Code: Select all
Event Level: INFO
Date: 03/14/2023 AM 03:59
User: SYSTEM
Event: [System] "ftp" login failure from IP "203.91.115.55" detected.
Code: Select all
Event Level: INFO
Date: 03/14/2023 AM 07:29
User: SYSTEM
Event: [System] "ftp" login failure from IP "193.46.199.53" detected.
Code: Select all
Event Level: INFO
Date: 03/14/2023 AM 07:29
User: SYSTEM
Event: [Network Defender] Abnormal login attempt detected, Add IP "193.46.199.53" to Autoblock List.
I'm also running into an odd "samba" issue, where it is complaining my machine (and another one) are logging in incorrectly (not sure if this *is* a bug or not, but without any information, I can't tell). All the machines have a drive letter aimed at \\uncname\share and Credentials are stored manually for the uncname. These machines SEE and WORK with the shares fine, so what *IS* the error?
Code: Select all
Event Level: INFO
Date: 03/14/2023 AM 08:07
User: SYSTEM
Event: [System] "samba" login failure from IP "#.#.#.#" detected.
The main reason this has no help in determining the issues, is because there are no "login credentials" listed. Same for the FTP errors, then there is this one:
Code: Select all
Event Level: INFO
Date: 03/14/2023 PM 12:30
User: SYSTEM
Event: [Regional Options] Failed to sync from the NTP server.
The issue is with the current event information is, it is severely lacking any details. If you have to ask "Why is that error happening?" then the log information isn't robust enough to give you the answer or at least a direction to move towards.
I've dealt with limited to no logs in hardware before, some commercial units of yesteryear were like that, none-of-which were of any use in solving issues. Thought those days were behind me.
GuruSR.