Hi Guys,
Im nt really sure if this is the right place to post this query but I have been facing a incident lately where my machine is being attempted to access from the internet.
Let me first explain my setup.
I have a machine with a broadband connection on it. The ISP provides me a LOCAL IP and there are no modems or routers involved. Its just a network cable that is getting connected directly to my machines Ethernet port.
With this setup I am able to browse and access rest all services perfectly. Also i am able to SSH remote machines without any issues.
But recently when i was checking the messages of my Linux machine i saw that my machine was being tried to access from the net. the logs were as follows ..
Nov 3 19:26:40 huston sshd[8680]: Invalid user awhite from 112.x.x.2
Nov 3 19:26:37 huston sshd[8676]: Invalid user suraj from 112.x.x.2
Nov 3 19:26:36 huston sshd[8674]: Invalid user viptech from 112.x.x.2
Nov 3 14:57:39 huston sshd[7978]: Invalid user gopher from 58.x.x.142
Nov 3 14:57:38 huston sshd[7976]: Invalid user rpc from 58.x.x.142
Nov 3 14:57:32 huston sshd[7974]: Invalid user rpcuser from 58.x.x.142
Nov 3 14:57:30 huston sshd[7972]: Invalid user nfsnobody from 58.x.x.142
Its not that I want them blocked. I can manage that. I am just curious how they could reach my machine without any sorta port forwarding on my ISP's IP.
Any advice on this will be helpful.
Thanks in advance..