• Usenet Part Deux, Firewalling & Privacy

    From Dave to All on Fri Jul 22 07:02:15 2022
    Usenet now appears to by syncing up. There are a lot of errors I need to tidy up - they seem to be around groups that don't exist, but do, but don't. Yeah, I'm confused too. It's a work in progress.

    I've increased the node count overnight, jacked up the CPU and RAM as well. The Usenet processes burn up a lot of CPU and they run frequently. The node counts have been increased simply to deal with the fact that nodes keep being tied up by bot traffic. SSH and Telnet ports are horrendous things to keep open. For SSH they simply don't get far given the authentication requirement. For Telnet, most bots simply don't know how to deal with the amount of information thrown at them upon connection and just sit there with the connection timing out.

    There is an IPS sitting between the Internet and the server and it does actively nuke anything trying to do things it shouldn't - and possibly occasionally things that are OK, but it's just not sure about. I am also dumping IPs that are doing things they shouldn't (like blindly tying up nodes for too long without logging in, then trying again repeatedly).

    We're not quite appearing on the Synchronet BBS list properly - on this side, it's all OK. On the Synchronet side, it seems to have registered our original connection (which occurred with the DOVENET sync), but nothing since - including showing the connection options. That list updates once a day, so it's not exactly easy to troubleshoot.

    Privacy - something we've all become used to as good Netizens is the delusion of privacy online. BBSes really didn't do it as well, so for the sake of transparency:

    - I literally had to turn off echoing of passwords on the console to stop them appearing in plain text on the console screen. No, I don't want to see them and I have no interest in them... which is why I turned them off. It's a good idea though to ensure that you're not recycling passwords. If the software becomes compromised, someone familiar with it would find it trivial to re-enable it.
    - Your messages can be seen by SysOps. We can quite simply, see everything you send and receive. I have no interest in it unless you give me a reason to, but they make it easier than O365 does.
    - I can see your sessions. In fact, right now I'm literally spying on node 1. I *can* see what you see. I don't really care to, and I'm not doing it to spy on active users. I'm actually just using it determine if a heap of connection behaviours are consistent with bots, then throwing them at the firewall. Bots out. Humans in.

    I have no interest in your messages, or how you're going playing Star Trek. Just understand that SysOps as a rule have a lot of visibility to what is going on, so privacy is a courtesy rather than some assumed right. This isn't some magic stuff I've hacked into the software - it's just the level of access SysOps have out of the box.