Is something missing in my security settings?
Just put my KiwiSDR2 on line. I just noticed thousands of log messages that look like this...Repeating a few times per minute.
Wed May 1 07:02:50 3d:21:09:23.416 01.. 1 PWD kiwi SND ALLOWED: no config pwd set, allow any (178.250.185.231) Wed May 1 07:03:24 3d:21:09:57.520 01.. 1 RSID: init
I added that IP to my blacklist, but am wondering if there is something else that I need to lock down to stop it.
Thanks.
Comments
Those look normal. Remember that more messages appear in the admin log tab than the Linux syslog. Because the log tab also contains messages that are considered "debugging", hence not syslogged.
Thanks. What concerned me was that the IP address in the messages were all the same and the words "no config pwd set" that appear in the message line....like something wasn't locked down right.
On another Kiwi is see where this IP address is connecting every 30 seconds for a short amount of time. I've added the entire IP range (Russia) to the global blacklist.
"no config pwd set" in this case just means there is no user connection password set. Which is how almost all public Kiwis are configured.
I also had them in the log, they seem to have being lurking on the /?camp site.
OK. Understood now. Thanks for the quick reply.