January 26, 20233 yr I've just seen this in my log. Never seen anything like this before. Is this someone trying to gain access to my server? Anything I should worry about? Jan 26 15:43:38 unRAID nginx: 2023/01/26 15:43:38 [crit] 24956#24956: *1977125 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 152.32.141.142, server: 0.0.0.0:443 That IP address is from Nigeria. Thanks
January 26, 20233 yr https://www.abuseipdb.com/check/152.32.141.142 Probably more than that happening. Have you put your server on the internet? attach diagnostics to your NEXT post in this thread.
January 26, 20233 yr Author Haven't done anything as far as I know. The password is long and not the kind you could guess. unraid-diagnostics-20230126-1719.zip
January 26, 20233 yr If you are using My Servers Remote Access, change the WAN port. You want something random between 1000 and 65000, see https://wiki.unraid.net/My_Servers#Configuring_Remote_Access_.28optional.29
January 26, 20233 yr 12 minutes ago, nomisco said: The password is long and not the kind you could guess. No good reason to rely on that. Nothing outside your LAN should be able to access your server except specific ports you have setup and secured for that purpose.
January 26, 20233 yr Jan 23 12:04:26 unRAID webGUI: Successful login user root from 79.77.141.131 That one is not in abuseipdb. Do you recognize it? You also have some problems with your pools, probably connection problems with ftp_cache. corruption on pool cache (csum errors). Have you done memtest recently?
January 26, 20233 yr Author ljm42: Changed the port to something else. trurl: Yes, I do recognise the IP address, that's OK. And I'm aware of the corruption in the cache pool. I don't know if it's a failing SSD or not. No further attempts to access the server. The only things which are forwardded on my router are the Plex server (running on unRAID) and the port aforementioned which I've changed for the WebUI remote access. Edited January 26, 20233 yr by nomisco
February 18, 20233 yr Old news... Anyone with their own router knows that "bots" search or attack or look or whatever you want to call it. No one can stop "attacks" on the Internet. The Internet was actually created to stop "attacks" from being able to stop it. MrGrey.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.