F5F Stay Refreshed Power Users Networks They are attempting to overload or disrupt my server network.

They are attempting to overload or disrupt my server network.

They are attempting to overload or disrupt my server network.

Pages (2): 1 2 Next
J
JenniferXD
Member
Find
50
01-19-2016, 07:07 AM
#1
I have a VNC configured on my server and today I enabled it at 185.56.80.222. When I checked the IP address, I found this link: https://www.abuseipdb.com/check/185.56.80.222. It seems there’s no option to block or blacklist that IP. My router is set to use DDoS protection via `dd`.
Reply
Reply
J
JenniferXD
01-19-2016, 07:07 AM #1

I have a VNC configured on my server and today I enabled it at 185.56.80.222. When I checked the IP address, I found this link: https://www.abuseipdb.com/check/185.56.80.222. It seems there’s no option to block or blacklist that IP. My router is set to use DDoS protection via `dd`.

Reply
Reply
B
BenstoLP
Junior Member
Find
48
01-19-2016, 03:21 PM
#2
Reply
Reply
B
BenstoLP
01-19-2016, 03:21 PM #2

Reply
Reply
S
Spoooky_
Junior Member
Find
48
01-27-2016, 10:48 AM
#3
Based on the information available at https://www.abuseipdb.com/check/185.56.80.222, it seems likely this is the situation.
Reply
Reply
S
Spoooky_
01-27-2016, 10:48 AM #3

Based on the information available at https://www.abuseipdb.com/check/185.56.80.222, it seems likely this is the situation.

Reply
Reply
I
Imperfcti0n
Member
Find
136
01-27-2016, 06:14 PM
#4
They kept attempting to link to VNC multiple times every few minutes.
Reply
Reply
I
Imperfcti0n
01-27-2016, 06:14 PM #4

They kept attempting to link to VNC multiple times every few minutes.

Reply
Reply
S
Scinion
Member
Find
60
01-29-2016, 06:22 AM
#5
Starting with VNC-port open isn't advisable, but adding the suspicious IP to your firewall's blacklist in DD-WRT might help. Since you're using OpenWRT and PFsense, I can't provide exact steps.
Reply
Reply
S
Scinion
01-29-2016, 06:22 AM #5

Starting with VNC-port open isn't advisable, but adding the suspicious IP to your firewall's blacklist in DD-WRT might help. Since you're using OpenWRT and PFsense, I can't provide exact steps.

Reply
Reply
K
kmurray
Member
Find
222
01-29-2016, 06:40 AM
#6
You created a publicly accessible login page and were caught by a bot attempting access.
Your VNC configurations weren’t secured properly, allowing repeated failed attempts without consequences.
This isn’t a massive DDoS attack—it’s a bot probing for weaknesses, which they’ll likely exploit further.
Never enable RDP or VNC on open networks; it introduces unnecessary risks.
Blocking IPs won’t stop bots if they recognize your open port; consider redirecting traffic through a VPN for safer access.
Reply
Reply
K
kmurray
01-29-2016, 06:40 AM #6

You created a publicly accessible login page and were caught by a bot attempting access.
Your VNC configurations weren’t secured properly, allowing repeated failed attempts without consequences.
This isn’t a massive DDoS attack—it’s a bot probing for weaknesses, which they’ll likely exploit further.
Never enable RDP or VNC on open networks; it introduces unnecessary risks.
Blocking IPs won’t stop bots if they recognize your open port; consider redirecting traffic through a VPN for safer access.

Reply
Reply
B
blue_fanta
Member
Find
143
02-04-2016, 07:42 AM
#7
I wasn’t able to locate a method for blacklisting the IP address. The search results only mentioned parental controls.
Reply
Reply
B
blue_fanta
02-04-2016, 07:42 AM #7

I wasn’t able to locate a method for blacklisting the IP address. The search results only mentioned parental controls.

Reply
Reply
S
stuff
Member
Find
173
02-11-2016, 02:13 PM
#8
The VNC blocked the IP address but continues attempting to establish a connection.
Reply
Reply
S
stuff
02-11-2016, 02:13 PM #8

The VNC blocked the IP address but continues attempting to establish a connection.

Reply
Reply
H
Hazardrider01
Junior Member
Find
39
02-16-2016, 09:01 PM
#9
It's improved somewhat, though it's not perfect. It seems I overlooked the original VPN option, which would have allowed remote access more effectively.
Reply
Reply
H
Hazardrider01
02-16-2016, 09:01 PM #9

It's improved somewhat, though it's not perfect. It seems I overlooked the original VPN option, which would have allowed remote access more effectively.

Reply
Reply
H
HopiheEmi
Member
Find
158
02-17-2016, 02:10 AM
#10
I also run a web server and frequently face bots trying to access pages like www.mysite.com/admin or /login. Only simple HTML files are hosted there, haha.
Reply
Reply
H
HopiheEmi
02-17-2016, 02:10 AM #10

I also run a web server and frequently face bots trying to access pages like www.mysite.com/admin or /login. Only simple HTML files are hosted there, haha.

Reply
Reply
Pages (2): 1 2 Next