joe68000
Regular Contributor
To elaborate on what Mutzil wrote: in Skynet go to Settings 11 and the enable Ban AIProtect under Option 7
Does AiProtect need to be enabled in order for Skynet to block the IPs?
To elaborate on what Mutzil wrote: in Skynet go to Settings 11 and the enable Ban AIProtect under Option 7
No but Skynet also add IPs from AiProtection ban list, its an addition , not requirement .Does AiProtect need to be enabled in order for Skynet to block the IPs?
You can use this guide to help with the OpenVPN Server setup.Hi Delusion,
Thanks a lot. This actually triggered it. I now can see reports in AiProtection. I'd usually get tons of reports every day, especially the ones from IPS. I don't personally believe that my ISP's spent money to install an expesive hardware/software to prevent all the attacks before they reach me. The reason i've posted this is that these last 2 days I'm being constantly accessed from few IPs (213.227.134.165 and 188.166.88.55) they try to access the router on port 8443 which is enabled to access from WAN. I had to change the port and I still see those IPs trying to establish the connection on port 8443. The firewall keeps dropping the packets.
Regards
Teymur
As Delusion has stated, but to expand a little, Skynet is a stand-alone piece of software. It doesn't need AIProtection to be on for Skynet to work. However, if you run AIProtection - and I run all its modules - Skynet has that option (Ban AIProtect) that allows the automatic “importing” into Skynet of the IP addresses that AIProtect blocks. A bit of intelligent learning on the part of Skynet. All going on in the background.Does AiProtect need to be enabled in order for Skynet to block the IPs?
Can you give more information as to why you believe this to be the case? Do you have skynet on your router as well?for me AiProtection is not working too, just noticed it in previous version - 384.11 (not .2)
Can you give more information as to why you believe this to be the case? Do you have skynet on your router as well?
I am not familiar with Skynet nor Diversion, so no, I only flashed firmware from Rmerlin and changed basic network settings that suits me, no custom blocking scripts are installed. All I can see is 0 hits for
Malicious Sites Blocking, Two-Way IPS and Infected Device Prevention and Blocking - all are turned on of course. I tried to download txt file from http://2016.eicar.org/85-0-Download.html, as mentioned in previous page of this thread - no hits.
yes, I used to get hits for all protections before, I dont know which version it stopped working, not checking it often. Now there are no hits for a month, maybe two.I also had 0 hits reported, downloaded (well, failed to) the file and still saw 0, but going to the Two-Way Protection Tab showed one and returning to the Network Protection tab had incremented the number of hits to 1.
I also had 0 hits reported, downloaded (well, failed to) the file and still saw 0, but going to the Two-Way Protection Tab showed one and returning to the Network Protection tab had incremented the number of hits to 1.
yes, I used to get hits for all protections before, I dont know which version it stopped working, not checking it often. Now there are no hits for a month, maybe two.
I just checked AIProtection tab and I can see now 3 hits from today, and your link redirects me to ASUS's warning site, and malicious site count increased to 2, so I guess it's working now. strange though. Thanks for spending time on my "issue"I checked mine: zero hits on all protection modules since 27 May. That was when I updated my firmware from 384.9 to 384.11_2 with a full L&LD M&M router reset. And the last AIProtection email I got was back on 8 Feb, so I would have been on 384.9 then.
Anyway, that last email was a block on the domain
brokercdn.com
so I put that in the browser address bar and immediately got the Trend Micro warning from the router. I then checked my AIProtection stats and the malicious site blocking had gone from zero to 5.
So, whilst I initially thought maybe AIProtection had stopped working for me, I’m now happy it is working and suspect that Skynet and Diversion are responsible for the much lower AIProtection hit rate on my router. (But I need to fix my AIProtection email alerts, which is a separate matter.)
....,Thanks for spending time on my "issue"
Did this ever work for you? I tried setting it up with Gmail and an app password, but it always fails according to /tmp/email.log. I ended up erasing the credentials in the PM_SMTP_AUTH* nvram variables.But I need to fix my AIProtection email alerts, which is a separate matter.
Yes, it did, exactly as you described: with 2FA and an app password it had indeed worked, with the last email being on 8 Feb 2019. But since installing Skynet and Diversion, such emails were a rarity. I need to double check that I correctly set it up after my recent M&M router reset and report back.Did this ever work for you? I tried setting it up with Gmail and an app password, but it always fails according to /tmp/email.log. I ended up erasing the credentials in the PM_SMTP_AUTH* nvram variables.
Silly me: I had forgotten to set it up after my reset. It now works.Did this ever work for you? I tried setting it up with Gmail and an app password, but it always fails according to /tmp/email.log. I ended up erasing the credentials in the PM_SMTP_AUTH* nvram variables.
Thanks. Upon further review I found an extra quote character in my password when I copied from my update-notification script. Working now!Silly me: I had forgotten to set it up after my reset. It now works.
After inserting the Gmail credentials and Applying, I got an email confirming this was the email address and telling me to click the link in the email to return to the AIProtection page in the webui, not that there was anything further to be done there; I guess it closed the loop.
I then entered my known AIProtection dodgy-domain trigger into my browser, got the warning page from the router and then went and checked the dedicated email account. And now the email alert is up and running.
(Thanks for the prompt to get it sorted.)
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!