spam to the messgae base. MRO cought that and alerted me. I still didn't want to punish the 90% to 95% good users that register for a few childish brats. I also looked back in my user base, and found that same person registered with many different names. I solved this issue with 2 steps, and was able to leave the system wide open to honest users.

so did you check the ip address and what email address service were they using? some throw away one?

i've been trying to look for forums that are talking about how easy synchronet bbses are to compromise, but havent found anything yet.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effects Crack
By: MRO to DesotoFireflite on Fri Jul 08 2022 11:53 pm

Re: bots // Adobe After Effects Crack
By: DesotoFireflite to John Dovey on Fri Jul 08 2022 03:21 pm

posting spam to the messgae base. MRO cought that and alerted me. I
still didn't want to punish the 90% to 95% good users that register
for a few childish brats. I also looked back in my user base, and
found that same person registered with many different names. I solved
this issue with 2 steps, and was able to leave the system wide open to
honest users.

so did you check the ip address and what email address service were they using? some throw away one?

No, not this time, but I based it on the info in the user database, and how they all used the same email address and the near likeness of the username. they didn't even try to hide the fact it was the same user. Next time I will check the log, just forgot this time.

i've been trying to look for forums that are talking about how easy synchronet bbses are to compromise, but havent found anything yet.

Great, I following this tread closely, as this affects us all.

SysOp: C.G. Learn, AKA: DesotoFireflite
Valhalla Home Services! - (Synchronet) - bbs.valhallabbs.com:23
A Gamers Paradise - Over 250 Registered Online Game Doors!

---
þ Synchronet þ Valhalla Home Services þ USA þ http://valhalla.synchro.net

Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
v4

; Allow new users to register via the web interface (default: no) user_registration = false

If you don't allow web registrations, is there a screen that will give the
user instructions on how to register so they can access the web interface?

Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised
that several of them only knew "how to BBS" via a web interface. Getting
legit users like that to register via another means without instruction
would be difficult.


* SLMR 2.1a * Boss spelled backwards is "double SOB".

---
þ Synchronet þ CAPCITY2 * capcity2.synchro.net * Telnet/SSH:2022/Rlogin/HTTP

Re: bots // Adobe After Effec
By: Dumas Walker to DIGITAL MAN on Sun Jul 10 2022 02:48 pm

Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.

yeah i know there's a few people that are like that. i'm not sure who brought them in. they could always use a newsreader program with synchronet.

i'm not sure if they were even using synchronet and using some other web inteface like ozzmosis.
---
þ Synchronet þ ::: BBSES.info - free BBS services :::

Re: bots // Adobe After Effec
By: Dumas Walker to DIGITAL MAN on Sun Jul 10 2022 02:48 pm

Yup, that's already the default for ecWeb per http://wiki.synchro.net/config:w
v4

; Allow new users to register via the web interface (default: no) user_registration = false

If you don't allow web registrations, is there a screen that will give the user instructions on how to register so they can access the web interface?

So long as the BBS has a "guest" account, ecWeb still allows access to the web interface without authenticating. Guest's normally cannot post messages, so while they can still browse/read without authenticating, they cannot post messages (e.g. SPAM).

Back when a certain fidonet board went down, there were a bunch of users looking for a new place to read the COOKING echo. I was really surprised that several of them only knew "how to BBS" via a web interface. Getting legit users like that to register via another means without instruction would be difficult.

ecWeb is very extensible, so the sysop can add additional instruction text or pages, as they see fit, very easily.
--
digital man (rob)

Rush quote #37:
Ignorance and prejudice and fear go hand in hand
Norco, CA WX: 78.8øF, 52.0% humidity, 3 mph E wind, 0.00 inches rain/24hrs
---
þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net

On 7/7/22 08:14, DaiTengu wrote:

I had that problem a few years back. I disallowed HTTP registrations.

I thought about allowing HTTP users to register, and then putting them
into a separate security group to be manually validated with access to
post locally only, but it just didn't seem worth it, and I wasn't sure
if I could segregate HTTP registrations off from regular BBS signups.

Should be super easy to change the security level for new HTTP users.
Should also be easy enough to integrate an email validation for both
telnet and internet users. Working on doing an email and sms validation before being able to create an account, and having users login with
their registered email address.

That said, using say 40 for new user security level vs. 50 should be a
pretty easy edit on ecweb or the older runescape web.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

On 7/7/22 13:40, DaiTengu wrote:

Honestly it probably would have been easier to create some kind of
database bridge between SMB and MySQL

Would love something like that myself... though PostgreSQL (can't stand MySQL).
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com

On 7/7/22 21:06, MRO wrote:

vBulletin is just another web interface though, isn't it?

yeah but it's good and it's not slow. the synchronet web interface is
slow usually. vbulletin is just better all around.

I think that's mostly down to Synchronet's access model for data, you
can largely work around those issues with a good caching proxy in front
of it. Some refactoring of the UI/API access and some form of caching
service would be really helpful, but a lot of work.

Not sure if it's feasible to have the SMB index in memory at the service level, that would probably boost web and nntp access quite a bit. Beyond
that would be a request for a given

who was that? i only know of you, me and hax0r from unknownrealm
running vbulletin with the nntp hack. if you have your shit wide
open, of course you are going to have spam bots.

this spamming on the synchronet web interface seems to be a lot more prominent now. like i said, i think someone knows about synchronet
and created a kiddy script for it.

Probably... there's a lot of spam that gets into echojs.com, but I try
to clean it up at least once a day.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
þ Synchronet þ Roughneck BBS - roughneckbbs.com