× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

Unknown root connexion from different IP's

pmateo65
Follower

Unknown root connexion from different IP's

I have examined the log conexions and I can see my conexion and also an unknown root user conexion with protocol 'misc' and IP 51.89.70.84 (or 51.68.183.111, etc) and also a different ssh conexion with IP 222.186.42.75 . I have seen in previous discussion that the reason for the root conexion could be the use of ReadyCloud or similar services, but I am not using any service or app in the readynas server.

I had activated the ssh conexion but after seen the ssh conexion I have disabled it and I have changed the password of the nas.


Could anyone tell me what the origen of these root conexions is?  any help will be very appreacited.

 

 

 

Thanks in advance

 

Pedro

 

 

PS: I'm sorry for my bad English.

 

 

 

Model: ReadyNAS-4200|ReadyNAS 4200
Message 1 of 2
StephenB
Guru

Re: Unknown root connexion from different IP's

Are you forwarding any ports from your router to the ReadyNAS?

 

222.186.42.75 is in China.  https://db-ip.com/222.186.42.75 gives it a "high" threat level, and says it will attack via ssh and "web".  That's not a site I've used before, so I don't have any real experience with it.

 

The other two you list appear to be in Europe (per the same site).

 

 

 

 

Message 2 of 2
Top Contributors
Discussion stats
  • 1 reply
  • 551 views
  • 0 kudos
  • 2 in conversation
Announcements