Hi Anton, suddenly my server (AWS) stopped responding, and it was necessary to stop the instance and initialize for the server to respond again. Analyzing the log, I found that there was information about devices that I don't use, as I only have Suntech devices. Could you tell me where this information came from and if there is a security risk?
2020-10-21 16:36:33 INFO: [243537a5: totem < 198.143.133.154] HEX: 474554202f20485454502f312e310d0a486f73743a20332e3133372e3136352e34343a353030370d0a557365722d4167656e743a204d6f7a696c6c612f352e30202857696e646f7773204e542031302e303b20574f57363429204170706c655765624b69742f3533372e333620284b48544d4c2c206c696b65204765636b6f29204368726f6d652f36362e302e333335392e313137205361666172692f3533372e3336200d0a4163636570743a202a2f2a0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a
2020-10-21 16:36:38 INFO: [243537a5] disconnected
2020-10-21 16:36:38 INFO: [2b48d65a] connected
2020-10-21 16:36:38 INFO: [2b48d65a: totem < 198.143.133.154] HEX: 160301008a01000086030375c5a63306c7e6a0321c70ee92c0e32ae8abd057c3dac80260b5fa9aa1ed8ab800001ac02fc02bc011c007c013c009c014c00a0005002f0035c012000a0100004300000011000f00000c332e3133372e3136352e3434000500050100000000000a00080006001700180019000b00020100000d000a00080401040302010203ff01000100
2020-10-21 16:36:43 INFO: [2b48d65a] disconnected
2020-10-21 16:36:44 INFO: [6a1a686a] connected
2020-10-21 16:36:44 INFO: [6a1a686a: totem < 198.143.133.154] HEX: 5353482d322e302d476f0d0a
2020-10-21 16:36:52 INFO: [6a1a686a] disconnected
2020-10-21 16:36:52 INFO: [b868eabd] connected
2020-10-21 16:36:57 INFO: [b868eabd] disconnected
2020-10-21 16:36:57 INFO: [0cce5a3e] connected
2020-10-21 16:37:05 INFO: [0cce5a3e] disconnected
2020-10-21 16:37:05 INFO: [43ace107] connected
2020-10-21 16:37:05 INFO: [43ace107: totem < 198.143.133.154] HEX: 160301009a010000960303b9442b04de07d30727855778dbfff9c16cb8ccac8b0e918c0f683c5a8c58925c00001ac02fc02bc011c007c013c009c014c00a0005002f0035c012000a01000053000500050100000000000a00080006001700180019000b00020100000d00260024060106030602050105030502040104030402030103030302020102030202010101030102ff01000100000f00010100120000
2020-10-21 16:37:10 INFO: [43ace107] disconnected
2020-10-21 16:37:10 INFO: [b0923cc5] connected
2020-10-21 16:37:10 INFO: [b0923cc5: totem < 198.143.133.154] HEX: 160301009a010000960303d65a9d29251a26ab28cbb99bb54050af6d95ac04b92b6fcf57e1fb2c14741bc800001ac02fc02bc011c007c013c009c014c00a0005002f0035c012000a01000053000500050100000000000a00080006001700180019000b00020100000d00260024060106030602050105030502040104030402030103030302020102030202010101030102ff01000100000f00010100120000
2020-10-21 16:37:15 INFO: [b0923cc5] disconnected
2020-10-21 16:37:15 INFO: [88789814] connected
2020-10-21 16:37:15 INFO: [88789814: totem < 198.143.133.154] HEX: 802e0100020015000000100500800300800100800700c00600400400800200806301005c5dd70abc8d9cd023bbfefe8c
2020-10-21 16:37:20 INFO: [88789814] disconnected
2020-10-21 17:23:38 INFO: [e371af7e: cartrack < 209.17.96.82] HEX: 160302016f0100016b03025248c51a23f73a4edfe2b4822fff09549fa7c479b068c6138ca41c3d22e11a982084b42c85af6ee359bb62686cff283d273aa982d96fc8a2d79398b4ef80e5b9900028c00ac0140039006b0035003dc007c009c023c011c013c02700330067003200050004002f003c000a010000faef00001a001800001573796e6469636174696f6e2e7477696d672e636f6dff01000100000a00080006001700180019000b00020100002300b081011967601e04429af3e23c86584f876944b01d8e01faa5873d5ddc164cb420dad342b088ec0a13c3c64c44747df58393eb16607e470715ae683f32fc2871dd8d2ae09e03ad28d9892f0f07afc1278ef157fbc6c4d4563af6ed59614a17140bd77caefe55d97aa6f6c657b53ced789dee39d867020992cba566a3483d06eda5022e9b16f62be73f79651acb6c5cbd6bad11debedf35db0bff2c909432b594573d5e25d21bd2448596312869d74a130a33740000754f0000000500050100000000
2020-10-21 17:24:07 WARN: [e371af7e] error - Connection reset by peer - IOException (...)
2020-10-21 17:24:07 INFO: [e371af7e] disconnected
2020-10-21 18:35:57 INFO: [35a97af7: stl060 < 103.145.13.171] HEX: 494e56495445207369703a303039373235393233313532383140332e3133372e3136352e34343a353036303b7472616e73706f72743d746370205349502f322e300d0a546f3a203c7369703a303039373235393233313532383140332e3133372e3136352e34343e0d0a46726f6d3a203c7369703a3130303140332e3133372e3136352e34343e3b7461673d65363131336232360d0a5669613a205349502f322e302f544350203130332e3134352e31332e3137313a33353531363b6272616e63683d7a39684734624b2d34323143413231392d3939383738323837362d312d2d34323143413231393b72706f72740d0a43616c6c2d49443a2034323143413231390d0a435365713a203120494e564954450d0a436f6e746163743a203c7369703a31303031403130332e3134352e31332e3137313a33353531363b7472616e73706f72743d5443503e0d0a436f6e74656e742d547970653a206170706c69636174696f6e2f7364700d0a4d61782d466f7277617264733a2037300d0a416c6c6f773a20494e564954452c2041434b2c2043414e43454c2c204f5054494f4e532c204259452c2052454645522c204e4f544946592c204d4553534147452c205355425343524942452c20494e464f0d0a557365722d4167656e743a20436973636f2d534950476174657761792f494f532d31322e780d0a436f6e74656e742d4c656e6774683a203236300d0a0d0a763d300d0a6f3d2d20363031353737313020363031353830393020494e20495034203130332e3134352e31332e3137310d0a733d436973636f0d0a633d494e20495034203130332e3134352e31332e3137310d0a743d3020300d0a6d3d617564696f2039313934205254502f4156502031303020362030203820332031382035203130310d0a613d616c743a312031203a203032433644453344203030303030303543203130332e3134352e31332e3137312033353531370d0a613d666d74703a31303120302d31350d0a613d7274706d61703a3130302073706565782f31363030300d0a613d7274706d61703a3130312074656c6570686f6e652d6576656e742f383030300d0a613d73656e64726563760d0a0d0a
2020-10-21 18:36:03 INFO: [35a97af7] disconnected
2020-10-21 18:36:03 INFO: [b02701b7] connected
2020-10-21 18:36:03 INFO: [b02701b7: stl060 < 103.145.13.171] HEX: 494e56495445207369703a303039373235393233313532383140332e3133372e3136352e34343a353036303b7472616e73706f72743d746370205349502f322e300d0a546f3a203c7369703a303039373235393233313532383140332e3133372e3136352e34343e0d0a46726f6d3a203c7369703a3130303140332e3133372e3136352e34343e3b7461673d65363131336232360d0a5669613a205349502f322e302f544350203130332e3134352e31332e3137313a33353339313b6272616e63683d7a39684734624b2d33323144333738382d3939383738323837362d312d2d33323144333738383b72706f72740d0a43616c6c2d49443a2033323144333738380d0a435365713a203120494e564954450d0a436f6e746163743a203c7369703a31303031403130332e3134352e31332e3137313a33353339313b7472616e73706f72743d5443503e0d0a436f6e74656e742d547970653a206170706c69636174696f6e2f7364700d0a4d61782d46
It's pretty common to have random connections from port scanners if your server is public. if you don't use some protocols, I would recommend just disabling those, but I don't think there's a big security risk of keeping them open either.
Okay, thanks for the feedback Anton!
Hi Anton, suddenly my server (AWS) stopped responding, and it was necessary to stop the instance and initialize for the server to respond again. Analyzing the log, I found that there was information about devices that I don't use, as I only have Suntech devices. Could you tell me where this information came from and if there is a security risk?