Tweet
Loxone intercom and UDM PRO Threat Management Alert
Hi, i have an intercom from loxone, and i keep getting a lot of this notification from Threat Management Alert. .99 is the video an . 98 is the audio. From what i know it was configured with sip antisip to work over the internet. What are this and what can i do?
Code:
Loxone intercom and UDM PRO Threat Management Alert Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 28. From: 45.155.205.149:45436, to: 192.168.0.99:80, protocol: TCP1:08 am23/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 45.155.205.149:45436, to: 192.168.0.99:80, protocol: TCP1:08 am23/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 192.241.223.136:50512, to: 192.168.0.99:80, protocol: TCP8:07 pm22/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 72. From: 80.94.93.31:5161, to: 192.168.0.99:80, protocol: UDP6:02 pm22/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 83. From: 92.118.161.53:49507, to: 192.168.0.99:80, protocol: TCP5:10 pm22/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 92.118.161.53:49507, to: 192.168.0.99:80, protocol: TCP5:10 pm22/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 68. From: 74.120.14.26:26796, to: 192.168.0.99:80, protocol: TCP4:28 pm22/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 62. From: 65.60.11.210:55750, to: 192.168.0.99:80, protocol: TCP10:47 pm21/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 62. From: 65.60.11.212:30521, to: 192.168.0.99:80, protocol: TCP10:47 pm21/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.40:51844, to: 192.168.0.99:80, protocol: TCP10:12 pm21/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.16:17451, to: 192.168.0.99:80, protocol: TCP10:12 pm21/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 213.108.134.156:63456, to: 192.168.0.99:80, protocol: TCP7:35 am21/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 213.108.134.156:63456, to: 192.168.0.99:80, protocol: TCP7:33 am21/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 194.147.140.4:46052, to: 192.168.0.98:80, protocol: TCP3:15 am21/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 213.108.134.156:63480, to: 192.168.0.99:80, protocol: TCP9:52 pm20/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 213.108.134.156:63480, to: 192.168.0.99:80, protocol: TCP9:50 pm20/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.39:45026, to: 192.168.0.98:80, protocol: TCP3:31 am20/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.72:32664, to: 192.168.0.98:80, protocol: TCP3:31 am20/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.38:58336, to: 192.168.0.99:80, protocol: TCP12:21 am20/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 167.248.133.23:63984, to: 192.168.0.99:80, protocol: TCP12:21 am20/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 67. From: 74.120.14.20:45340, to: 192.168.0.99:80, protocol: TCP6:31 pm19/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 82. From: 92.118.160.33:51927, to: 192.168.0.99:80, protocol: TCP9:50 am19/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 25. From: 45.125.65.52:5111, to: 192.168.0.99:80, protocol: UDP12:09 am19/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 85. From: 94.102.49.191:58350, to: 192.168.0.99:80, protocol: TCP9:44 pm18/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 76. From: 83.97.20.35:33949, to: 192.168.0.99:80, protocol: TCP8:43 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:64956, to: 192.168.0.77:8855, protocol: TCP8:12 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:64956, to: 192.168.0.77:8855, protocol: TCP8:02 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:64908, to: 192.168.0.77:8855, protocol: TCP7:56 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:65348, to: 192.168.0.99:80, protocol: TCP7:56 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:65348, to: 192.168.0.99:80, protocol: TCP7:54 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:64925, to: 192.168.0.98:80, protocol: TCP7:49 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:64908, to: 192.168.0.77:8855, protocol: TCP7:46 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 94.232.46.45:64925, to: 192.168.0.98:80, protocol: TCP7:39 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:65199, to: 192.168.0.99:80, protocol: TCP6:57 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:65199, to: 192.168.0.99:80, protocol: TCP6:55 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:62365, to: 192.168.0.98:80, protocol: TCP4:45 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:62365, to: 192.168.0.98:80, protocol: TCP4:35 pm18/01/2021 Threat Management Alert 1: Executable Code was Detected. Signature ET SHELLCODE Possible Call with No Offset TCP Shellcode. From: 82.76.40.76:84, to: 192.168.0.78:45344, protocol: TCP3:27 pm18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature GPL WEB_SERVER 403 Forbidden. From: 192.168.0.98:80, to: 192.241.198.73:33880, protocol: TCP2:21 pm18/01/2021 Threat Management Alert 3: Detection of a Network Scan. Signature ET SCAN Zmap User-Agent (Inbound). From: 192.241.198.73:33880, to: 192.168.0.98:80, protocol: TCP2:21 pm18/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 98. From: 104.152.52.30:57390, to: 192.168.0.99:80, protocol: TCP10:22 am18/01/2021 Threat Management Alert 2: Misc Attack. Signature ET CINS Active Threat Intelligence Poor Reputation IP group 79. From: 89.248.165.46:45412, to: 192.168.0.98:80, protocol: TCP8:22 am18/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 89.248.165.46:45412, to: 192.168.0.98:80, protocol: TCP8:22 am18/01/2021 Threat Management Alert 2: Misc Attack. Signature ET DROP Dshield Block Listed Source group 1. From: 194.147.140.4:46052, to: 192.168.0.77:8855, protocol: TCP5:24 am18/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:64103, to: 192.168.0.77:8855, protocol: TCP10:50 pm17/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:64103, to: 192.168.0.77:8855, protocol: TCP10:40 pm17/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:62637, to: 192.168.0.99:80, protocol: TCP9:52 pm17/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:62637, to: 192.168.0.99:80, protocol: TCP9:50 pm17/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:65011, to: 192.168.0.98:80, protocol: TCP7:44 pm17/01/2021 Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN MS Terminal Server Traffic on Non-standard Port. From: 45.134.26.78:65011, to: 192.168.0.98:80, protocol: TCP7:34 pm17/01/2021