Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

Malicious access attempt from Seychelles

Gonzalo
Gonzalo Member ✭✭
edited January 2020 in FLEX-6000 Signature Series
Hi All,
I would like to report that Xfinity just notified me of an attempt to access my 6700 from the Seychelles (IP: 80.82.77.231). I just want to make this public in case others have experienced the same issue or we need to do something about it.
73
Gonzalo, AI1W

Answers

  • Mike-VA3MW
    Mike-VA3MW Administrator, FlexRadio Employee, Community Manager, Super Elmer, Moderator admin
    edited January 2020
    Hi Gonzalo

    Are you able to post the exact message you received from your ISP please.  It would be interesting to see.

    There are a scary amount ‘port scanner’ applications running on the internet.  If I was to post the log from my firewall, it would very very long.  

    Essentially what they are saying is someone was on your property running around and banging on all the doors and windows.    I am actually surprised they reported it other to show you they are actually doing something so they can brag value add as your ISP.

    Mike
  • David
    David Member ✭✭
    edited January 2020
    You may want to review this thread and check your setting. You may also want to change your SmartLink password.

    https://community.flexradio.com/flexradio/topics/client-connect-what-is-this

  • Michael Wolff
    Michael Wolff Member ✭✭
    edited January 2020
    It's probably just a bot scanning the Internet looking where nefarious things can be done to support things like distributed denial of service (DDoS) attacks. For shiggles, I traced the IP address back to a Dutch owner, but the 'SC' at the end might mean this address is in use by this provider in Seychelles -
    [michael@svr00 ~]$ whois -h whois.cymru.com " -v " 80.82.77.231
    [Querying whois.cymru.com]
    [whois.cymru.com]
    AS          | IP                       | BGP Prefix            | CC | Registry | Allocated   | AS Name
    202425  | 80.82.77.231     | 80.82.77.0/24       | NL | ripencc  | 2010-08-16 | INT-NETWORK, SC
    [michael@svr00 ~]$


  • Neil D Friedman N3DF
    Neil D Friedman N3DF Member ✭✭✭✭
    edited January 2020
    Seychelles ham trying to get one up on his Worked All States award?
  • Doug
    Doug Member ✭✭
    edited January 2020
    I hate to admit but what is a "BOT" about two weeks ago now I got an email from by service provider I had a bot associated with my IP address and this was the first time I had every heard this term. As far as I understood it, it had nothing to do with Flex
  • John KB4DU
    John KB4DU Member ✭✭✭✭
    edited January 2020
    It doesn't relate to Flex. Some malicious code appears to be associated with/coming from the IP address associated with your internet commection.

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.