There is no doubt that it is scary content, but what exactly is it?? I couldn’t get an image of it, so I made persistent inquiries.
What happened specifically? IP address hijacking? Or camouflage?
Regarding your question, regarding whether your IP address was hijacked
Although it is not possible for us to make a judgment, if anything, the IP address concerned
Using the connected terminal and environment,
Connection attempts (failures) are being made to an unspecified number of email accounts.
On the terminal using the IP address “XX.X.XXX.XX”,
I have just informed you about the security check.
To put it simply, it seems that “the IP address was abused and an attempt was made to hijack an unspecified number of e-mail addresses”.
Specifically, we can consider
Networks such as PCs, routers, iPads, and game consoles were invaded and the Internet environment was used.
The IP address number was used for spoofing
Either
If it is impersonation, the network is not intruded, so there is little to worry about, but if the device is hijacked, there is a possibility that it will be intruded in the future, and there is a possibility that other information may be leaked, so it is a serious situation.
Is it possible that your IP was spoofed?
X server answer
Regarding the above, for a clear situation
Although it is difficult for our support to scrutinize
I think it is possible that you are in a situation like you said (used for disguise).
What information was leaked?
After breaking into the network or impersonating the IP, it seems that they tried to hijack the email account by brute force password for those who knew the email address, so the IP address will definitely be leaked.
Access to the X server is limited to logging in with a specific IP address, but it is meaningless if the IP address is hijacked.
It may be fortunate that it was not a large-scale attack such as hijacking the server by extracting FTP information or hijacking the PC and connecting to the server.
Where did your IP address leak from?
What are the possible reasons for the leakage of the IP address?
For example, intrusion from spam emails, or accidental intrusion by IP address brute force, etc.?
I get a fair amount of spam emails, but I try not to open them, much less open attachments or click on URLs.
X server answer
As for the route, for example, intrusion from spam mail,
It happened to be intruded by brute force IP address etc.
It is conceivable, but it is not possible to provide guidance for a clear situation.
Thank you for your understanding.
What are the measures to prevent the recurrence of IP address abuse and the spread of damage?
I ran a virus scan on my PC in a hurry, but there was no problem.
Looking at the access history of the router, there were some unknown accesses, so I disabled access.
The X server only instructed me to “Perform a security check on your computer”, which I do frequently. Is that enough?
In addition to scanning your computer for viruses, it is better to change your IP address and change your router password.
Global IP address security
Remove access allowed IP to X server
Since the IP has been leaked, it is meaningless and dangerous to allow only a specific IP address to connect to the server, so we will delete the connection permission from that IP.
Access the server via the X server’s file manager, not via FTP or the like.
I want to change my global IP
Since the global IP was exploited, there is no point in changing the IP address of the LAN or the IP address of the PC (private IP), which can be changed at the router level.
A global IP is automatically assigned by your provider. Basically, it becomes a dynamic IP address and changes irregularly. (You can also use a fixed IP address for a fee.)
It seems that it is possible to change without bothering to ask the provider.
Explain how to change IP address by device
[IP address] How to check whether it is obtained automatically or fixed!
Summary
If your IP address is misused
Networks such as PCs, routers, iPads, and game consoles were invaded and the Internet environment was used.
The IP address number was used for spoofing
It is either, and it is difficult to specify which one at the server company.
Network intrusion is the worst form of IP address abuse. Check the following:
Virus check for connected devices such as PCs and iPads
Check your router for suspicious connections. If there is, disable the connection.
