- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Armor "Threat - Attack - Device: " shows my self hosted webserver as device - what does this mean ?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Armor "Threat - Attack - Device: " shows my self hosted webserver as device - what does this mean ?
renewed my Armor subscription on MR60 nighthawk with latest firmware, MR60 internet port 80 is forwarded to MYWEBSRV which is a pc on my home network running a web server, it serves basic html pages.
This one sort of makes sense:
Threat - Suspicious Connection - Device: MYWEBSRV
"... a suspicious remote location IP nn.nn.nn.nn attempted a connection ... "
The IP example above is not in routers log and is not in MYWEBSRV log so no idea what is suspicious about it, what triggers Armor to determine something suspicious - does this message mean its denying legit browsing ?
The main concern:
Threat - Attack - Device: MYWEBSRV
"... Armor denied access to the potentially harmful website."
does this message mean its denying legit browsing ?, I dont see anything in router logs being forwarded to MYWEBSRV that match the timestamps in the Armor alert when this occurs - I also dont see anything in web server log to indicate anyone is browsing it at time of alert , I have scanned MYWEBSRV for virus including from cold boot and used glasswire+VirusTotal uploads to scan its few apps and everything is clean, what would trigger this type of behavior's from Armor ?
thank you
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more