Subj : Re: Port 23, Telnet, and Internet Background Radiation To : DustCouncil From : esc Date : Sun Feb 05 2023 15:31:21 Du> Curious about a conversation of some weeks ago regarding noise on the Du> default telnet port (port 23), I downloaded the latest BBS list from the Du> Telnet BBS Guide and did a count of the most popular ports bulletin board Du> systems were listening on. Love the honeypot writeup. I did something similar years ago and my results were largely the same. The way I mitigate these botnets myself on my BBS are through country denylists (you mention China - yep, they're blocked) as well as smart IP blocking. It's not a 100% solution but my nodes aren't typically tied up by these botnets so I must be doing something right. *shrug* I agree that having a community-adopted "new default" port (vs 23) would be ideal. Particularly for Sysops that want to use some sort of legacy BBS platform which does not have all the auto blocking logic of Synchronet or Mystic built-in. Du> hobbies. Some dudes surf. Some work on classic cars. I monitor my Du> ports. Chicks. Dig me. For this. Like surfers. I...I'm cool.) Here, here! Hey, I build honeypots /and/ work on classic cars! Kudos to me! hehe Du> For the month of January 2002, these are the top ports in /etc/services January 2022? or 2023? Du> It's interesting to me that in 2023, telnet is the most thwacked of all Du> ports, when it is largely considered deprecated. Not only that, it is Du> the top port by a very large margin. I think 23 is a huge IOT vulnerability, which is what these botnets seek to exploit. All the toasters that are online for absolutely no reason at all provide an entrypoint to botnets to infiltrate homes. It's pretty disturbing. Du> If anyone is interested in more details about this, I put the logs Du> online. They include some nice credential pairs, if you want to Sweet deal, I'm curious about this for sure. Du> http://shibboleths.org/ibr/ Also kudos for the domain here :) Having worked in product support, we had a running joke about shibboleth... --- Mystic BBS v1.12 A48 (Linux/64) * Origin: m O N T E R E Y b B S . c O M (21:4/173) .