Menu
What's new
By:
Filters Better Search

AiDisks under password guessing attack

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

Blackstar

Occasional Visitor
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
 
Please tell a little more precise how you set up your disks. Didn't you set up a vpn-server for sharing?
 
Blackstar said:
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
Click to expand...
Welcome to the world of the Internet! You are likely being hit by a bot. Might be best to not use AiDisk but use a cloud service instead.
 
Caracas IP, .ru domain, listed for brute force attacks. Add it to skynet?
 
Blackstar said:
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
Click to expand...
I'd be weary of opening anything up to the public in this manner. Especially if there's no ability for OTP or MFA or Geo-IP blacklists at a minimum. Shodan and other sites will eventially show what ports and services are open to the public on your public IP and you will get hammered from everywhere.
 
You must log in or register to reply here.

Similar threads

spacemanspiff
Getting a lot of Abnormal Login HTTP locks - Chrome issue?
Replies
0
Views
150
spacemanspiff
spacemanspiff
H
Need help. Is something trying to hack my network?
Replies
5
Views
1K
Crimliar
Crimliar
Swistheater
Alarming syslogs
Replies
14
Views
2K
gattaca
G
N
Unsual acitvities in Router Logs
Replies
4
Views
4K
noidea
N
L
Under attack? Tons of child connections attempts and tons of network issues
Replies
4
Views
2K
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
z2vip AiCloud WebUI bug under 3004.388.6 Asuswrt-Merlin 3
kstamand RMerlin under Hyper-V? Asuswrt-Merlin 8
J How does Asus or Asus Merlin source the device name under the System Log, Wireless Log Tab? Asuswrt-Merlin 32
J In asus rt-ac68u router under VPN Client - VPN Server List missing OpenVPN Asuswrt-Merlin 30
D Lost password recovery Asuswrt-Merlin 3
N Unable to login to the web ui: You have entered an incorrect username or password 5 times. Asuswrt-Merlin 20
A SSH by Authorized Keys without username and password Asus Router Asuswrt-Merlin 10

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 983 (members: 31, guests: 952)
Top