This is infuriating that I continue to get this repeats of nine and more possible hack attempts from the same certain IP addresses blocked by Malwarebytes, which I get popups every time it happens. This is a snapshot from my logs after one has happened, and I also save text file logs of it.

From what I can tell, they appeared to be originating from Linode almost every time and when I tried to file complaints with them, they keep claiming it is a security researcher or something and end up doing nothing about it. I’m currently wondering what to do about this as I have a folder of so many save logs of it on my computer.

  • @i2ndshenanigans
    link
    English
    1611 months ago

    If they are making it past your firewall and hitting your computer then the firewall is open and it shouldn’t be. Or that’s an outbound connection triggering the alert.

    • Kid_Thunder
      link
      fedilink
      6
      edit-2
      11 months ago

      Just clarification here, a NAT is NOT a firewall. It will drop packets originating from outside the network if the ports aren’t forwarded to an IP simply because the NAT has no idea which device on the network to send the packets to. A forwarded port is you telling the NAT to assume packets coming into a specific port should be forwarded to a specific device. It is acting as a security measure simply by coincidence but not by design. Unlike a firewall it will not inspect any packet payload or attempt to make a security decision on outbound packets. It only routes based on the packet headers.

      A firewall on the other hand actively will reject or drop packets because it is an Intrusion Prevention System (IPS). This is why if your router has a built-in firewall, your NAT will still drop the packets – because it isn’t a firewall nor is it what is being referred to if you disable it.

    • Konala KoalaOP
      link
      English
      011 months ago

      It’s more like an inbound connection that is triggering the alert.

      • @Weslee
        link
        English
        511 months ago
        1. You are seeing the logs on your pc, if the connections are hitting your pc then your router is not doing its job correctly and you need to look into it.
        2. If you don’t have a static ip set up, try rebooting your router. Most ISPs will cycle you a new IP address.
        3. I don’t think this is really a hack attempt, for one, no one hacks people using their true ip, and you said you spoke to them so
        • Konala KoalaOP
          link
          English
          111 months ago

          Well, I just went through some online instructions to setup an inbound rule in Windows Defender Firewall that is a list of IPs to have it block, hoping that will solve this ongoing problem I was having.