On Sat, 2022-08-20 at 09:58 +0200, François Patte wrote:
Le 2022-08-20 08:56, Barry a écrit :
> > On 19 Aug 2022, at 21:33, François Patte
> > <francois.patte(a)mi.parisdescartes.fr> wrote:
> >
> > Bonjour,
> >
> > This morning, logwatch reported this in the iptables section:
> >
> > Logged 99 packets on interface enp3s0
> > .........
> > From 10.91.96.218 - 6 packets to udp(54366)
> >
> > How, this IP address could be logged on my private network (which
> > is
> > 192.168.1.0)?
>
> That is where it is FROM where is it TO? Was it to a broadcast
> address
> for example?
TO port 54366
Nothing behind this port...
The problem is: how an IP from a private network (10....) could reach
my machine through the internet?
Are you sure it came via the Internet? Seems unlikely. Are you running
any virtual machines? They can use private addresses for virtual
network interfaces. What happens if you ping that address?
poc