Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fortinewbie
New Contributor

Created on ‎12-04-2017 03:53 PM

Suspicious IP address appearing in PER-IP Bandwidth usage

Good Day Everyone!

I am new to the forum and in using fortinet. We are using a fortigate 60C (MR3 Patch 7) and I keep seeing this IP address in the per-ip bandwith usage. 

 

218.65.30.107 - 107.30.65.218.broad.xy.jx.dynamic.163data.com.cn

(https://www.abuseipdb.com/index.php/check/218.65.30.107?page=10)

(http://goughlui.com/2015/04/27/experiment-ssh-honeypot-week-2/) 58.242.83.14

 

the first IP is tagged as a known ssh attacker from an ISP in China called Chinanet-jx. May I ask for an advice on what should I do with this? should I be alarmed? will creating a denying policy block this suspicious IP address? Thank you all so much in advance.

 

Regards,

Michael

Labels:
1741
0 Kudos
0 REPLIES 0
Labels
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.​

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2023 Fortinet, Inc. All Rights Reserved.