Synchronet v3.19b-Win32 (install) has been released (Jan-2022).

You can donate to the Synchronet project using PayPal.

This is an old revision of the document!

Hardening the Synchronet Servers

FIXME - Place Holder regarding Hardening Synchronet

Identifing your version of Synchronet

Use of this document requires you to know which version of the software you are using. To identify what version of Synchro you are using follow these steps:

On linux run: exec/sbbs - The version will be listed on the first line. On Windows: TODO

Hardening Suggestions for 3.16:

  • Passwords should not be echo'd to the log/console
    • Set SCFG->System->Toggle Options->Echo Passwords Locally to “No”.
  • Disable passwords being sent in emails
    • Set email_passwords=false in the [login] section of the ctrl/modopts.ini file
  • Disable Showing Version information to clients
    • TODO

See Also


Trace: Hardening the Synchronet Servers