Good Day Everyone!
I am new to the forum and in using fortinet. We are using a fortigate 60C (MR3 Patch 7) and I keep seeing this IP address in the per-ip bandwith usage.
218.65.30.107 - 107.30.65.218.broad.xy.jx.dynamic.163data.com.cn
(https://www.abuseipdb.com/index.php/check/218.65.30.107?page=10)
(http://goughlui.com/2015/04/27/experiment-ssh-honeypot-week-2/) 58.242.83.14
the first IP is tagged as a known ssh attacker from an ISP in China called Chinanet-jx. May I ask for an advice on what should I do with this? should I be alarmed? will creating a denying policy block this suspicious IP address? Thank you all so much in advance.
Regards,
Michael
User | Count |
---|---|
141 | |
70 | |
64 | |
42 | |
37 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.