短暂开了一下Telnet和SSH,就被疯狂扫描,但看不见扫描者的IP
本帖最后由 都灵蒙特 于 2017-7-20 09:15 编辑因为迅雷不能用了,想试试远程调一下,短暂开了一下Telnet、SSH和22端口,结果都还没开始远程调试,家里路由器的IP地址 就被群晖自己封锁了,回到家,从内网进入日志事件,发现这扫描的也太厉害了,如下红色都是非法扫描的,直接导致了IP封锁。
但问题是,为什么群晖记录不到这些扫描者的IP地址,包括我自己从公司远程登陆也显示的是路由器的网关地址,如果只封锁扫描者的IP地址,也不至于路由器被封锁,这就影响了我正常远程的登陆,请问如何解决这种问题。
优先层级日志日期 & 时间用户事件
Information连接2017/07/20 08:43:24adminUser logged in from via .
Warning连接2017/07/20 07:23:46SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/20 07:21:05SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/20 07:20:57SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 23:10:08SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 22:58:37SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 21:59:45SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 21:05:20SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 21:00:21SYSTEMUser from failed to log in via due to authorization failure.
Information连接2017/07/19 20:49:47TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:05TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:05TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:04TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:03TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:03TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:03TVCIFS client from accessed the shared folder [下载].
Information连接2017/07/19 20:28:03TVCIFS client from accessed the shared folder [下载].
Information连接2017/07/19 20:28:03TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:02TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:02TVCIFS client from accessed the shared folder .
Information连接2017/07/19 20:28:02TVCIFS client from accessed the shared folder [互联网资源工具].
Information连接2017/07/19 20:28:02TVCIFS client from accessed the shared folder [互联网资源工具].
Information连接2017/07/19 20:27:16adminUser logged in from via .
Warning连接2017/07/19 20:19:04SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:31:10SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:31:05SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:31:04SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:30:59SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:30:55SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:30:50SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:30:44SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:25:11SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 18:19:13SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:41SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:35SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:29SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:23SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:17SYSTEMUser from failed to log in via due to authorization failure.
Warning连接2017/07/19 17:48:13SYSTEMUser from failed to log in via due to authorization failure.
{:8_212:} 看来耍难倒人了 你的路由器做的NAT有问题吧?
把外网进来的IP NAT成了网关地址
或者你是二级路由器? 孤城的守夜人 发表于 2017-7-20 13:08
你的路由器做的NAT有问题吧?
把外网进来的IP NAT成了网关地址
不是二级路由,用的是斐讯K2,下挂一个交换机,内网都是走的交换机 之前ROS没关端口也是一直被尝试登陆,后来关了就没事了 你设备认为攻击源为路由器的IP,应该是你端口映射的时候做错了吧?
外网IP访问内外设备的时候被NAT为了路由器的LAN地址
页:
[1]