Brute Force Attept Blocked, But Where Originating?
I get numerous notifications each day that state: "Multiple failed login attempts were made by 18.104.22.168 using the protocol. We blocked the connection to stop the attacker from gaining access to your credentials and compromise your privacy." All good, but what is "the protocol"? I am trying to figure out where this is originating - as in a failed LAN attempted login or some malicious software? Appears there should be some description of "the _________ protocol" that is missing in the notification. The IP addresses (in this example 22.214.171.124) are generally different for each notification and these are not on my LAN. Concerned that something on my LAN or computer is trying to talk to these external devices. Thanks for any insights.