Hi Guys,
I will start off by saying that I am a complete newbie, and getting Freenas running has been my crowning achievement. However, now I have reached a point where I need to enhance my security.
My freenas server is a plex and Time Machine server for my household. I have no need to access it from outside my house, and it holds backups and movies. As such, I only have 1 account for accessing and 1 root account. With 777 permissions for that account, because, only I use it, everything else is automated. I have apple afp and cifs and SMART services turned on, thats it (note, no SSH).
Recently, my security output has been giving me failed attempted logins from China, spamming all my ports. I would like to say there is no SSH, I have no DNS pointed to my home IP, Plex is not logged into the server. I don't even know how they are getting my ip.
Anyways, my security log looks like this, how can I up my network security?
I will start off by saying that I am a complete newbie, and getting Freenas running has been my crowning achievement. However, now I have reached a point where I need to enhance my security.
My freenas server is a plex and Time Machine server for my household. I have no need to access it from outside my house, and it holds backups and movies. As such, I only have 1 account for accessing and 1 root account. With 777 permissions for that account, because, only I use it, everything else is automated. I have apple afp and cifs and SMART services turned on, thats it (note, no SSH).
Recently, my security output has been giving me failed attempted logins from China, spamming all my ports. I would like to say there is no SSH, I have no DNS pointed to my home IP, Plex is not logged into the server. I don't even know how they are getting my ip.
Anyways, my security log looks like this, how can I up my network security?
freenas.local login failures:
Jun 28 04:20:59 freenas sshd[23124]: Failed password for root from 222.186.34.130 port 2962 ssh2
Jun 28 04:20:59 freenas sshd[23124]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:20:59 freenas sshd[23134]: Failed password for root from 222.186.34.130 port 3516 ssh2
Jun 28 04:20:59 freenas sshd[23134]: Failed password for root from 222.186.34.130 port 3516 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23138]: Failed password for root from 222.186.34.130 port 3555 ssh2
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23138]: Failed password for root from 222.186.34.130 port 3555 ssh2
Jun 28 04:21:00 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23140]: Failed password for root from 222.186.34.130 port 3579 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23140]: Failed password for root from 222.186.34.130 port 3579 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23142]: Failed password for root from 222.186.34.130 port 3585 ssh2
Jun 28 04:21:01 freenas sshd[23142]: Failed password for root from 222.186.34.130 port 3585 ssh2
Jun 28 04:21:01 freenas sshd[23144]: Failed password for root from 222.186.34.130 port 3588 ssh2
Jun 28 04:21:01 freenas sshd[23144]: Failed password for root from 222.186.34.130 port 3588 ssh2
Jun 28 04:21:01 freenas sshd[23146]: Failed password for root from 222.186.34.130 port 3600 ssh2
Jun 28 04:21:01 freenas sshd[23146]: Failed password for root from 222.186.34.130 port 3600 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:03 freenas sshd[23148]: Failed password for root from 222.186.34.130 port 3656 ssh2
Jun 28 04:21:03 freenas sshd[23150]: Failed password for root from 222.186.34.130 port 3669 ssh2
Jun 28 04:21:03 freenas sshd[23148]: Failed password for root from 222.186.34.130 port 3656 ssh2
Jun 28 04:21:03 freenas sshd[23150]: Failed password for root from 222.186.34.130 port 3669 ssh2
Jun 28 11:46:34 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:34 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:34 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:34 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:35 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:35 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:35 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:35 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:36 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:36 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:36 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:37 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:37 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27560]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:37 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:38 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:38 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:38 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:38 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:39 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:39 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27565]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:51 freenas sshd[27572]: Failed password for root from 193.107.17.72 port 19326 ssh2
Jun 28 11:46:55 freenas sshd[27572]: Disconnecting: Too many authentication failures for root [preauth]
-- End of security output --
Jun 28 04:20:59 freenas sshd[23124]: Failed password for root from 222.186.34.130 port 2962 ssh2
Jun 28 04:20:59 freenas sshd[23124]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:20:59 freenas sshd[23134]: Failed password for root from 222.186.34.130 port 3516 ssh2
Jun 28 04:20:59 freenas sshd[23134]: Failed password for root from 222.186.34.130 port 3516 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Failed password for root from 222.186.34.130 port 3401 ssh2
Jun 28 04:21:00 freenas sshd[23132]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Failed password for root from 222.186.34.130 port 3294 ssh2
Jun 28 04:21:00 freenas sshd[23130]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23138]: Failed password for root from 222.186.34.130 port 3555 ssh2
Jun 28 04:21:00 freenas sshd[23136]: Failed password for root from 222.186.34.130 port 3547 ssh2
Jun 28 04:21:00 freenas sshd[23138]: Failed password for root from 222.186.34.130 port 3555 ssh2
Jun 28 04:21:00 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Failed password for root from 222.186.34.130 port 2682 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23120]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Failed password for root from 222.186.34.130 port 3078 ssh2
Jun 28 04:21:01 freenas sshd[23126]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23122]: Failed password for root from 222.186.34.130 port 2879 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23122]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23140]: Failed password for root from 222.186.34.130 port 3579 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23140]: Failed password for root from 222.186.34.130 port 3579 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Failed password for root from 222.186.34.130 port 3226 ssh2
Jun 28 04:21:01 freenas sshd[23128]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:01 freenas sshd[23142]: Failed password for root from 222.186.34.130 port 3585 ssh2
Jun 28 04:21:01 freenas sshd[23142]: Failed password for root from 222.186.34.130 port 3585 ssh2
Jun 28 04:21:01 freenas sshd[23144]: Failed password for root from 222.186.34.130 port 3588 ssh2
Jun 28 04:21:01 freenas sshd[23144]: Failed password for root from 222.186.34.130 port 3588 ssh2
Jun 28 04:21:01 freenas sshd[23146]: Failed password for root from 222.186.34.130 port 3600 ssh2
Jun 28 04:21:01 freenas sshd[23146]: Failed password for root from 222.186.34.130 port 3600 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Failed password for root from 222.186.34.130 port 2087 ssh2
Jun 28 04:21:02 freenas sshd[23118]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:02 freenas sshd[23116]: Failed password for root from 222.186.34.130 port 2015 ssh2
Jun 28 04:21:02 freenas sshd[23116]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 04:21:03 freenas sshd[23148]: Failed password for root from 222.186.34.130 port 3656 ssh2
Jun 28 04:21:03 freenas sshd[23150]: Failed password for root from 222.186.34.130 port 3669 ssh2
Jun 28 04:21:03 freenas sshd[23148]: Failed password for root from 222.186.34.130 port 3656 ssh2
Jun 28 04:21:03 freenas sshd[23150]: Failed password for root from 222.186.34.130 port 3669 ssh2
Jun 28 11:46:34 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:34 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:34 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:34 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:35 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:35 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:35 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:35 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:36 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:36 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:36 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:37 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Failed password for root from 193.107.17.72 port 18308 ssh2
Jun 28 11:46:37 freenas sshd[27560]: Failed password for root from 193.107.17.72 port 18366 ssh2
Jun 28 11:46:37 freenas sshd[27559]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27560]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:37 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Failed password for root from 193.107.17.72 port 18464 ssh2
Jun 28 11:46:37 freenas sshd[27561]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:37 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:38 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:38 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:38 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:38 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:39 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Failed password for root from 193.107.17.72 port 18609 ssh2
Jun 28 11:46:39 freenas sshd[27566]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:39 freenas sshd[27565]: Failed password for root from 193.107.17.72 port 18585 ssh2
Jun 28 11:46:39 freenas sshd[27565]: Disconnecting: Too many authentication failures for root [preauth]
Jun 28 11:46:51 freenas sshd[27572]: Failed password for root from 193.107.17.72 port 19326 ssh2
Jun 28 11:46:55 freenas sshd[27572]: Disconnecting: Too many authentication failures for root [preauth]
-- End of security output --