Jump to content

SSL_do_handshake() failed, constantly in my logs. which can't be good.


DevXen

Recommended Posts

Posted (edited)

Screenshot_20210927-004855_Chrome.thumb.jpg.49d240608c7e39133f0fcf5c88e4cb84.jpgSo this keeps pulling up. anyway to just block it all together? it's all dsifferent IP Addresses.

I'm just now sure what to do here?

 

Sep 26 15:52:15 MediaXen nginx: 2021/09/26 15:52:15 [crit] 16927#16927: *2000343 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 101.100.137.168, server: 0.0.0.0:443
Sep 26 15:54:04 MediaXen nginx: 2021/09/26 15:54:04 [crit] 16927#16927: *2001136 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 15:55:14 MediaXen nginx: 2021/09/26 15:55:14 [crit] 16927#16927: *2001688 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 123.139.75.167, server: 0.0.0.0:443
Sep 26 15:56:01 MediaXen nginx: 2021/09/26 15:56:01 [crit] 16927#16927: *2002034 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 185.200.181.7, server: 0.0.0.0:443
Sep 26 15:56:10 MediaXen nginx: 2021/09/26 15:56:10 [crit] 16927#16927: *2002111 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 62.210.204.20, server: 0.0.0.0:443
Sep 26 15:56:46 MediaXen nginx: 2021/09/26 15:56:46 [crit] 16927#16927: *2002359 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:02:44 MediaXen nginx: 2021/09/26 16:02:44 [crit] 16927#16927: *2005596 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 73.145.57.16, server: 0.0.0.0:443
Sep 26 16:04:11 MediaXen nginx: 2021/09/26 16:04:11 [crit] 16927#16927: *2006280 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 95.217.113.45, server: 0.0.0.0:443
Sep 26 16:07:16 MediaXen nginx: 2021/09/26 16:07:16 [crit] 16927#16927: *2007823 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 72.21.17.57, server: 0.0.0.0:443
Sep 26 16:09:17 MediaXen nginx: 2021/09/26 16:09:17 [crit] 16927#16927: *2008848 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 177.91.249.202, server: 0.0.0.0:443
Sep 26 16:09:55 MediaXen nginx: 2021/09/26 16:09:55 [crit] 16927#16927: *2009197 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 47.145.201.154, server: 0.0.0.0:443
Sep 26 16:10:48 MediaXen nginx: 2021/09/26 16:10:48 [crit] 16927#16927: *2009656 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 177.91.249.202, server: 0.0.0.0:443
Sep 26 16:14:16 MediaXen nginx: 2021/09/26 16:14:16 [crit] 16927#16927: *2011308 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 72.21.17.57, server: 0.0.0.0:443
Sep 26 16:14:17 MediaXen nginx: 2021/09/26 16:14:17 [crit] 16927#16927: *2011318 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:15:05 MediaXen nginx: 2021/09/26 16:15:05 [crit] 16927#16927: *2011690 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:15:37 MediaXen nginx: 2021/09/26 16:15:37 [crit] 16927#16927: *2011954 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 46.42.233.169, server: 0.0.0.0:443
Sep 26 16:15:39 MediaXen nginx: 2021/09/26 16:15:39 [crit] 16927#16927: *2011965 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 94.110.141.162, server: 0.0.0.0:443
Sep 26 16:15:51 MediaXen nginx: 2021/09/26 16:15:51 [crit] 16927#16927: *2012047 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:21:14 MediaXen nginx: 2021/09/26 16:21:14 [crit] 16927#16927: *2014620 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 47.147.35.197, server: 0.0.0.0:443
Sep 26 16:26:30 MediaXen nginx: 2021/09/26 16:26:30 [crit] 16927#16927: *2017115 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 101.100.137.168, server: 0.0.0.0:443
Sep 26 16:30:16 MediaXen nginx: 2021/09/26 16:30:16 [crit] 16927#16927: *2019165 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:33:49 MediaXen nginx: 2021/09/26 16:33:49 [crit] 16927#16927: *2021042 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 101.98.190.49, server: 0.0.0.0:443
Sep 26 16:33:53 MediaXen nginx: 2021/09/26 16:33:53 [crit] 16927#16927: *2021076 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:34:30 MediaXen nginx: 2021/09/26 16:34:30 [crit] 16927#16927: *2021417 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 118.183.147.48, server: 0.0.0.0:443
Sep 26 16:35:05 MediaXen nginx: 2021/09/26 16:35:05 [crit] 16927#16927: *2021695 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 177.91.249.202, server: 0.0.0.0:443
Sep 26 16:35:13 MediaXen nginx: 2021/09/26 16:35:13 [crit] 16927#16927: *2021749 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 177.91.249.202, server: 0.0.0.0:443
Sep 26 16:41:34 MediaXen nginx: 2021/09/26 16:41:34 [crit] 16927#16927: *2024967 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:42:03 MediaXen nginx: 2021/09/26 16:42:03 [crit] 16927#16927: *2025230 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 212.32.244.72, server: 0.0.0.0:443
Sep 26 16:42:10 MediaXen nginx: 2021/09/26 16:42:10 [crit] 16927#16927: *2025303 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 5.79.73.142, server: 0.0.0.0:443
Sep 26 16:43:38 MediaXen nginx: 2021/09/26 16:43:38 [crit] 16927#16927: *2025991 SSL_do_handshake() failed (SSL: error:1408F0C6:SSL routines:ssl3_get_record:packet length too long) while SSL handshaking, client: 107.147.58.114, server: 0.0.0.0:443

 

Edited by DevXen
fixed formatting from console log.
Posted

No. I have openVPN and wireguard. But I also have swag/let's encrypt setup for a few docker containers. Is where I would guess it's from. from what I was able to find in think it's then trying to use an inner ssl exploit to get access. But no the admin interface isn't accessible over the internet. 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...