Hi, I’m seeing this traffic in my UnFi Threat Management section, which is being blocked.
Anyone know when they are?
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.53:49788, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.52:43814, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.53:49788, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.53:49784, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.53:52872, to: 104.192.141.1:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.52:43814, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.52:43808, to: 13.237.44.5:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.52:41172, to: 104.192.141.1:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.51:37286, to: 52.64.108.95:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.51:37280, to: 52.64.108.95:22, protocol: TCP
Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.1.51:60380, to: 104.192.141.1:22, protocol: TCP
Thanks