|
๐ณ๐ฑ
Linuxmalwarehuntingnl
|
|
Unauthorized connection attempt
|
Brute-Force
|
|
|
Anonymous
|
|
SSL VPN brute force
|
Brute-Force
|
|
|
Anonymous
|
|
Brute Force
|
Brute-Force
|
|
|
๐ฉ๐ช
onkeltom
|
|
Multiple unauthorized VPN login attempts
|
VPN IP
Hacking
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-26 time=12:46:42 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="tmp" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-25 time=17:07:16 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="sslvpnuser" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
๐ฆ๐บ
Leon Berenger
|
|
logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.10 ...
show more
logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 srccountry="Ukraine" user="sslvpnuser" group="N/A" dst_host="N/A" reason="sslvpn_login_permission_denied" msg="SSL user failed to logged in"
show less
|
Brute-Force
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-25 time=08:15:27 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="itsupport" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-25 time=07:46:43 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="itsupport" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
๐ฉ๐ช
onkeltom
|
|
Unauthorized VPN login attempts
|
VPN IP
Hacking
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-24 time=11:05:42 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="hp" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-24 time=09:06:27 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="hr" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
Anonymous
|
|
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2023-10-24 time=07:59:46 devname=FG200E4Q16901016 devid=FG200E4Q16901016 logid=0101039426 type=event subtype=vpn level=alert vd=root logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=94.131.102.14 user="usr" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
|
VPN IP
|
|
|
๐ฉ๐ช
onkeltom
|
|
Multiple unauthorized VPN login attempts
|
VPN IP
Hacking
|
|
|
Anonymous
|
|
Log aggregation/SIEM detected brute force attack
|
Brute-Force
Exploited Host
|
|