Suspicious Activity Alerts
When I connect to ntopng web interface I get "probing or server down" alerts from my machine to the ntopng. Is this a setting that I didn't configure correctly? I don't see any other PCs in that error log unless they connect to the web interface. Then it's their IP instead of mine. This is the message:
Suspicious Activity Probing or server down: 192.168.99.219 > pfSense.citygeo.local [TCP 192.168.99.219:50482 > 192.168.99.99:3000 [proto: 7/HTTP][7/0 pkts][1017/0 bytes][SYN ACK FIN PUSH]]
Any advice is appreciated.
… me too , I have many of these alerts in my logs , the help file says "You can set purge idle timeout ??" , I need to know more before I do this , any help would be great , thanxxxx