Concerned about my security
Posted: Mon Dec 12, 2011 3:30 am
Hi All,
This is my first post and I have to say that Amahi is a super cool product. Having said that I am a bit concerned and I am hoping that someone can help me to clarify some strange behaviour.
My background in IT is as a storage and DR specialist, working on EMC Clariion, Dell Equallogic, Compellent and Powervault gear. I am quite strong in Windows/VMware/Hardware but not so much in Linux or with DNS. I just logged into my HDA which I am in the process of building up 2 x MD RAIDS on (Super cool) and discovered a login by a system that does not belong on my network. I looked up the IP and did a Whois and discovered it was from a wierd IP in the bahamas.
http://i.imgur.com/9R84b.jpg
I have not yet configured the HDA to take over DNS or DHCP and am behind a firewall with no port forwarding configured so I am wondering how this system/IP was able to gain access to my system.
I am not to keen to proceed with the install unless someone can help me to understand where this login came from. Hopefully I am just being an idiot.
EDIT: I think this may be a wierd DNS entry. I am going to take a closer look and try to figure it out.
BTW Once I am up and running + happy I am stable and secure, I will definitely be making a donation 8D
Thanks,
Christian
This is my first post and I have to say that Amahi is a super cool product. Having said that I am a bit concerned and I am hoping that someone can help me to clarify some strange behaviour.
My background in IT is as a storage and DR specialist, working on EMC Clariion, Dell Equallogic, Compellent and Powervault gear. I am quite strong in Windows/VMware/Hardware but not so much in Linux or with DNS. I just logged into my HDA which I am in the process of building up 2 x MD RAIDS on (Super cool) and discovered a login by a system that does not belong on my network. I looked up the IP and did a Whois and discovered it was from a wierd IP in the bahamas.
http://i.imgur.com/9R84b.jpg
I have not yet configured the HDA to take over DNS or DHCP and am behind a firewall with no port forwarding configured so I am wondering how this system/IP was able to gain access to my system.
I am not to keen to proceed with the install unless someone can help me to understand where this login came from. Hopefully I am just being an idiot.
EDIT: I think this may be a wierd DNS entry. I am going to take a closer look and try to figure it out.
BTW Once I am up and running + happy I am stable and secure, I will definitely be making a donation 8D
Thanks,
Christian