HI!
Yesterday I discovered in smb log file these entries:
For me it looks like somebody or some bot was trying to get in to my network, but if logs shows that path was misstyped (eg. %SystemRoot%/system32) means that this person/bot is already connected to my router/network? Correct me if I am wrong.Code:[2008/04/09 23:03:08, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = iPod_Control/Device. Error was No such file or directory [2008/04/09 23:03:08, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = iPod_Control/Device. Error was No such file or directory [2008/04/09 23:03:08, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = iPod_Control/Device. Error was No such file or directory [2008/04/09 23:03:08, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = iPod_Control/Device. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory [2008/04/10 16:24:16, 0] smbd/open.c:open_directory(1231) open_directory: unable to stat name = %SystemRoot%/system32. Error was No such file or directory
I made some research and I typed in not existing path, and smb log looks like this:
where:Code:[2008/04/11 11:46:54, 0] smbd/service.c:make_connection(214) laptop (xxx.xxx.x.x) couldn't find service wwwwwww [2008/04/11 11:46:54, 0] smbd/service.c:make_connection(214) laptop (xxx.xxx.x.x) couldn't find service wwwwwww [2008/04/11 11:46:54, 0] smbd/service.c:make_connection(214) laptop (xxx.xxx.x.x) couldn't find service wwwwwww [2008/04/11 11:46:54, 0] smbd/service.c:make_connection(214) laptop (xxx.xxx.x.x) couldn't find service wwwwwww
- laptop is my computer hostname
- xxx.xxx.x.x is my lan ip
Please help me understand this piece of smb log.
I need to be sure that my net is safe enough.
BTW: I'm using Oleg fw 1.9.2.7-10
Thanks!
Reply With Quote