防火墙日志中的路由器入侵

防火墙日志中的路由器入侵

每次我的路由器连接到互联网时,我都会在路由器的防火墙日志中发现入侵警告。你能解释一下这是什么意思吗?是有人入侵了我的路由器,还是路由器断开了连接?

例如

Mar 11 14:15:11     kernel  warning     kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234

这是我的路由器防火墙完整日志

Mar 8 16:20:01  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.22 DST=109.78.153.90.
Mar 8 16:20:09  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:09  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.160 DST=109.78.153.90.
Mar 8 16:20:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:27  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:29  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.64 DST=109.78.153.90.
Mar 8 16:20:34  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:42  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:20:49  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:20:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:20:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:04  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:10  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:26  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:21:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:21:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:21:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:55  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:56  kernel  warning     kernel: [fwlog] Tcp port scan,SRC=54.229.249.228 DST=109.78.153.90. 
Mar 8 16:21:58  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:21:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.39 DST=109.78.153.90.
Mar 8 16:22:10  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.229.249.228 DST=109.78.153.90.
Mar 8 16:22:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:20  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.47 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:30  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.195.129.21 DST=109.78.153.90.
Mar 8 16:22:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:54  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:22:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.67.17 DST=109.78.153.90.
Mar 8 16:24:36  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:43  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:51  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:24:55  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:07  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:19  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:35  kernel  warning     kernel: [fwlog] Intrusion -> SRC=2.51.192.149 DST=109.78.153.90
Mar 8 16:25:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:25:44  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:45  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:47  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:52  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:25:53  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=144.76.139.143 DST=109.78.153.90.
Mar 8 16:26:07  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=92.123.72.206 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:56  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:26:57  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:03  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:11  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:16  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:24  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:27  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:37  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:45  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:46  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=54.220.35.30 DST=109.78.153.90.
Mar 8 16:27:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:27:59  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:01  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:32  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:39  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRC=141.101.113.133 DST=109.78.153.90.
Mar 8 16:28:48  kernel  warning     kernel: [fwlog] Tcp port scan, SRCMar 11 14:10:52 kernel: [fwlog] Intrusion -> SRC=88.165.119.13 DST=109.78.126.234
Mar 11 14:15:11     kernel  warning     kernel: [fwlog] Intrusion -> SRC=85.102.133.241 DST=109.78.126.234
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:45     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:46     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:52     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:16:55     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:00     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:06     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:16     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:48     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:49     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:52     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:17:58     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:10     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.
Mar 11 14:18:11     kernel  warning     kernel: [fwlog] Tcp port scan, SRC=66.196.65.112 DST=109.78.126.234.

答案1

上网时随时受到端口扫描是完全正常的。这是不幸的事实。不过,除非您的服务暴露在互联网上,否则这不会带来任何风险。

您所看到的只是一条信息消息。不会造成任何损害,也不会尝试进行黑客攻击。

答案2

这不是入侵,只是意味着有人从外部扫描了你的路由器,试图找到一个开放的端口。我不会太担心这个 :)

通常在路由器上,进入您网络的端口(如果找不到更好的词,可以想象为“网关”)是关闭的。这些端口可以因各种原因(例如托管您自己的网站等)手动打开。

“黑客”喜欢扫描这些开放端口,试图找到进入您电脑的路径。如果您没有手动打开这些端口,那么应该没问题。如果您不确定,您可以运行自己的端口扫描这里亲自看看你是否有什么开放的:)

相关内容