Seeing port scans on a LAN device when no NAT/etc is set up.
Freshman Member
USG110
Default(ish) setup, with a Netgear Orbi sitting on lan1 port. The Orbi keeps showing these log lines:
The only non-default config is the definition of a host object, and a policy allowing:
host -> zywal (IP:any/any) for HTTPS to allow remote management of USG from one specific location.
Will welcome any ideas as to how the ORbi gets scanned while sitting behind a firewall.
Default(ish) setup, with a Netgear Orbi sitting on lan1 port. The Orbi keeps showing these log lines:
[DoS Attack: ACK Scan] from source: 17.248.147.83, port 443, Wednesday, May 13, 2020 10:56:59 [DoS Attack: ACK Scan] from source: 17.248.147.108, port 443, Wednesday, May 13, 2020 10:50:08 [DoS Attack: ACK Scan] from source: 74.125.206.128, port 443, Wednesday, May 13, 2020 10:50:04 [DoS Attack: ACK Scan] from source: 17.248.147.45, port 443, Wednesday, May 13, 2020 10:49:29But no NAT or similar rule has been set up.
The only non-default config is the definition of a host object, and a policy allowing:
host -> zywal (IP:any/any) for HTTPS to allow remote management of USG from one specific location.
Will welcome any ideas as to how the ORbi gets scanned while sitting behind a firewall.
0
Accepted Solution
Master Member
All Replies
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
