Hi,
I have an RT-AC88U router and activated AiProtection - Two-Way IPS
I'm getting what looks to be a number of false positives with my MythTV linux server / Media PC:
Type: Client Device Infected
Source: 192.168.5.100
Destination: Myth
Alert: SSH Brute Force Login
The problem in the above is that 192.168.5.100 IS Myth, and is actually set to Manual, rather than DHCP in the client list.
I've been through the logs on the server side, and can't seem to find anything that correlates, but I'm guessing it may be MySQL / MythTV / Kodi related. I also have a few other services running on there (Apache / Samba / PHP / Security Cameras). If I could find the offending process I could maybe change it from using the DNS name to the IP address, but is there anything on the router side I can use to either further diagnose the offending connection, or set a whitelist?
thanks
I have an RT-AC88U router and activated AiProtection - Two-Way IPS
I'm getting what looks to be a number of false positives with my MythTV linux server / Media PC:
Type: Client Device Infected
Source: 192.168.5.100
Destination: Myth
Alert: SSH Brute Force Login
The problem in the above is that 192.168.5.100 IS Myth, and is actually set to Manual, rather than DHCP in the client list.
I've been through the logs on the server side, and can't seem to find anything that correlates, but I'm guessing it may be MySQL / MythTV / Kodi related. I also have a few other services running on there (Apache / Samba / PHP / Security Cameras). If I could find the offending process I could maybe change it from using the DNS name to the IP address, but is there anything on the router side I can use to either further diagnose the offending connection, or set a whitelist?
thanks