I have OSMC running on a Raspberry Pi 2 in my office. It just got kicked by IT for performing portscans a.o. on the external IP 211.21.0.246. Whois query resulted in
Chunghwa Telecom Co.,Ltd.
No.21, Sec.1, Xinyi Rd., Taipei City
10048, Taiwan
Anyone else having this problem?
Have you port forwarded SSH?
Sam
No.
So you mean your Pi executes portscans against that IP or that IP is portscanning your Pi?
Surely nothing normal, either you got hacked (I hope you had changed all passwords as adviced) or some bad addon’s.
I also assume/hope bad addons and nothing from the “official” repository. Is there any control over what gets accepted there?
Performing scans AGAINST external IPs. I guess some kind of call-home attempt?
Well first is the question about SSH, did you change passwords? Did you port forward SSH to the Pi?
I don’t think it is anything from the official Repository as I haven’t seen anything like that here on my firewall.
Again, scans were outgoing, not incoming, as that is not possible due to corporate firewall. Also no forwarding was enabled.
What addons do you currently have installed and what is the history of this device? I’d be worried that there is something fundamentally ‘dirty’ about your device and it may benefit from a clean install.