brute force attempts?

Reply

This thread's discussion is locked. If it doesn't give you the information you need, head to its forum board for active discussions or to start a new discussion.

suma
Just Moved In

I am experiencing  approx 20 Firewall info logs per day of ips being blocked by my firewall. A Whois search shows that the are ips originating in China and are coming through the Kamloops server. I guess the questions are "does Telus monitor for brute force attempts through their servers?   can they blacklist or otherwise block known troublesome ips? what further steps can an end user take to ensure firewall integrity?"


Accepted Solutions
Most Helpful
suma
Just Moved In

thanks for the response Nasty. This would be the telus gateway firewall log.So the next question for me would be "how do I spell paranoia?" hahaha. Just not used to seeing src ips from Shanghai. Below is a screenshot of todays log. 101.227...etc is shanghai, 79.1...etc is Rome Italy 218.208...etc is kuala lumpur. Thanks again.Screenshot - 05232014 - 04:30:32 PM.png

View solution in original post


All Replies
nasty
Rockstar

Is this a business standalone firewall product?

Or just the Telus Gateway firewall logs?

 

A brute force attempt would be more like hundreds of hits per hour trying to find a hole(open ports to an internal machine/server).

 

The Telus Gateway firewall log will have a description of what protocol/port pinged the Gateway.

 

If I were to ping any random IP address on the Internet, it will show up in that users firewall logs.

 

If my IP was to change and I got an IP address from someone who did filesharing(P2P), for a short time I would get connection requests from other P2P users, until their P2P directory changes.

 

 

Most Helpful
suma
Just Moved In

thanks for the response Nasty. This would be the telus gateway firewall log.So the next question for me would be "how do I spell paranoia?" hahaha. Just not used to seeing src ips from Shanghai. Below is a screenshot of todays log. 101.227...etc is shanghai, 79.1...etc is Rome Italy 218.208...etc is kuala lumpur. Thanks again.Screenshot - 05232014 - 04:30:32 PM.png

View solution in original post