I have a Raspberry Pi3 with Raspbian Stretch that is behind a home router.
/var/log/auth.log in the RPi consistently shows failed login attempts with generic usernames (root, operator, webmaster, and so on), on random ports with high numbers, 3 attemps every 10 seconds approximately, from a chinese address. I know this is unsurprising.
What I don't understand is how come PuTTY can't reach that same server when I try to contact it through my public IP ?
I am very much a newbie in this field, but with my knowledge, this is a complete paradox.
Some additional technical notes :
iptables is untouched
nmap to my public IP address gives "all 1000 ports scanned are filtered"
- a functionnal LAMP server hosts an Owncloud that works, but only from LAN, as any attemps of contacting my public IP address miserably fail.
- my attempts at connecting to my public IP are made from the same LAN as the RPi's.
- port 22 is redirected to the RPi in the router, and the router's firewall is completely off for the purpose of my present tests.
- in the router, my RPi is set to be in the DMZ. Afaik, results are the same with this setting off.
Where are my packets dropped and why ?
Where could I search for the log that would show me ?
Thanks in advance
No comments:
Post a Comment