Router Intrusion in firewall's log

wireless-router networking wireless-networking router security
8,127

Solution 1

It's perfectly normal to be subject to port scans at any and all times while online. This is the unfortunate truth. Still, this poses no risk unless you have vulnerable services exposed to the internet.

What you're seeing is merely an informational message. No harm is done and no hacking attempted.

Solution 2

Its not an intrusion, it mearly means someone has scanned your router from the outside to try and find an open port. I wouldn't worry about it too much :)

Normally on a router, the ports (think "gateways" for lack fo a better word) into your network are closed. These ports can manually be opened for a whole host of reasons (such as hosting your own website etc).

"Hackers" like to scan for these open ports to try and find a route into your PC. If you havent opened these manually, you should be perfectly fine. If you are unsure, you can run your own port scan Here and see for yourself if you have anything open :)

Share:
8,127

Related videos on Youtube

lunar
Author by

lunar

Updated on September 18, 2022

Comments

  • lunar
    lunar over 1 year

    Everytime my router connect to internet I am finding in my router's firewall log intrusion warnings. Could you please explain what it means? Is it actually someone hacking my router or is that connection dropped by the router?

    e.g.

    Mar 11 14:15:11     kernel  warning     kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234

    Here is my router firewall full log

    Mar 8 16:20:01  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.22 DST=109.78.153.90.
Mar 8 16:20:09  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:09  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.160 DST=109.78.153.90.
Mar 8 16:20:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:27  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:29  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:34  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:42  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:49  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:20:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:20:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:04  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:10  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:26  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:55  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:56  kernel  warning     kernel: [fwlog] Tcp port scan,SRC=54.229.249.228 DST=109.78.153.90. 
Mar 8 16:21:58  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:22:10  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:22:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:24:36  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:55  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:07  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:35  kernel  warning     kernel: [fwlog] Intrusion -> SRC=2.51.192.149 DST=109.78.153.90
Mar 8 16:25:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:44  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:45  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:47  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:53  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:26:07  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:03  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:16  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:24  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:27  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:45  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:01  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRCMar 11 14:10:52 kernel: [fwlog] Intrusion -> SRC=88.165.119.13 DST=109.78.126.234
Mar 11 14:15:11     kernel  warning     kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:52     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:55     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:00     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:06     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:52     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:58     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:10     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
  • lunar
    lunar about 10 years
    This is no harm as well: Mar 11 14:15:11 kernel warning kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234?
  • lunar
    lunar about 10 years
    I understand that port scan in not yet something to be worry about. But among these port scans is explicit log of src of intrusion and this is something I am worry about.
  • Fazer87
    Fazer87 about 10 years
    that one log line doesn't give enough information to see how far (if anywhere) the hacker got. Do you have an internal firewall like Zonealarm or similar which you can extract logs from?
  • lunar
    lunar about 10 years
    I use ubuntu which comes with firewall

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

ASUS router EA-N66R has different subnet mask than laptop
Laptop won't work with WPA encryption
Configuring a Wired Access Point - Linksys WRT54G
Asus Router RT- N12 D1 not connecting with pppoe
How to set up a wireless printer on a computer wired to a Wireless Router
I cannot ping from my laptop to my desktop and vice-versa but can ping my smartphone
Can I check which devices are connected to the router I'm connected to through a range extender (Booster)?
Can't connect HP DeskJet 3050a J610a over WPS to a new Wireless Router
D-Link DIR-615 bricked. Power led stays orange, can't get into emergency flash mode
Someone keeps hacking my wifi router