Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Subscribers 6 subscribers
  • Views 2278 views
  • Users 0 members are here
Options
Suggested

Too many failed logins 45.140.17.26 How possible

HGA

I am using UTM 9.720.5, which is the newest firmware.
I know, it is a Russian IP and I am not the only one which tried to be hacked!

Under WebAdmin I have only allowed access from the internal network!

So my question is, why it is possible, that somebody from external can try to login?
Or is the message misleading, so that if somebody is trying to log in from external, that it is already a failed login?

Do you think, that additional actions are necessay, like blocking russian IPs?
Or is my configuration safe?

Thanks for your support,
HGA

Parents
  • +1

    Hi HGA,

    check the full message. I think you will find "portal". if so, you have published the userportal to the internet.

    Everyone in the world can try to access this portal.

    You should not publish any portal to the internet ... or use country blocking at least.

    (+2FA)


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • +1

    Hi HGA,

    check the full message. I think you will find "portal". if so, you have published the userportal to the internet.

    Everyone in the world can try to access this portal.

    You should not publish any portal to the internet ... or use country blocking at least.

    (+2FA)


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
Unfiltered HTML