Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

F2000 intrusion logs

  • 04-01-2018 6:18pm
    #1
    Cork981
    Registered Users, Registered Users 2 Posts: 799 ✭✭✭


    Got an F2000 and watching the logs I see regular intrusion security warnings with IPs from various cloud hosting providers (burner VPS)

    I done my own Nessus Scan on my public IP and none of the ports alerted on appear open, the F2000 doesn’t even reply to ICMP requests as expected.

    Im also seeing this on my IPv6 public IP

    I accept the fact a public IP will constantly be scanned for open ports but why does the F2000 alert indicating an intrusion on what appears to be a standard scan ?

    Does anyone else see this ?

    Intrusion ->
    SRC=77.72.82.80 DST=86.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=1270 PROTO=TCP SPT=40966 DPT=6580 WINDOW=1024 RES=0x00 SYNURGP=0
    2018-01-04 05:06:22

    Security Warning Intrusion -> SRC=191.101.167.247 DST=86.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37751 PROTO=TCP SPT=54937 DPT=1187 WINDOW=1024 RES=0x00 SYNURGP=0
    2018-01-03 21:02:12

    Security Warning Intrusion -> SRC=2a00:1450:400b:0c00:0000:0000:0000:0061 DST=2001:0bb6:262xxxxxxxxxxx LEN=60 TC=0 HOPLIMIT=50 FLOWLBL=172561 PROTO=TCP SPT=443 DPT=56776 WINDO


Comments

  • #2
    Cuddlesworth
    Registered Users, Registered Users 2 Posts: 14,012 ✭✭✭✭Cuddlesworth


    Everything with a public IP gets hammered constantly with connection attempts. Your device is just logging them.


Advertisement