PROBLEMA Strani eventi nel LOG del mio router

Pubblicità
Stato
Discussione chiusa ad ulteriori risposte.
PlayHard

PlayHard

Utente Attivo
Messaggi
555
Reazioni
101
Punteggio
42
Buonasera ragazzi,
da qualche giorno sto avendo continue disconnessioni sulla mia linea, all'inizio pensavo fosse un problema momentaneo, quando ho iniziato ad accorgermi che il tutto fosse ciclico e sempre in determinati orari ho iniziato a farmi qualche domanda. Indagando nel router che mi ha mandato Tiscali, il mio gestore, sono venute fuori nel log voci stranissimi che fanno riferimento ad IP asiatici e americani, ed alcune allarmanti voci che dicono chiaramente
"...tried to log in IP:stranoipcinese...".
Ora non sono molto esperto, quindi vi posto il log completo nascondendo solo il mio IP, chiamando Tiscali mi hanno detto che ci avrebbero pensato loro ma passata quasi una settimana non è successo nulla, quindi meglio chiedere a voi che sicuramente siete più preparati e ne sapete più di quelli al centralino.
Per informazioni il router è lo schifosissimo Technicolor TG582n.

Log:
Eventi registrati
[TABLE="class: edittable, width: 100%"]
[TR]
[TD="class: black, bgcolor: #000000, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TH="class: js_right, bgcolor: #666666, align: left"][/TH]
[TH="class: js_right, bgcolor: #666666, align: left"]Ora[/TH]
[TH="class: js_right, bgcolor: #666666, align: left"]Messaggio[/TH]
[TH="bgcolor: #666666, colspan: 2"][/TH]
[/TR]
[TR]
[TD="colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: black, bgcolor: #000000, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 9 00:20:53[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGIN User admin logged in on [HTTP] (from 192.168.1.94)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 9 00:13:06[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]SNTP Synchronised to server: 104.41.150.68[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll00__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 9 00:04:53[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 82.202.74.85 Dst ip: mioIP Type: Destination Unreachable Code: Port Unreacheable[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 23:45:55[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN User root tried to log in on TELNET (41.253.6.3)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll00__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 23:24:57[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 71.105.163.121 Dst ip: mioIP Type: Destination Unreachable Code: Port Unreacheable[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 23:13:06[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]SNTP Synchronised to server: 191.233.81.105[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll00__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 23:08:02[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 61.143.94.200 Dst ip: mioIP Type: Destination Unreachable Code: Port Unreacheable[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll00__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 22:59:39[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 46.105.105.16 Dst ip: mioIP Type: Destination Unreachable Code: Port Unreacheable[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll00__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 22:40:40[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 171.80.55.15 Dst ip: mioIP Type: Destination Unreachable Code: Port Unreacheable[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 22:39:21[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN User admin tried to log in on TELNET (67.52.122.30)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 22:39:02[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGIN User admin tried to log in on TELNET (67.52.122.30)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 22:38:40[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN User root tried to log in on TELNET (67.52.122.30)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 22:38:19[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGIN User root tried to log in on TELNET (67.52.122.30)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll04__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 22:13:03[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]SNTP Roundtrip exceeds limits[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll04__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 22:13:00[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]SNTP Invalid response from server 23.101.187.68[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:28:39[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN wireless station [c0:ee:fb:24:a4:46] can't get authorized.[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:17:26[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]CONFIGURATION saved by TR69[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:17:03[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]FIREWALL event (1 of 2): deleted rules[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll04__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:17:03[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]PPP link up (Internet) [mioIP][/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:17:03[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]PPP CHAP Receive success (Internet)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:17:03[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]PPP CHAP Receive challenge from rhost c72g2.rmc-eth8 (Internet)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:16:41[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]FIREWALL event (1 of 2): modified rules[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:16:41[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]FIREWALL event (1 of 2): created rules[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll04__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:16:41[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]PPP link down (Internet) [mioIP][/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:14:29[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGIN User admin tried to log in on TELNET (27.74.198.23)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:14:15[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN User admin tried to log in on TELNET (27.74.198.23)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:13:58[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGIN User root tried to log in on TELNET (27.74.198.23)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"]
ll07__md.gif
[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"]May 8 21:13:44[/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"]LOGIN User root tried to log in on TELNET (27.74.198.23)[/TD]
[/TR]
[TR]
[TD="class: evenrow, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: oddrow, width: 33%, bgcolor: #CACACA"]
ll07__md.gif
[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, align: left"]May 8 21:13:33[/TD]
[TD="class: oddrow js_right, bgcolor: #CACACA, colspan: 3, align: left"]LOGOUT User logged out on TELNET (mioIP)[/TD]
[/TR]
[TR]
[TD="class: oddrow, bgcolor: #CACACA, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2, colspan: 5"]
spacer.gif
[/TD]
[/TR]
[TR]
[TD="class: evenrow, width: 33%, bgcolor: #E2E2E2"][/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, align: left"][/TD]
[TD="class: evenrow js_right, bgcolor: #E2E2E2, colspan: 3, align: left"][/TD]
[/TR]
[/TABLE]

Vi ringrazio anticipatamente, ovviamente sono disponibile a fornire ogni info
 
in alcune reti da me gestite, vedo dall'asia circa 1000/1500 tentativi di accessi malevoli ogni 5 minuti...il problema vero è per tutto quello non viene loggato...fino a quando vengono intercettati tutto bene, ma il telnet dalla porta esterna lo chiuderei prima di accendere qualsiasi cosa...
 
raulico ha detto:
in alcune reti da me gestite, vedo dall'asia circa 1000/1500 tentativi di accessi malevoli ogni 5 minuti...il problema vero è per tutto quello non viene loggato...fino a quando vengono intercettati tutto bene, ma il telnet dalla porta esterna lo chiuderei prima di accendere qualsiasi cosa...
Clicca per espandere...

Ovviamente nel fantastico router fornito da Tiscali quando provo ad andare a toccare porte e firewall mi dice "questo livello è protetto e non configurabile". Anche a costo di perderci la garanzia posso flasharlo con un firmware un po' più aperto così almeno non devo spendere altri soldi per prendere un router?
 
Stato
Discussione chiusa ad ulteriori risposte.
Pubblicità
Pubblicità
Indietro
Top