For the past few months I regularly see alerts on my Synology about SSH connection being blocked. Somebody (here a nice Chinese guy from 188.8.131.52) was attempting to connect to my NAS with the root account (Fortunately PermitRootLogin is disabled).
What I am a bit worried because if I see a public address here, it means my NAS is somehow reachable from the internet. However all ports are closed on my front router, NAT is disabled, DMZ is disabled.
When I try to
nmap my router from the outside I get this :
$ nmap -Pn x.x.x.x Starting Nmap 7.60 ( https://nmap.org ) at 2020-05-17 01:07 CEST Nmap scan report for x.x.x.x Host is up (0.012s latency). Not shown: 997 filtered ports PORT STATE SERVICE 113/tcp closed ident 2000/tcp open cisco-sccp 5060/tcp open sip Nmap done: 1 IP address (1 host up) scanned in 8.23 seconds
So there is no SSH entry point.
How would it be technically possible to see a public IPv4 address attempting to connect to my LAN NAS?