bally12345 Posted June 4, 2022 Share Posted June 4, 2022 I am seeing the following message on my unifi router: possible network intrusion attempt from 138.99.216.228 has been detected and blocked. Learn more. Since 25 May it seems. Had a quick look and most if not all point to my unraid server port 8080 and 8443 which I used to port forward for the unifi controller docker and no longer use. So just now I have disabled the port forwarding rules. Should I be looking at anything? Also noticed a few attempts on plex port too. I have set my unifi to detect and block and sensitivity to high just incase. Quote Link to comment
Squid Posted June 4, 2022 Share Posted June 4, 2022 Welcome to the real world. Every second of every day, script kiddies are constantly attempting to gain access to every IP address and open ports in the world. It's hard to get around forwarding ports (like for Plex), and it's something you've just got to deal with. At the end of the day, you're trusting Plex Inc to properly secure their system. For other things like your Unifi controller etc that you've opened up to the world make sure you've got a damn secure password on it, and if you have the ability to only allow certain IPs (or ranges) then apply that. Ideally, you should use a reverse proxy or even better a VPN (eg wireguard) for accessing the services, as then there will be yet another layer of security between you and the bad actors The world is a dangerous place, and nowadays we've got a million apps on our phones to remotely access our various devices (Ring, Deco, Nest etc) and while none of them require ports opened, on each and every one of them you're trusting the company to properly secure those devices (and their own servers / apps) to prevent intrusions into your network) Each and every IoT device should be on your Guest wifi network and not on your actual wifi network unless its 100% necessary. 1 Quote Link to comment
bally12345 Posted June 4, 2022 Author Share Posted June 4, 2022 Luckily the container has been stopped for a long time.Will look up setting up reverse proxy but stopped getting alerts as soon as I disabled those ports and set unifi to detect and block. Sent from my SM-G991B using Tapatalk Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.