Review of my home broadband router logs (suspicious activity?)

Page 5 of 6  
On 12/24/2015 10:49 PM, Don Y wrote:

And some will (ONLY check for accessible DOORS).
There's a difference between some security (lock only doors), better security (lock doors and windows), and perfect security (impossible).
--
Currently: happy holidays (Friday December 25, 2015 12:00:00 AM for 1
day).
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 23 Dec 2015 14:38:12 -0700, Don Y

That raises the whole issue of vanity plates.
The goal of the government is to catch you when you do something wrong, but some people on impulse rabbit. If you're going to flee, do you want a catchy plate that everyone can remember from reading it once?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Uncle Monster posted for all of us...

What would that be? Hmm, Marry?
--
Tekkie

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 23 Dec 2015 12:57:02 -0700, Don Y

Does this mean I'm better off with the DSL modem that Verizon gave me and my own wireless router
than with the combination modem/router that they've been giving out more recently?
Do I have more security with the first setup?
I have one of the latter too, after a friend's house was hit by nearby lightning, and she thought the router was no good, and they sent her a new one before I got involved, but I think it was only the power adapter, which had an open primary. I was saving it in case my own router broke.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 12/24/2015 09:00 PM, Micky wrote:

I have no experience with DSL (I use cable internet), but I'd much rather have SEPARATE modem and router. The router is a part of MY network, and I want to be in control of it. One reason being I'm free to replace it (or just replace the firmware). No involving the ISP in my network. If they're combined, one failing would affect both. Also, the ISP could have back doors into your network.
If you do use a combination, at least be sure to CHANGE the password.

The transformer in one of those power adapters has a fuse in the primary. This is not a replaceable part, so the power adapter becomes useless after an overload. If the equipment doesn't come on at all, it's always a good idea to consider that.
--
Currently: happy holidays (Friday December 25, 2015 12:00:00 AM for 1
day).
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Good reasons!

Not thinking of that, I probably threw away the adapter, except for the fact that I never throw away anything. In this case if I have it it should be in the same box, so I'll open the adapgter before I throw it away. ....In fact I would have saved it just to remove the prongs. I save spare prongs, and I've used one or two of them for something, I forget what.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 23 Dec 2015 10:17:10 -0500, "Mayayana"

No, the control panel is on the computer.
You have to go to the router. The address is in the manual. In D-link and I think maybe all of them it's http://192.168.0.1

I had RCN too, dialup, but after years of their promising high-speed, I decided they were kidding, so I had to go to Verizon.
They said I could have email only, with no access to the net, for 3 a month, but then 4 months later, with no warning, they took away my ability to send email, and because of the way Eudora is set up, it's not totally obvious how to change the settings to send only via Verizon. (They also did 3 other bad things to me. And currently, if my credit card number changes and the automatic payment doesn't work, they told me I had told them not to send either an email or a postal mail. I never said that. So 3 times over several years they disconnected me with no warning, and one time they threw away all my email, including any I hadn't downloaded yet.
Later they raised it from 3 to 4 a month.
Now if they won't notify me both ways, I asked to be notified by email, but they said they won't do that. it's an email company but they won't notify me by email.
How has your customer service been?

That's what I said in another post. I was referring to Erols/RCN.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
| > That's interesting. I didn't know routers kept logs. Did | >you find that by logging in to the "control panel"? | | No, the control panel is on the computer. | | You have to go to the router. The address is in the manual. In | D-link and I think maybe all of them it's http://192.168.0.1
Yes. That's what I was referring to. I think of it as a control panel. I'm not sure whether it's called that. My web host, too, calls it a control panel when I log in.
| > | > I used to get a lot of attempts to get into my computer | >when I had dialup. That mostly stopped with cable, though | >I have caught my cable company, RCN, trying to get | | I had RCN too, dialup, but after years of their promising high-speed, | I decided they were kidding, so I had to go to Verizon. | | They said I could have email only, with no access to the net, for 3 a | month, but then 4 months later, with no warning, they took away my | ability to send email, and because of the way Eudora is set up, it's | not totally obvious how to change the settings to send only via | Verizon. (They also did 3 other bad things to me. And currently, | if my credit card number changes and the automatic payment doesn't | work, they told me I had told them not to send either an email or a | postal mail. I never said that. So 3 times over several years | they disconnected me with no warning, and one time they threw away all | my email, including any I hadn't downloaded yet. | | Later they raised it from 3 to 4 a month. | | Now if they won't notify me both ways, I asked to be notified by | email, but they said they won't do that. it's an email company but | they won't notify me by email. | | How has your customer service been? |
I've found the service to be very good. Customer service is 24/7, and seems to be American. Recently we got an upgraded modem because speeds were slow, and that seems to have fixed it. In the process they accidentally disconnected my separate RCN phone wire. But then they came the next morning and upgraded that as well, for free.
My only complaint is that they periodically raise the price for no reason. But then if we call up they agree to lower it again. ?? It seems to be the new strategy: Fleece the customer base and then be nice to anyone who complains. I suppose a lot of people are now on auto-payment and don't notice. Considering complaints I hear from customers of other companies, I feel very content with RCN. But I never had dialup with them.
I get ads about every two weeks for Verizon FIOS. They have several inches of tiny fine print, in light gray, that I can't even read with glasses on. There's no way to find out the actual cost of the service. It's like an ad out of a cartoon. I have no need for FIOS, anyway. Recently a salesman came to the door. He wanted to tell me that Verizon had some spiffy new wiring and that I should switch. I told him how Verizon keeps sending ads but won't even tell me what the product costs. He miled and said, "That's why I'm here." Then I said goodbye to him and closed the door. They must be making very big profits to justify sending out salesmen.
But that problem is not just with Verizon. A couple of years ago I went around to cellphone providers to find out what a basic plan costs. ATT/Verizon/Sprint/T-Mobile. All of them had plans starting at $40. Not one could/would tell me what the actual bill would be after the various scam fees and taxes were added on.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 23/12/15 03:55, Paul M. Cook wrote:

...
Informational logs, not a warning or critical error.

It's how the games can only work. Your uPNP enabled router is port forwarding that incoming traffic to a specific machine on your LAN, your kid's playstation. It would take a flaw, or a hack, in your router for this traffic to go anywhere else.
Personally, I wouldn't have a problem with it.
Try playing about with anything that uses peer-to-peer services like Skype, Spotify or torrent programs and you'll see much the same logs.
Have your kid take a break from that game and you both have a read of the following Microsoft ebook on
https://www.microsoft.com/en-gb/download/details.aspx?id 22 or http://www.ownyourspace.net/
--
Adrian C

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul M. Cook wrote:

You are seeing outside devices the "[LAN access from remote] from 93.38.179.187:9000" part, using port 9000 the ":9000 " part and trying to connect to your child's sony playstation. Presumably he or she is playing a game on-line and there is some sort of interactive content, maybe voice or video message chat or something.
Since your router appears to support UPNP, it is probably automatically opening connections on this port to allow network traffic like I described above (some sort of online in-game chat or something).
I don't think it is something to be too concerned about, but if you are concerned about this type of network traffic, you could either disable UPNP on your router or maybe disable port 9000 in the firewall rules (if the router supports this) of course this may disable the online gaming capability of the sony playstation, much to your childs' dismay.
Video games consoles that connect to the internet are likely sending all sorts of traffic back and forth through your router. You might try looking up what types of services typically use port 9000. I bet you find that it is a typical port used by sony playstions for on-line gaming. As everything from refrigerators to thermostats go online there will be much more unidentifiable traffic going through our routers.
Best of luck,
S Sinzig.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Wed, 23 Dec 2015 17:22:30 -0500, ssinzig wrote:

I disabled UPNP. I'll tell the kid to watch out for stuff not working.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 23/12/15 22:31, Paul M. Cook wrote:

I suspect he'll tell you first ...
If you are that worried about it, why not put the Playstation in your DMZ and firewall everything else reaching your LAN? Your kid would get better gameplay that way.
--
Adrian C

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 12/24/2015 10:06 AM, Adrian Caspersz wrote:

So, you open the doors to anything that wants access to that piece of kit? Then, wonder if any exploits will be launched from *there* into the rest of your network?
Principle of Least Privilege/authority should apply to EVERYTHING. Yeah, that makes it a bit more tedious to do things *right*. And so do the lines on the roadway interfere with "driving wherever you want"!
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Thu, 24 Dec 2015 17:06:18 +0000, Adrian Caspersz wrote:

I've heard the word "DMZ" for years, but I really don't know what it is. So, AFAIK, I don't even *have* a DMZ.
My router is set up like most home routers, which is to say the only thing that is not default is the SSID login/password and admin login/password.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 12/24/2015 9:36 PM, Paul M. Cook wrote:

The DMZ (play on the term "DeMilitarized Zone") is like connecting your device directly to The Internet -- no packet filtering/firewall rules applied to the traffic going to/from the device. Those mechanisms are applied to clients that are NOT in the DMZ.
This is OK for a trusted device. Or, a SACRIFICIAL device (one that you don't care about its integrity). On some routers, you can achieve a tad extra performance (throughput) as there is less scrutiny of the traffic to/from the device).
But, my philosophy is to err on the side of clamping down "too much" rather than "too little" (or, in the case of DMZ, not at all!)

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Paul M. Cook wrote:

Lots of Googling. Practice makes perfection. Port can be open or closed. When you close a port, something may not work because some ports are used ad default for certain things. ip address is just like unique address, port is like a gate. Even if you are knocking on the right address, if gate is not open, you can't get in(or communicate) Sounds like you are just using the router with default settings. Do you use ad blocker, pop up blocker, etc. on your browser or router?You use W10?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 25/12/15 04:36, Paul M. Cook wrote:

Well, out of the box is not going to do what you want.
However the WNDR3400v2 does support DMZ configuration. There's loads of netgear, web site and youtube resources to help you do this.
But you must worry about other things. Are you sure letting a child play some of these (mostly violent) video games is a sensible introduction to becoming an adult?
--
Adrian C

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 25 Dec 2015 08:45:23 +0000, Adrian Caspersz wrote:

Every boy (practically) in the USA plays those violent games.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 12/25/2015 2:29 PM, Paul M. Cook wrote:

Many years ago, I bought a copy of Doom to test a sound card (GUS MAX) -- on the advice of a friend.
In the late 70's, I was involved in the (arcade) video gaming industry. My idea of "video game violence" was pretty naive. I was caught completely off guard by Doom's! :-/
Some months later, I was in a department store waiting in line to checkout. Woman in front of me had a copy of Doom (or one of the sequels) that she was buying for her grandson. I just frowned and shook my head.
Later, felt like I'd been too judgemental -- who am *I* to say what's appropriate for *her* grandkid? OTOH, the fact that she'd asked my opinion meant I was, at least, *entitled* to give voice to it!
The more interesting thing re: *my* experience (with Doom et al.) was how *quickly* I became desensitized to the *gore* (and violence). I think back to what was considered offensive when I was growing up -- and what is now commonplace! <frown>
I can remember an *intervening* time when all the "splat" scenes in the Roadrunner cartoons were elided "to reduce violence in children's programming".
[IMO, Roadrunner is the most clever cartoon series out there -- second only to some of the operatic Bugs Bunny's/Daffy Duck's!]
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Fri, 25 Dec 2015 14:42:32 -0700, Don Y wrote:

Millions of today's kids play violent games, and only *some* turn violent.
It can't be a 1:1 relationship, so if there is *any* relationship, it must be 10,000:1 (or some other huge number with lots of zeros).

Millions of us 50's kids played cowboys and Indians, but, none of us actually hurt an Indian (as far as I can recall) when we became adults.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Site Timeline

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.