Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
SurPaul2020-02-06 11:42:58
network hardware
SurPaul, 2020-02-06 11:42:58

Who is trying to log in to DD-WRT?

Yesterday I noticed very suspicious activity on a router with DD-WRT v3.0-r42015 std (01/18/20). This appears in the log every 15-20 minutes:

Feb 5 23:36:22 TP-Link TL-WR841ND daemon.info httpd[3096]: httpd : Authentication fail
Feb 5 23:36:22 TP-Link TL-WR841ND daemon.err httpd[3096]: httpd : Request Error Code 401: Authorization required. please note that the default username is "root" in all newer releases


IP is dynamic, DDNS has already been turned off, there are no unknown devices in LAN. How to find out the IP or MAC of the device from which an authorization attempt is being made?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
K
Karpion, 2020-02-06
@Karpion

It would be nice to look at the logs that httpd itself writes.

Similar questions
A
ayapergenov2015-06-08 20:20:23
How to move some of the items from the vertical menu to the second column? 3Reply
D
DrunkMaster2017-09-06 15:45:02
How to block the opening of a link but JS what would work? 4Reply
D
Denis Sechin2017-03-03 16:07:26
Why are tp-link trwn740** level hardware called routers? 4Reply
A
allaga2019-07-31 07:51:55
How to organize video surveillance without a registrar? 1Reply
D
Dsibe2019-08-02 21:05:49
Very poor internet speed on the phone, is everything fine on other devices? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question