Beiträge von MrYoshii
-
-
Here some information about your visitor.
Presuming you have a standard setup:
Internet->Router->Clients with NAT etc.
No port forwards.Then IMHO the only way is that the communication is initiated by a source in your LAN.
what can i do with this informations?
-
Und Du hast sicherlich die Release-Notes gelesen und kannst einen Hinweis geben, ob das ein Brückenkopf gewesen sein könnte.
Leider gibt es im Webinterface keine release-notes und im Internet finde ich auch nichts und was ist ein Brückenkopf?
-
Here some information about your visitor.
Presuming you have a standard setup:
Internet->Router->Clients with NAT etc.
No port forwards.Then IMHO the only way is that the communication is initiated by a source in your LAN.
in my network there are 2 router (no UPnP), 1gb switch, nas, 2PCs, and some SmartPhones
-
Meinst Du, wir googeln jetzt für Dich, ob Dein Router Probleme hat? Das schaffst Du doch selbst...
Das war auch nicht mein Wunsch
hab jetzt mal ein Firmwareupdate am Router gemacht -
Check this:
Netzwerkcheck-2114.html
I am pretty sure that there are forwarded ports.
Otherwise the ssh connection attempts would be blocked by your router.
Perhaps some UPnP opens the door.Dieser Test zeigt nur die unter Umständen problematischen Ergebnisse
aller Einzel-Tests kompakt auf einer Seite; für ausführlichere Resultate machen Sie bitte die jeweiligen Einzel-Tests.Nur rote Zeilen bedeuten ein mögliches Problem.
Gratulation, der Test hat keine Probleme gefunden.i think the ports are closed
Zitat...the Router could be a problem?
router model: PRGAV4202N2
-
Here is the auth.log
Code
Alles anzeigenMay 28 22:11:42 HomeServer sshd[3153]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:11:51 HomeServer sshd[3155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:11:52 HomeServer sshd[3155]: Failed password for root from 122.195.189.84 port 37825 ssh2 May 28 22:11:55 HomeServer sshd[3155]: Failed password for root from 122.195.189.84 port 37825 ssh2 May 28 22:11:58 HomeServer sshd[3155]: Failed password for root from 122.195.189.84 port 37825 ssh2 May 28 22:11:59 HomeServer sshd[3155]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:11:59 HomeServer sshd[3155]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:07 HomeServer sshd[3157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:09 HomeServer sshd[3157]: Failed password for root from 122.195.189.84 port 33244 ssh2 May 28 22:12:12 HomeServer sshd[3157]: Failed password for root from 122.195.189.84 port 33244 ssh2 May 28 22:12:14 HomeServer sshd[3157]: Failed password for root from 122.195.189.84 port 33244 ssh2 May 28 22:12:14 HomeServer sshd[3157]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:12:14 HomeServer sshd[3157]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:22 HomeServer sshd[3159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:25 HomeServer sshd[3159]: Failed password for root from 122.195.189.84 port 56165 ssh2 May 28 22:12:27 HomeServer sshd[3159]: Failed password for root from 122.195.189.84 port 56165 ssh2 May 28 22:12:30 HomeServer sshd[3159]: Failed password for root from 122.195.189.84 port 56165 ssh2 May 28 22:12:31 HomeServer sshd[3159]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:12:31 HomeServer sshd[3159]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:39 HomeServer sshd[3162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:41 HomeServer sshd[3162]: Failed password for root from 122.195.189.84 port 52260 ssh2 May 28 22:12:43 HomeServer sshd[3162]: Failed password for root from 122.195.189.84 port 52260 ssh2 May 28 22:12:46 HomeServer sshd[3162]: Failed password for root from 122.195.189.84 port 52260 ssh2 May 28 22:12:46 HomeServer sshd[3162]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:12:46 HomeServer sshd[3162]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:55 HomeServer sshd[3164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:12:57 HomeServer sshd[3164]: Failed password for root from 122.195.189.84 port 48011 ssh2 May 28 22:12:59 HomeServer sshd[3164]: Failed password for root from 122.195.189.84 port 48011 ssh2 May 28 22:13:02 HomeServer sshd[3164]: Failed password for root from 122.195.189.84 port 48011 ssh2 May 28 22:13:02 HomeServer sshd[3164]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:13:02 HomeServer sshd[3164]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:13:10 HomeServer sshd[3166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:13:12 HomeServer sshd[3166]: Failed password for root from 122.195.189.84 port 45431 ssh2 May 28 22:13:16 HomeServer sshd[3166]: Failed password for root from 122.195.189.84 port 45431 ssh2 May 28 22:13:19 HomeServer sshd[3166]: Failed password for root from 122.195.189.84 port 45431 ssh2 May 28 22:13:19 HomeServer sshd[3166]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:13:19 HomeServer sshd[3166]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:13:28 HomeServer sshd[3168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:13:31 HomeServer sshd[3168]: Failed password for root from 122.195.189.84 port 47328 ssh2 May 28 22:13:33 HomeServer sshd[3168]: Failed password for root from 122.195.189.84 port 47328 ssh2 May 28 22:13:35 HomeServer sshd[3168]: Failed password for root from 122.195.189.84 port 47328 ssh2 May 28 22:13:36 HomeServer sshd[3168]: Received disconnect from 122.195.189.84: 11: [preauth] May 28 22:13:36 HomeServer sshd[3168]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.189.84 user=root May 28 22:14:22 HomeServer sshd[3174]: Accepted password for root from 192.168.0.78 port 56830 ssh2 May 28 22:14:22 HomeServer sshd[3174]: pam_unix(sshd:session): session opened for user root by (uid=0) May 28 22:15:01 HomeServer CRON[3222]: pam_unix(cron:session): session opened for user root by (uid=0) May 28 22:15:03 HomeServer CRON[3222]: pam_unix(cron:session): session closed for user root May 28 22:15:53 HomeServer sshd[3298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.160.51 user=root May 28 22:15:55 HomeServer sshd[3298]: Failed password for root from 222.186.160.51 port 34121 ssh2 May 28 22:15:57 HomeServer sshd[3298]: Failed password for root from 222.186.160.51 port 34121 ssh2 May 28 22:16:00 HomeServer sshd[3298]: Failed password for root from 222.186.160.51 port 34121 ssh2 May 28 22:16:00 HomeServer sshd[3298]: Received disconnect from 222.186.160.51: 11: [preauth] May 28 22:16:00 HomeServer sshd[3298]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.160.51 user=root May 28 22:23:25 HomeServer sshd[3482]: Failed password for root from 221.229.166.28 port 45018 ssh2 May 28 22:23:27 HomeServer sshd[3482]: Failed password for root from 221.229.166.28 port 45018 ssh2 May 28 22:23:29 HomeServer sshd[3482]: Failed password for root from 221.229.166.28 port 45018 ssh2 May 28 22:23:30 HomeServer sshd[3482]: Received disconnect from 221.229.166.28: 11: [preauth] May 28 22:23:30 HomeServer sshd[3482]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:23:37 HomeServer sshd[3505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:23:39 HomeServer sshd[3505]: Failed password for root from 221.229.166.28 port 34563 ssh2 May 28 22:23:41 HomeServer sshd[3505]: Failed password for root from 221.229.166.28 port 34563 ssh2 May 28 22:23:44 HomeServer sshd[3505]: Failed password for root from 221.229.166.28 port 34563 ssh2 May 28 22:23:44 HomeServer sshd[3505]: Received disconnect from 221.229.166.28: 11: [preauth] May 28 22:23:44 HomeServer sshd[3505]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:23:52 HomeServer sshd[3598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:23:54 HomeServer sshd[3598]: Failed password for root from 221.229.166.28 port 54854 ssh2 May 28 22:23:57 HomeServer sshd[3598]: Failed password for root from 221.229.166.28 port 54854 ssh2 May 28 22:23:59 HomeServer sshd[3598]: Failed password for root from 221.229.166.28 port 54854 ssh2 May 28 22:23:59 HomeServer sshd[3598]: Received disconnect from 221.229.166.28: 11: [preauth] May 28 22:23:59 HomeServer sshd[3598]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:24:07 HomeServer sshd[3647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.229.166.28 user=root May 28 22:24:09 HomeServer sshd[3647]: Failed password for root from 221.229.166.28 port 47785 ssh2 May 28 22:24:11 HomeServer sshd[3647]: Failed password for root from 221.229.166.28 port 47785 ssh2
-
-
-
-
-
NAS has been installed 2 days ago
have banned the Chinese in routerCode
Alles anzeigenroot@HomeServer:~# ps -A PID TTY TIME CMD 1 ? 00:00:01 init 2 ? 00:00:00 kthreadd 3 ? 00:00:26 ksoftirqd/0 5 ? 00:00:00 kworker/0:0H 7 ? 00:01:25 rcu_sched 8 ? 00:00:00 rcu_bh 9 ? 00:00:00 migration/0 10 ? 00:00:00 watchdog/0 11 ? 00:00:00 watchdog/1 12 ? 00:00:03 migration/1 13 ? 00:00:56 ksoftirqd/1 15 ? 00:00:00 kworker/1:0H 16 ? 00:00:00 khelper 17 ? 00:00:00 kdevtmpfs 18 ? 00:00:00 netns 19 ? 00:00:00 khungtaskd 20 ? 00:00:00 writeback 21 ? 00:00:00 ksmd 22 ? 00:00:00 khugepaged 23 ? 00:00:00 crypto 24 ? 00:00:00 kintegrityd 25 ? 00:00:00 bioset 26 ? 00:00:00 kblockd 29 ? 00:00:02 kswapd0 30 ? 00:00:00 fsnotify_mark 36 ? 00:00:00 kthrotld 37 ? 00:00:00 ipv6_addrconf 39 ? 00:00:00 deferwq 108 ? 00:00:00 khubd 170 ? 00:00:00 ata_sff 220 ? 00:00:00 acpi_thermal_pm 288 ? 00:00:00 scsi_eh_0 289 ? 00:00:00 scsi_tmf_0 290 ? 00:00:00 scsi_eh_1 291 ? 00:00:00 scsi_tmf_1 292 ? 00:00:00 scsi_eh_2 293 ? 00:00:00 scsi_tmf_2 294 ? 00:00:00 scsi_eh_3 295 ? 00:00:00 scsi_tmf_3 296 ? 00:00:00 scsi_eh_4 297 ? 00:00:00 scsi_tmf_4 298 ? 00:05:27 scsi_eh_5 299 ? 00:00:00 scsi_tmf_5 326 ? 00:05:27 kworker/0:1H 338 ? 00:00:00 kworker/1:1H 361 ? 00:00:00 md 369 ? 00:00:00 bioset 391 ? 00:00:02 jbd2/sdc1-8 392 ? 00:00:00 ext4-rsv-conver 531 ? 00:00:00 udevd 808 ? 00:00:00 cfg80211 819 ? 00:00:00 kpsmoused 844 ? 00:01:47 irq/46-iwlwifi 846 ? 00:00:42 irq/48-mei_me 847 ? 00:00:00 kvm-irqfd-clean 868 ? 00:00:00 kworker/u5:0 869 ? 00:00:00 hci0 870 ? 00:00:00 hci0 879 ? 00:00:00 hd-audio0 884 ? 00:00:00 kworker/u5:2 1124 ? 00:00:03 omv-engined 1777 ? 00:00:00 xfsalloc 1778 ? 00:00:00 xfs_mru_cache 1779 ? 00:00:00 xfslogd 1780 ? 00:00:00 xfs-data/md127 1781 ? 00:00:00 xfs-conv/md127 1782 ? 00:00:00 xfs-cil/md127 1783 ? 00:00:00 xfsaild/md127 2072 ? 00:00:00 bond0 2282 ? 00:00:01 hostapd 2296 ? 00:00:00 dnsmasq 2458 ? 00:00:38 freshclam 2467 ? 00:00:00 rpcbind 2485 ? 00:00:00 rpc.statd 2490 ? 00:00:00 rpciod 2492 ? 00:00:00 nfsiod 2499 ? 00:00:00 rpc.idmapd 2748 ? 00:00:26 rrdcached 2825 ? 00:00:00 mdadm 2843 ? 00:00:00 acpid 2875 ? 00:00:00 dbus-daemon 2896 ? 00:00:00 nginx 2897 ? 00:00:07 nginx 2898 ? 00:00:06 nginx 2899 ? 00:00:03 nginx 2900 ? 00:00:07 nginx 2901 ? 00:00:00 cron 2959 ? 00:00:03 avahi-daemon 2960 ? 00:00:00 avahi-daemon 2978 ? 00:00:43 collectd 2990 ? 00:00:01 sshd 3018 ? 00:00:05 cupsd 3067 ? 00:03:07 monit 3107 ? 00:00:18 watchdog 3112 tty1 00:00:00 login 3113 tty2 00:00:00 getty 3114 tty3 00:00:00 getty 3115 tty4 00:00:00 getty 3116 tty5 00:00:00 getty 3117 tty6 00:00:00 getty 3202 ? 00:00:01 php5-fpm 3203 ? 00:00:00 php5-fpm 3204 ? 00:00:00 php5-fpm 3421 tty1 00:00:00 bash 3954 ? 00:00:03 screen 3955 pts/0 00:00:00 bash 4110 pts/0 00:00:00 sudo 4111 pts/0 00:02:06 badblocks 4121 ? 00:00:01 screen 4122 pts/2 00:00:00 bash 10666 ? 00:00:01 kworker/1:2 12692 ? 00:00:02 kworker/1:0 14087 ? 00:00:00 kworker/0:1 15794 ? 00:00:00 kworker/0:0 15907 ? 00:00:00 kworker/u4:1 16050 ? 00:00:00 kworker/u4:0 16150 ? 00:00:00 sshd 16153 pts/1 00:00:00 bash 16167 ? 00:00:00 smbd 16170 ? 00:00:00 kworker/1:1 16187 pts/1 00:00:00 ps 21554 ? 00:00:00 nmbd 21557 ? 00:00:01 smbd 21565 ? 00:00:00 smbd 26137 ? 00:00:00 udevd 26138 ? 00:00:00 udevd
-
-
i have no open ports
and i have no chines gfCode
Alles anzeigenGamer-PC.local.58971: Flags [P.], seq 8676144:8676288, ack 44033, win 460, length 144 00:59:14.541315 IP HomeServer.local.ssh > 221.229.166.205.32791: Flags [P.], seq 40:968, ack 16, win 227, options [nop,nop,TS val 24171650 ecr 79667221], length 928 00:59:14.579150 IP HomeServer.local.ssh > 221.229.166.205.32791: Flags [.], ack 664, win 237, options [nop,nop,TS val 24171660 ecr 79667221], length 0 00:59:15.094589 IP HomeServer.local.ssh > 221.229.166.205.32791: Flags [.], ack 936, win 247, options [nop,nop,TS val 24171788 ecr 79667350], length 0 00:59:15.102460 IP HomeServer.local.ssh > 221.229.166.205.32791: Flags [P.], seq 968:1816, ack 936, win 247, options [nop,nop,TS val 24171790 ecr 79667350], length 848 00:59:15.639148 IP HomeServer.local.ssh > 221.229.166.205.32791: Flags [.], ack 952, win 247, options [nop,nop,TS val 24171925 ecr 79667479], length 0 00:59:16.040869 IP HomeServer.local.ssh > 221.229.166.205.3279
Code
Alles anzeigen239.255.255.250.1900: UDP, length 261 00:37:19.319809 IP HomeServer.local.ssh > Gamer-PC.local.58971: Flags [P.], seq 6524752:6524896, ack 39633, win 357, length 144 00:37:19.320066 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900: UDP, length 333 00:37:19.320267 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900: UDP, length 329 00:37:19.320280 IP HomeServer.local.ssh > Gamer-PC.local.58971: Flags [P.], seq 6525088:6525232, ack 39633, win 357, length 144 00:37:19.320474 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900: UDP, length 309 00:37:19.320681 IP HomeServer.local.ssh > Gamer-PC.local.58971: Flags [P.], seq 6525504:6525648, ack 39633, win 357, length 144 00:37:19.320693 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900: UDP, length 341 00:37:19.321142 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900: UDP, length 323 00:37:19.321305 IP ralink.ralinktech.com.32769 > 239.255.255.250.1900:
what about it? -
-
Guten Abend
Habe heute bemerkt das der smbd Prozess ca 8% CPU load macht und der Switch blinkt auch also nas und Router nun stellt sich mir die frage was wo hin kopiert wird habe alle PCs gecheckt nichts wird kopiert
Windowsfreigaben sind Passwort geschürzt..Bitte um Hilfe
MfG
good Evening
Today I noticed that the smbd process approximately 8 % CPU load and therefore makes the switch flashes NAS and router now makes me wonder what go where copies have all PCs checked nothing is copied
Windows releases are pursed password ..Please help
(google translator)