Hiya Guys and Gals,
If any of the information I provide below is not a good idea to post publicly, please let me know ASAP so I can delete it.
Hopefully someone can help me out in determining if this is normal or not. I was having issues with an unrelated problem and was told to try an update my firmware for my router. While doing so, I was looking around and notices some strange activity in the Router Logs.
[LAN access from remote] from 177.72.82.55:58699 to 192.168.0.25:80
[LAN access from remote] from 83.143.28.58:10740 to 192.168.0.25:80
[LAN access from remote] from 34.77.74.117:50010 to 192.168.0.25:443
These are a few of the logs, they seem to be coming from multiple suspect locations and occur every 10-15 minutes or so and always target the same IP @ 192.168.0.25 on either port 80 or 443.
Now I'm not to versed in networking (very basic). I do not have any devices connected to my router using IP 192.168.0.25 specifically. The only place I can find the '25' number is when I look in the routers "Port Forwarding Section"
1 FTP TCP: 80 Any TCP: 80 192.168.0.25
2 FTP TCP: 443 Any TCP: 443 192.168.0.25
3 FTP TCP: 1935 Any TCP: 1935 192.168.0.25
4 FTP TCP: 3478 ~ 3480 Any TCP: 3478 ~ 3480 192.168.0.25
5 FTP UDP: 3478 ~ 3479 Any UDP: 3478 ~ 3479 192.168.0.25
All five of these listing have a circle check box next to them and are UNCHECKED.
I have tried turning off UPnP and as far as I can tell,
Turn Remote Management On (HTTP)
Turn Remote Management On (HTTPS)
are both UNCHECKED as well. Yet I'm still getting these logs.
Any help or advice would be greatly appreciated, thanks!
If any of the information I provide below is not a good idea to post publicly, please let me know ASAP so I can delete it.
Hopefully someone can help me out in determining if this is normal or not. I was having issues with an unrelated problem and was told to try an update my firmware for my router. While doing so, I was looking around and notices some strange activity in the Router Logs.
[LAN access from remote] from 177.72.82.55:58699 to 192.168.0.25:80
[LAN access from remote] from 83.143.28.58:10740 to 192.168.0.25:80
[LAN access from remote] from 34.77.74.117:50010 to 192.168.0.25:443
These are a few of the logs, they seem to be coming from multiple suspect locations and occur every 10-15 minutes or so and always target the same IP @ 192.168.0.25 on either port 80 or 443.
Now I'm not to versed in networking (very basic). I do not have any devices connected to my router using IP 192.168.0.25 specifically. The only place I can find the '25' number is when I look in the routers "Port Forwarding Section"
1 FTP TCP: 80 Any TCP: 80 192.168.0.25
2 FTP TCP: 443 Any TCP: 443 192.168.0.25
3 FTP TCP: 1935 Any TCP: 1935 192.168.0.25
4 FTP TCP: 3478 ~ 3480 Any TCP: 3478 ~ 3480 192.168.0.25
5 FTP UDP: 3478 ~ 3479 Any UDP: 3478 ~ 3479 192.168.0.25
All five of these listing have a circle check box next to them and are UNCHECKED.
I have tried turning off UPnP and as far as I can tell,
Turn Remote Management On (HTTP)
Turn Remote Management On (HTTPS)
are both UNCHECKED as well. Yet I'm still getting these logs.
Any help or advice would be greatly appreciated, thanks!
Facebook
Twitter
Instagram