UNIFI NETWORK POSSIBLE NETWORK INTRUSION ATTEMPTS


Recommended Posts

I am seeing the following message on my unifi router:

possible network intrusion attempt from 138.99.216.228 has been detected and blocked. Learn more.

 

Since 25 May it seems. 

 

Had a quick look and most if not all point to my unraid server port 8080 and 8443 which I used to port forward for the unifi controller docker and no longer use. So just now I have disabled the port forwarding rules.

 

Should I be looking at anything? Also noticed a few attempts on plex port too. 

 

I have set my unifi to detect and block and sensitivity to high just incase.

Screenshot 2022-06-04 181216.png

Link to comment

Welcome to the real world.

 

Every second of every day, script kiddies are constantly attempting to gain access to every IP address and open ports in the world.  It's hard to get around forwarding ports (like for Plex), and it's something you've just got to deal with.  At the end of the day, you're trusting Plex Inc to properly secure their system.

 

For other things like your Unifi controller etc that you've opened up to the world make sure you've got a damn secure password on it, and if you have the ability to only allow certain IPs (or ranges) then apply that.

 

Ideally, you should use a reverse proxy or even better a VPN (eg wireguard) for accessing the services, as then there will be yet another layer of security between you and the bad actors

 

The world is a dangerous place, and nowadays we've got a million apps on our phones to remotely access our various devices (Ring, Deco, Nest etc) and while none of them require ports opened, on each and every one of them you're trusting the company to properly secure those devices (and their own servers / apps) to prevent intrusions into your network)  Each and every IoT device should be on your Guest wifi network and not on your actual wifi network unless its 100% necessary.

  • Like 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.