Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

6 May, 2024: The networking issue during the past two days has been identified and appears to be fixed. Will keep monitoring.

computers / alt.bbs.synchronet / Re: Ransomware

SubjectAuthor
* Re: Ransomwarepaulie420
`* Re: Ransomwaredragon
 `* Re: RansomwareTracker1
  `- Re: RansomwareMRO

1
Re: Ransomware

<60B84DED.43634.sync@vert.synchro.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13598&group=alt.bbs.synchronet#13598

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!feeder1.feed.usenet.farm!feed.usenet.farm!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer03.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx20.iad.POSTED!not-for-mail
From: paulie...@BEERS20.remove-if5-this (paulie420)
Subject: Re: Ransomware
Message-ID: <60B84DED.43634.sync@vert.synchro.net>
X-Comment-To: dragon
Newsgroups: alt.bbs.synchronet
X-FTN-PID: Synchronet 3.19a-Linux master/270ca8500 May 21 2021 GCC 8.3.0
X-FTN-MSGID: 43634.sync@1:103/705 251e2e5f
X-FTN-CHRS: CP437 2
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 21
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Thu, 03 Jun 2021 03:35:15 UTC
Date: Wed, 2 Jun 2021 20:15:00 +0000
X-Received-Bytes: 1511
 by: paulie420 - Wed, 2 Jun 2021 20:15 UTC

To: dragon
dr> > Has anyone ever experienced this or can this ever happen to SBBS in the
dr> > future?
dr> >
dr> > $ The Millionaire $
dr> >
dr> > ---
dr> > ¿ Synchronet ¿ Vertrauen ¿ Home of Synchronet ¿ [vert/cvs/bbs].synchro
dr> >
dr>
dr> If you Google how most ransomware works, your question will mostly
dr> answer itself.

As much as I don't want to - I disagree. Theres several different ransomware scenerios. And one could certainly hem up a BBS server. I mean - easily. I don't think it would happen, but... I bet you could learn enough to hem 2o up.

|07p|15AULIE|1142|07o
|08.........
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Re: Ransomware

<60B931C5.34362.dove-syncdisc@bbs2.ipingthereforeiam.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13603&group=alt.bbs.synchronet#13603

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!4.us.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!feeder5.feed.usenet.farm!feeder1.feed.usenet.farm!feed.usenet.farm!news.uzoreto.com!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer02.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx02.iad.POSTED!not-for-mail
From: dra...@IPTIA.remove-1i-this (dragon)
Subject: Re: Ransomware
Message-ID: <60B931C5.34362.dove-syncdisc@bbs2.ipingthereforeiam.com>
X-Comment-To: paulie420
Organization: IPTIA
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60B84DED.43634.sync@vert.synchro.net>
References: <60B84DED.43634.sync@vert.synchro.net>
X-FTN-PID: Synchronet 3.17c-Win32 Oct 8 2019 MSC 1922
X-FTN-MSGID: 43644.sync@1:103/705 251f39ef
X-FTN-REPLY: 43634.sync@1:103/705 251e2e5f
X-FTN-CHRS: UTF-8 4
WhenImported: 20210603154717-0400 c12c
WhenExported: 20210603183630-0400 c12c
ExportedFrom: IPTIA dove-syncdisc 34362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101Thunderbird/78.10.2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 43
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Thu, 03 Jun 2021 22:36:41 UTC
Date: Thu, 3 Jun 2021 15:47:17 -0400
X-Received-Bytes: 2660
 by: dragon - Thu, 3 Jun 2021 19:47 UTC

To: paulie420
On 6/2/2021 4:15 PM, paulie420 wrote:
> dr> > Has anyone ever experienced this or can this ever happen to SBBS in the
> dr> > future?
> dr> >
> dr> > $ The Millionaire $
> dr> >
> dr> > ---
> dr> > � Synchronet � Vertrauen � Home of Synchronet � [vert/cvs/bbs].synchro
> dr> >
> dr>
> dr> If you Google how most ransomware works, your question will mostly
> dr> answer itself.
>
> As much as I don't want to - I disagree. Theres several different ransomware scenerios. And one could certainly hem up a BBS server. I mean - easily. I don't think it would happen, but... I bet you could learn enough to hem 2o up.
>
>
>
> |07p|15AULIE|1142|07o
> |08.........
>

You disagree that you could learn enough via Google to understand if or
how ransomware might affect a BBS?

Just for fun, I can think of a couple of scenarios where ransomware
COULD be successful on a BBS.

* User uploads infected executable and sysop runs it.

* BBS or door has a backdoor that allows user to upload and run infected
executable.

* BBS has a buffer overflow vulnerability in one of its services that
allow upload and execution.

Basically, the same issues that affect any software connected to the
Internet.

---
� Synchronet � IPTIA - bbs2.ipingthereforeiam.com
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Re: Ransomware

<60D8CDF5.39255.dove-syncdisc@roughneckbbs.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13720&group=alt.bbs.synchronet#13720

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!paganini.bofh.team!news.dns-netz.com!news.freedyn.net!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer03.ams1!peer.ams1.xlned.com!news.xlned.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx45.iad.POSTED!not-for-mail
From: track...@TRN.remove-qy-this (Tracker1)
Subject: Re: Ransomware
Message-ID: <60D8CDF5.39255.dove-syncdisc@roughneckbbs.com>
X-Comment-To: dragon
Organization: Roughneck BBS
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60B931C5.34362.dove-syncdisc@bbs2.ipingthereforeiam.com>
References: <60B931C5.34362.dove-syncdisc@bbs2.ipingthereforeiam.com>
X-FTN-PID: Synchronet 3.18c-Linux HEAD/0634130 Mar 14 2021 GCC 6.3.0
X-FTN-MSGID: 43793.sync@1:103/705 253ee5e1
X-FTN-REPLY: 43644.sync@1:103/705 251f39ef
X-FTN-CHRS: UTF-8 4
WhenImported: 20210627191357Z 0000
WhenExported: 20210627230757Z 0000
ExportedFrom: TRN dove-syncdisc 39255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101Thunderbird/78.10.2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 21
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Sun, 27 Jun 2021 23:08:03 UTC
Date: Sun, 27 Jun 2021 12:13:55 -0700
X-Received-Bytes: 2133
 by: Tracker1 - Sun, 27 Jun 2021 19:13 UTC

To: dragon
On 6/3/2021 12:47 PM, dragon wrote:
>
> You disagree that you could learn enough via Google to understand if or
> how ransomware might affect a BBS?
> ...
> Basically, the same issues that affect any software connected to the
> Internet.

Given the ageing JS runtime Synchronet uses, it might be possible to go
through older CVEs, looking at how sync and spidermonkey use input in
the telnet or services, it's entirely possible to come up with
something... but would in general be a lower value target, if such a
thing were done, would most likely be to target a particular someone,
such as a self-proclaimed millionaire.
--
Michael J. Ryan - tracker1@roughneckbbs.com
---
■ Synchronet ■ Roughneck BBS - roughneckbbs.com
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

Re: Ransomware

<60D936D1.4730.sync@bbses.info>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=13730&group=alt.bbs.synchronet#13730

  copy link   Newsgroups: alt.bbs.synchronet
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!4.us.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!news.uzoreto.com!newsfeed.xs4all.nl!newsfeed9.news.xs4all.nl!news-out.netnews.com!news.alt.net!fdc3.netnews.com!peer01.ams1!peer.ams1.xlned.com!news.xlned.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx47.iad.POSTED!not-for-mail
From: mro...@BBSESINF.remove-pdj-this (MRO)
Subject: Re: Ransomware
Message-ID: <60D936D1.4730.sync@bbses.info>
X-Comment-To: Tracker1
Organization: bbses.info
Newsgroups: alt.bbs.synchronet
In-Reply-To: <60D8CDF5.39255.dove-syncdisc@roughneckbbs.com>
References: <60D8CDF5.39255.dove-syncdisc@roughneckbbs.com>
X-FTN-PID: Synchronet 3.18b-Win32 Sep 20 2020 MSC 1927
X-FTN-MSGID: 43803.sync@1:103/705 253f1b35
X-FTN-REPLY: 43793.sync@1:103/705 253ee5e1
X-FTN-CHRS: CP437 2
WhenImported: 20210627214121-0500 c168
WhenExported: 20210627215515-0500 c168
ExportedFrom: BBSESINF sync 4730
Content-Type: text/plain; charset=IBM437
Content-Transfer-Encoding: 8bit
X-Gateway: vert.synchro.net [Synchronet 3.19a-Win32 NewsLink 1.113]
Lines: 12
X-Complaints-To: https://www.astraweb.com/aup
NNTP-Posting-Date: Mon, 28 Jun 2021 02:55:27 UTC
Date: Sun, 27 Jun 2021 21:41:21 -0500
X-Received-Bytes: 1451
 by: MRO - Mon, 28 Jun 2021 02:41 UTC

To: Tracker1
Re: Re: Ransomware
By: Tracker1 to dragon on Sun Jun 27 2021 12:13 pm

> thing were done, would most likely be to target a particular someone,
> such as a self-proclaimed millionaire.

he doesnt even run a bbs
---
■ Synchronet ■ ::: BBSES.info - free BBS services :::
--- Synchronet 3.19a-Win32 NewsLink 1.113
* Vertrauen - Riverside County, California - telnet://vert.synchro.net

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor