Have 30 to 50 of these messages per day after I installed the New FIOS Quantum Router. Am I being attacked?
src={edited for privacy} = these id numbers change all the time.
NOTE I HAVE Wi-Fi Protected Setup (WPS) OFF!
Jun 2 01:17:09 2017ulogd[664]notice<173> Blocked IN=eth0 OUT= MAC=48:5d:36:e4:a0:dd:f4:b5:2f:01:57:c2:08:00 src={edited for privacy} DST={edited for privacy} LEN=52 TOS=00 PREC=0x00 TTL=58 ID=60937 DF PROTO=TCP SPT=443 DPT=53950 SEQ=12866182 ACK=2344947956 WINDOW=118 ACK URGP=0 MARK=0
Looks like typical Internet noise.
The IP address provided in that Firewall log is coming from an Opera Mini Proxy service. So likely it is someone's browser trying to access an HTTP server which was previously residing on the public IP addres you now have.
may want to edit this post.
You have publicly posted your IP address for your router.
Someone that knows router security deficiencies could access it.
Smith - Long time since I was on DSL Reports and got your great help and advice. Nice to see you here!
I just got my 1Gbps FIOS two days ago and have now read identical entries in my Quantum Security Log. I looked up a few source IPs. A few were from Google. At least one was from Avast, which I use for AV. One was from windows.com of Microsoft. But one was located in Moscow!
Hostname hosted-by.ihc.ru IP 178.57.222.100 Domain ihc.ru Organization IHC.RU network in Digital Hub Location Russia
This is exciting! Putin's boys want to spy on me!!! (I think they'll die of boredom.)
Anyway, for the one entry indicating that a something from Avast was "Blocked" -- do I need to do anything? I would think not because Avast has always been able to update itself.
Just close out and go have breakfast, yes?
But - is there any app that will watch the security log and make me an additional log that will automatically show the actual owners of the IP addresses? So I don't have to look them up manually?
Thanks, Smith!
Start a new topic or ask questions in the open forum.
