每次我的路由器连接到互联网时,我都会在路由器的防火墙日志中发现入侵警告。你能解释一下这是什么意思吗?是有人入侵了我的路由器,还是路由器断开了连接?
例如
Mar 11 14:15:11 kernel warning kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234
这是我的路由器防火墙完整日志
Mar 8 16:20:01 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.22 DST=109.78.153.90.
Mar 8 16:20:09 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:09 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.160 DST=109.78.153.90.
Mar 8 16:20:20 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:20 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:27 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:29 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:34 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:42 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:49 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:20:54 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:20:59 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:04 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:10 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:19 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:19 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:26 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:30 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:52 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:54 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:55 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:56 kernel warning kernel: [fwlog] Tcp port scan,SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:58 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:59 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:22:10 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:22:20 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:20 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:30 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:37 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:39 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:51 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:51 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:54 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:59 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:24:36 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:39 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:51 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:55 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:07 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:19 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:35 kernel warning kernel: [fwlog] Intrusion -> SRC=2.51.192.149 DST=109.78.153.90
Mar 8 16:25:39 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:44 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:47 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:53 kernel warning kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:26:07 kernel warning kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:03 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:16 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:24 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:27 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:37 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:39 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:59 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:59 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:01 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:39 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48 kernel warning kernel: [fwlog] Tcp port scan, SRCMar 11 14:10:52 kernel: [fwlog] Intrusion -> SRC=88.165.119.13 DST=109.78.126.234
Mar 11 14:15:11 kernel warning kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234
Mar 11 14:16:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:52 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:55 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:00 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:06 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:52 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:58 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:10 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11 kernel warning kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
答案1
上网时随时受到端口扫描是完全正常的。这是不幸的事实。不过,除非您的服务暴露在互联网上,否则这不会带来任何风险。
您所看到的只是一条信息消息。不会造成任何损害,也不会尝试进行黑客攻击。
答案2
这不是入侵,只是意味着有人从外部扫描了你的路由器,试图找到一个开放的端口。我不会太担心这个 :)
通常在路由器上,进入您网络的端口(如果找不到更好的词,可以想象为“网关”)是关闭的。这些端口可以因各种原因(例如托管您自己的网站等)手动打开。
“黑客”喜欢扫描这些开放端口,试图找到进入您电脑的路径。如果您没有手动打开这些端口,那么应该没问题。如果您不确定,您可以运行自己的端口扫描这里亲自看看你是否有什么开放的:)