English Forums > Intrusion Detection and Prevention
System log entry involves a reported abuse IP, how to investigate?
(1/1)
LouieLouie:
Aug 31 09:28:37 /update_tables.py: error fetching alias url 81.22.45.80
Disclaimer: To call myself an amateur with security is an insult to the amateurs.
I'm curious about this log entry. I googled update_tables.py, the responses were effectively in sanskrit to me. I know that it's probably a python script, that's it.
Why would opnsense try to fetch an alias for that ip address? Is this an attack? Should I do something?
Thank you for your time and consideration.
dp:
Are you using spamhaus? This IP is on their list as a bad actor and there may have been a hiccup somewhere in the process of updating the table of IPs from their database. To use spamhaus it is setup as an alias.
And it is entirely possible I have no clue of what I am talking about and this is complete gibberish.
Navigation
[0] Message Index
Go to full version