Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS Logs
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS Logs (Read 268 times)
Mikestr
Newbie
Posts: 3
Karma: 0
IDS Logs
«
on:
October 20, 2024, 10:53:16 pm »
Can anyone help me with this?
Date
Severity
Process
Line
2024-10-20T14:39:51-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:31819
2024-10-20T14:39:46-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 3.213.46.228:6502 -> 192.168.1.5:40532
2024-10-20T14:39:41-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:60551
2024-10-20T14:39:38-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:54574
2024-10-20T14:39:32-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:17566
2024-10-20T14:39:26-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:2059
2024-10-20T14:39:22-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:31617
2024-10-20T14:39:17-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:65030
2024-10-20T14:39:10-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:42158
2024-10-20T14:39:06-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:19340
2024-10-20T14:39:01-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:28991
2024-10-20T14:38:56-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:14753
2024-10-20T14:38:48-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:40209
2024-10-20T14:38:43-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:57313
2024-10-20T14:38:37-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.41.117.235:6502 -> 192.168.1.5:63508
2024-10-20T14:38:32-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:32665
2024-10-20T14:38:28-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:43553
2024-10-20T14:38:19-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.8.83.135:6502 -> 192.168.1.5:14483
2024-10-20T14:38:14-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:32520
2024-10-20T14:37:57-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.8.83.135:6502 -> 192.168.1.5:5190
2024-10-20T14:37:53-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:50968
2024-10-20T14:37:45-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.8.83.135:6502 -> 192.168.1.5:5612
2024-10-20T14:37:40-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:1091
2024-10-20T14:37:35-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.8.83.135:6502 -> 192.168.1.5:19851
2024-10-20T14:37:29-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:29710
2024-10-20T14:37:22-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 52.8.83.135:6502 -> 192.168.1.5:32752
2024-10-20T14:37:17-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:25774
2024-10-20T14:37:16-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 54.70.173.118:6615 -> 192.168.1.5:28121
2024-10-20T14:37:08-06:00 Notice suricata [Drop] [1:2011540:7] ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O) [Classification: Not Suspicious Traffic] [Priority: 3] {TCP} 44.224.252.72:6502 -> 192.168.1.5:15835
Logged
Mikestr
Newbie
Posts: 3
Karma: 0
Re: IDS Logs
«
Reply #1 on:
October 21, 2024, 03:07:36 am »
I don't know what it means and how to stop it. I did set it to drop, before it said notify I think.
Logged
Mikestr
Newbie
Posts: 3
Karma: 0
Re: IDS Logs
«
Reply #2 on:
October 21, 2024, 03:45:27 am »
When I look up the IP's they all point to amazon.
Logged
Patrick M. Hausen
Hero Member
Posts: 6807
Karma: 572
Re: IDS Logs
«
Reply #3 on:
October 21, 2024, 07:56:23 am »
The internal system with IP address 192.168.1.5 is probably trying to get a certificate from the Letsencrypt demo CA.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS Logs