Hello all,
Periodically I check the IDS feature in the unfi controller (I own a USG). Normally I am dismissive of the threats as they pertain to my wife who uses wechat and will time to time get threats to her phone and I block the incoming IP, perhaps just because. More recently I have received nearly 20 threats directly to the local IP of my Unraid server not from China but globally. The threat appears as "ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 748". None of the docker containers share the ports of 'attack'. I have 5 VMs operating on a bridged connection. As another data point, I use PIVPN to access my files externally, it auto updates except for the period the PI RAM usage was to high.
My primary concern is, am I compromised.
My questions are two fold while I seek external advice to harden my network my broadly. In the meantime:
1. What is the best way to perform diagnostics to see what occurred.
2. Is there a way to harden Unraid generally speaking.
Kindest for those willing to assist,
John