IDS Monitoring and Alerts

[bitmonster]

New to Merlin here. Last night, first night running, I noticed (surprisingly, but not surprisingly) the following in the IDS logs. Is it possible to receive some sort of alert or daily report or something about this sort of thing? I am particularly interested in IDS and what comes up.. Amazing info though...

Constant hits with the following... I guess this is pretty standard, but still interesting to see the constant background exploit attempt 'noise'.

EXPLOIT Remote Command Execution via Shell Script -2
EXPLOIT Netcore Router Backdoor Access

From 104.248.182.135
142.93.89.180
104.248.71.97
139.59.12.198
159.89.161.58
104.248.57.45

 

[RMerlin]

I guess this is pretty standard, but still interesting to see the constant background exploit attempt 'noise'.

Welcome to the 21st century Internet. As you correctly assumed, this is now pretty common background noise.

 

[bitmonster]

Seems so, however seems to validate the purchase for a dedicated IDS setup. It's relentless.
I guess this is why insecure consumer junk isn't a wise idea anymore either.

 

[agilani]

Seems so, however seems to validate the purchase for a dedicated IDS setup. It's relentless.
I guess this is why insecure consumer junk isn't a wise idea anymore either.

Take a look at skynet for the merlin firmware. I haven't given up on getting an ids for home yet. But its just not feasible given the home router cpu. AiProtection and skynet are the next best thing.

 

[bitmonster]

I thought this is IDS. What's the difference. I will look at Skynet but I thought the inbuilt IDS and firewall was fine? Maybe a determined NSA hacker could break in but unlikely?

Sent from my SM-G965F using Tapatalk