Menu
What's new
By:
Filters Better Search

AiDisks under password guessing attack

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

Blackstar

Occasional Visitor
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
 
Please tell a little more precise how you set up your disks. Didn't you set up a vpn-server for sharing?
 
Blackstar said:
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
Click to expand...
Welcome to the world of the Internet! You are likely being hit by a bot. Might be best to not use AiDisk but use a cloud service instead.
 
Caracas IP, .ru domain, listed for brute force attacks. Add it to skynet?
 
Blackstar said:
After two weeks of setting up AiDisks for local network file sharing among my family members for the first time, a week later, someone began attempting to guess the password for access every five minutes, with five login attempts. As a result, I increased the timeout to 60 minutes with a limit of two login attempts. However, the individual has persisted in their attempts. Should I be concerned? Here's the latest log from just minutes ago.

Mar 20 23:23:46 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 79.110.62.117 in login.
Mar 20 23:26:36 httpd_login_lock: Detect abnormal logins at 5 times. The newest one was from 179.60.147.41 in login lock.
Click to expand...
I'd be weary of opening anything up to the public in this manner. Especially if there's no ability for OTP or MFA or Geo-IP blacklists at a minimum. Shodan and other sites will eventially show what ports and services are open to the public on your public IP and you will get hammered from everywhere.
 
You must log in or register to reply here.

Similar threads

P
Asus aimesh node disconnects frequently, corresponding log entries recorded. Need help understanding the log.
Replies
5
Views
449
ColinTaylor
C
spacemanspiff
Getting a lot of Abnormal Login HTTP locks - Chrome issue?
Replies
0
Views
488
spacemanspiff
spacemanspiff
Swistheater
Alarming syslogs
Replies
14
Views
2K
gattaca
G
N
Unsual acitvities in Router Logs
Replies
4
Views
4K
noidea
N
BloodFX
weird router logs help please
Replies
11
Views
2K
BloodFX
BloodFX
Similar threads
Thread starter Title Forum Replies Date
J Devices connected through wifi extender are showing up under guest IP subnet Asuswrt-Merlin 3
Linke Loetje Issues setting up Sonos Library under SMB2 - not enough credits Asuswrt-Merlin 2
z2vip AiCloud WebUI bug under 3004.388.6 Asuswrt-Merlin 3
L Login URL to pass User and Password directly in the url link Asuswrt-Merlin 1
J SSID QR Code validity after hard reset but using same SSID Password when setup again? Asuswrt-Merlin 1
D Lost password recovery Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 822 (members: 23, guests: 799)
Top