Closed. This question is off-topic. It is not currently accepting answers.
NE is a site for to ask and provide answers about professionally managed networks in a business environment. Your question falls outside the areas our community decided are on topic. Please visit the help center for more details. If you disagree with this closure, please ask on Network Engineering Meta.
We found an IP address 22.33.44.55 listed as allowed in the Apache virtual host configuration, granting access to one of our demo websites:
<RequireAny>
Require ip 22.33.44.55
Require valid-user
</RequireAny>
This website is not particularly interesting, and there should be no reason for anyone to access it. We are 95% sure that no one has authorized this address.
The IP address that it belongs to the DoD Network Information Center – military area (see https://www.abuseipdb.com/whois/22.33.44.55).
What should we do in this case? Is it appropriate to take it as an attempt to break into the server? Who would be interested in doing this?
