An attack Wan to Lan on Zywall 5
Options
Freshman Member
Good morning,
in my windows active directory, some users are disabled as if someone tried to force the password. I thought of an attack from the outside. I have a Zywall 5 and some public ip. The NAT (M-1) output is enabled for all clients from 192.168.1.1 to 192.168.1.255 on a public ip y.y.y.10 and for a machine I have a NAT 1-1 from 192.168.1.11 to y.y.y.11. I've always had attempts to access Wan to Wan to ip y.y.y.11 over the years. Now, in the firewall logs I see Wan to Lan attempts from some ip to 192.168.1.11. I do not understand how it's possible to see an ip of the lan from the outside. Can you help me?
Cicco
#Biz_Security_February
in my windows active directory, some users are disabled as if someone tried to force the password. I thought of an attack from the outside. I have a Zywall 5 and some public ip. The NAT (M-1) output is enabled for all clients from 192.168.1.1 to 192.168.1.255 on a public ip y.y.y.10 and for a machine I have a NAT 1-1 from 192.168.1.11 to y.y.y.11. I've always had attempts to access Wan to Wan to ip y.y.y.11 over the years. Now, in the firewall logs I see Wan to Lan attempts from some ip to 192.168.1.11. I do not understand how it's possible to see an ip of the lan from the outside. Can you help me?
Cicco
#Biz_Security_February
0
All Replies
-
The log should show remote user's Wan IP to Zywall5's Wan IP not Lan IP.
Could you show me the screenshot of this case for checking. I think you need to hide part of IP information for security reason:)0
Master Member
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 219 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.5K Security
- 588 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 7K Consumer Product
- 298 Service & License
- 476 News and Release
- 91 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight
