Suricata Threat detection output

[SMS786]

Hi all

Unfortunately seems the main Suricata thread has been inactive for a while now (not open for replies), thus posting here.

Any ideas on what this entry means (from a threat level pov) and how best to investigate further?

 

[ColinTaylor]

Looks like a standard port scanner: https://www.abuseipdb.com/check/141.98.10.114

Just make sure you're not exposing any ports to the internet.

 

[SMS786]

Looks like a standard port scanner: https://www.abuseipdb.com/check/141.98.10.114

Just make sure you're not exposing any ports to the internet.

I checked alienvault (https://otx.alienvault.com/indicator/ip/141.98.10.114) but couldn't garner too much.

Appreciate it. Will add abuseipdb to my list.