I expect the rest of the ports getting pinged are dropped further up in the firewall chain, so not being reported.I am not surprised by the number of the attack, but that its >95% on tcp/23.This isn't really a surprise for most people.
I definitely share your frustration with the "Help! Someone please do all my network engineering for free! URGENT!!!"Maybe I have read too many "help! my users are actually making traffic! I want to block block block!" topics...
That seems a bit harsh. This could be an opportunity for the OP to learn about traffic management.Also consider dropping from the business and finding another way to earn money.
I misunderstood your post. My apologies.Tippenring.
I was agreeing with you. The logs were proof that 2 different attackers had the password from before the upgrade
A search of this forum before yet another post about how "I've been pwned" would do you wonders.why do you say that...? and how can i check?RouterBoard OS 6.35.2
I wonder if your device did not maybe get hacked!
I understand netinstall doesn't work if the device is >50 ft off the ground. Does anyone have the support ticket # for that issue?Have you tried netinstall? Or is the affected box also too high and/or far to do that?
Wow. Although relatively low risk, I can't think of a reason for not verifying the cert but laziness. Good thing I don't upgrade from Winbox I guess.Still no signature checking or HTTPS... man in the middle can easily compromise administrator's PC.
I second this recommendation. I have several in production now. It's a very simple VPN to set up compared to IPSec client-type connections.Look into SSTP VPN, works great for me, very secure and uses certificates
Fully agree with what @CZFan said.@Sob and @sindy, with all due respect, I love watching you guys argue / "interfere" I learn so much from you guys, please continue
Well that totally changes my opinion. I thought you were an ISP.I am not an ISP. I manage a company network with BYOD policy.
I only glanced at the log. I hadn't noticed that. Good catch.According to the log (which for some reason was sorted descending by time), phase 1 has succeeded. That's why I've suggested to remove the lifetime from the ph2 proposal.