Hi,
We have a report from every single one of our Synology network attached storage (NAS) that there was an attempt to access it via SSH and the IP is coming from Fortigate itself and I wanna know exactly why?
From the logs, it says a user "admin" from the IP of Fortigate (192.168.0.1) device is accessing our Synology NAS via SSH.
We're using the Fortigate 100E running on FortiOS v6.0.5 build0268 (GA)
additional note:
Currently, some users are currently using Forticlient VPN when connected to Synology, their IP address will be marked as only one address which is 192.168.0.1 to the Synology log list, but their access is only SMB protocol, not SSH. Is there any possible that there is an infected device? although this VPN setup is already a year and a half (when the pandemic started) and that attempt was just a recent (last Saturday).
Thank you and regards.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.