Hello Don,
Many thanks for the info. Unfortunately the BPQ32/FBB gateway user seems to present the sysop's FBB gateway callsign to JNOS which happens to be the only ftpuser with the sysop bit set. Hence if you don't put an mbox password in autoexec.nos file, free access! But yes, I have added the mbox password and the outside user does get the 5 digit password. I do not use the JNOS mbox so that's why I have been caught out.
The real answer of course is never enable the FBB BBS gateway if it has telnet access and other connections. I hope this has helped others with a similar setup.
Regards
-----Original Message----- From: 44net-bounces+vk1kw=netspace.net.au@hamradio.ucsd.edu [mailto:44net-bounces+vk1kw=netspace.net.au@hamradio.ucsd.edu] On Behalf Of Don Moore Sent: Sunday, February 01, 2015 12:06 AM To: AMPRNet working group Subject: Re: [44net] JNOS2 vulnerable to outside hack
(Please trim inclusions from previous messages) _______________________________________________ You can set up a password for that. In your autoexec.nos file at the following line.
mbox password <newpassword>
This sets a new remote sysop password. A remote sysop is a user whose entry in the ftpusers file has the SYSOP_CMD bit set. When a remote sysop enters the '@' command to the Jnos mailbox, and there is a non-null mbox password established, five random numbers are displayed. The remote sysop is expected to then transmit the letters corresponding to these numbers, taken as zero-relative positions in the password string. Several lines of five letters can be sent, only one of which need be correct. The last line sent must be empty, ie, just a CR. If the response is correct, the remote sysop is then given the Jnos command-line prompt, and may issue most Jnos console commands. Commands which would require creation of a new session are disallowed. Use the "exit" command to exit from the Jnos command level.
On Sat, Jan 31, 2015 at 7:51 AM, vk1kw vk1kw@netspace.net.au wrote:
(Please trim inclusions from previous messages) _______________________________________________ Hello All,
Please be advised that if you run FBB BBS with outside telnet access thru BPQ32 and have the FBB gateway enabled, someone may connect to JNOS via the gateway and the internal RS232 ports and execute the '@' command on the JNOS prompt line. This gives access to Linux Directories etc.
I have not seen the '@' command mentioned in the JNOS2j documentation so not sure where it gets compiled in so if you could maybe help me there please? It does not seem to be in the DOS options and not the 'ED' definition as both are undefined.
Also my compile of JNOS2j completes ok with no 'success' indications and produces a file it seems but suffers from the dreaded crash a few minutes after it runs - I suspect it is the open port problem but yet to check that out.
Cheers Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
-- cheers, Don