恩山无线论坛

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
查看: 387|回复: 4

疑似openwrt网络攻击

[复制链接]
发表于 2022-7-18 15:43 | 显示全部楼层 |阅读模式
系统每天总是在日志里看到这些消息,感觉像是攻击,请大神们看看。
主机型号/IC2M1028V-J - Intel(R) Atom(TM) CPU D2550 @ 1.86GHz : 2 Core 4 Thread (CpuMark : 14908.800075 Scores)
CPU 信息1861.982 MHz +54.0°C (crit = +100.0°C)
固件版本bleach self build 20220612 @ OpenWrt R22.5.5 / LuCI Master (git-22.161.56906-efa5cfe)
内核版本5.15.46
Sat Jul 16 01:14:58 2022 daemon.err netdata[2672]: Incoming connection on '185.156.72.32' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sat Jul 16 01:14:58 2022 daemon.err netdata[2672]: Permission denied for client '185.156.72.32', port '64878'
Sat Jul 16 01:14:58 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 08:04:01 2022 kern.notice kernel: [1774007.640176] nf_ct_sip: dropping packet: cannot parse cseq IN= OUT= SRC=8.142.142.251 DST=121.21.18.226 LEN=118 TOS=0x14 PREC=0x00 TTL=244 ID=32809 PROTO=UDP SPT=23617 DPT=5060 LEN=98
Sun Jul 17 09:26:39 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:39 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '50574'
Sun Jul 17 09:26:39 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:41 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:41 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '54036'
Sun Jul 17 09:26:41 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:42 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:42 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '58410'
Sun Jul 17 09:26:42 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:44 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:44 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '60846'
Sun Jul 17 09:26:44 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:45 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:45 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '35850'
Sun Jul 17 09:26:45 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:47 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:47 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '39672'
Sun Jul 17 09:26:47 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Sun Jul 17 09:26:50 2022 daemon.err netdata[2672]: Incoming connection on '8.142.37.152' does not match a numeric pattern, and host could not be resolved (err=Name does not resolve)
Sun Jul 17 09:26:50 2022 daemon.err netdata[2672]: Permission denied for client '8.142.37.152', port '43376'
Sun Jul 17 09:26:50 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Mon Jul 18 04:14:50 2022 daemon.err netdata[2672]: Permission denied for client '137.226.113.56', port '45876'
Mon Jul 18 04:14:50 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Mon Jul 18 04:29:52 2022 daemon.err netdata[2672]: Permission denied for client '137.226.113.56', port '33036'
Mon Jul 18 04:29:52 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Mon Jul 18 04:44:52 2022 daemon.err netdata[2672]: Permission denied for client '137.226.113.56', port '53388'
Mon Jul 18 04:44:52 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.
Mon Jul 18 04:59:52 2022 daemon.err netdata[2672]: Permission denied for client '137.226.113.56', port '33506'
Mon Jul 18 04:59:52 2022 daemon.err netdata[2672]: POLLFD: LISTENER: accept() failed.

我的恩山、我的无线 The best wifi forum is right here.
发表于 2022-7-18 16:16 | 显示全部楼层
自己telnet一下公网上你的ssh是否打开,如果打开记得去防火墙关掉,防火墙》wan》入站数据》拒绝,不要乱接受,尤其是主路由

点评

感谢,我试一下,确实是接受状态,我以为这个入站数据和端口转发关联呢  详情 回复 发表于 2022-7-18 16:29
我的恩山、我的无线 The best wifi forum is right here.
 楼主| 发表于 2022-7-18 16:29 | 显示全部楼层
ITdesk 发表于 2022-7-18 16:16
自己telnet一下公网上你的ssh是否打开,如果打开记得去防火墙关掉,防火墙》wan》入站数据》拒绝,不要乱接 ...

感谢,我试一下,确实是接受状态,我以为这个入站数据和端口转发关联呢

点评

openwrt作为主路由并获取公网Ip的时候,不要把这里设置接受,不然很多扫描标准端口的扫描器就会频繁测试你的密码,如果获取公网IP是为了外网访问,可以在防火墙》端口转发》新建转发规则》从wan口那个端口》可以访问  详情 回复 发表于 2022-7-18 16:39
我的恩山、我的无线 The best wifi forum is right here.
发表于 2022-7-18 16:39 | 显示全部楼层
bobbycumt 发表于 2022-7-18 16:29
感谢,我试一下,确实是接受状态,我以为这个入站数据和端口转发关联呢

openwrt作为主路由并获取公网Ip的时候,不要把这里设置接受,不然很多扫描标准端口的扫描器就会频繁测试你的密码,如果获取公网IP是为了外网访问,可以在防火墙》端口转发》新建转发规则》从wan口那个端口》可以访问内网》那个设备》的那个端口

这样子你就可以在外网访问家里的路由器了

点评

已经没有问题了,入站数据接受和端口转发没有关系,学习了,感谢  详情 回复 发表于 2022-7-19 08:48
我的恩山、我的无线 The best wifi forum is right here.
 楼主| 发表于 2022-7-19 08:48 | 显示全部楼层
ITdesk 发表于 2022-7-18 16:39
openwrt作为主路由并获取公网Ip的时候,不要把这里设置接受,不然很多扫描标准端口的扫描器就会频繁测试 ...

已经没有问题了,入站数据接受和端口转发没有关系,学习了,感谢
我的恩山、我的无线 The best wifi forum is right here.
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|手机版|小黑屋|Archiver|恩山无线论坛(常州市恩山计算机开发有限公司版权所有) ( 苏ICP备05084872号 )|网站地图

GMT+8, 2022-8-16 15:25

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

| 江苏省互联网有害信息举报中心 举报信箱:js12377@jschina.com.cn 举报电话:025-88802724 | 本站不良内容举报信箱:68610888@qq.com 举报电话:0519-86695797
快速回复 返回顶部 返回列表