Security problems?

Tags: #<Tag:0x00007f326377f3e8>

Secure connection via Nginx? I have installed “NGINX Home Assistant SSL proxy” on Home Assistant 0.117.2 and configured one port forwarding in my router to VM on which Home Assitant is installed. I have recently been disconnected from the internet 2 times by my provider, due to a hack attempt to an external address. I have received the abuse report below.

Reported-From: [email protected]
Category: abuse
Report-Type: login-attack
Service: ssh
Version: 0.2
User-Agent: Fail2BanFeedBackScript blocklist.de V0.2
Date: Wed, 14 Oct 2020 11:22:18 +0100
Source-Type: ip-address
Source: xx.xx.xx.xxx
Port: 22
Report ID: [email protected]

Thus, outgoing hack traffic via SSH has been committed to an external address. Now I know that incoming traffic on Home Assistant can be secured properly, but how can I protect my system against outgoing traffic? And how can this be carried out at all via my connection. I am desperate, I don’t know how to fix this. I have more 50 devices integrated in my Home Assistant. All my PCs, tablets, phones were of course scanned by advanced software and nothing came out. Are the HACS Addons safe, does anyone have similar issues?

Maybe it’s your router.

I only trust products with trusted provider for outgoing WAN internet connection. Everything else is placed in vlan that basically allows connection to device and reply back to request from device but not allow device go out and connect to anything it want.

Google, amazon, Roku product I allow WAN. Everything else no. Only allow them because they require it or I block them too.

Wireshark and set it to monitor lannthe go back and review for outgoing ssh

1 Like

Thanks for the info, I will begin with Wireshark.

Anyone having problems with the HACS addons? Do I provide free access to my internal network with a HACS addon? Could it be that a hack is carried out to an external address in this way?

Anything is possible but i’d imagine it is not likely

Wireshark would show this and likely if it was issue someone else would report it or be having similar issues

You also taking the isp word that you have issue but could this be wrong? You need to verify yourself. You may be able to create firewall rules to block port 22 or block devices connecting to the IP on your network. Pihole may also be an option that may help you.

I don’t use HACS. I don’t think you can block them from internet.