Is this me being hacked or some sort of trojan on my system??
"Duplicate Administrator
This device is managed by 60.9.0.0 currently!!"
"Duplicate Administrator
This device is managed by 60.9.0.0 currently!!"
What does this mean when my router says this?
- Thread starter FearoftheNight
- Start date
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
That sounds like cause for concern. I would get ZoneAlarm installed for backup, then download the latest firmware for the router, unplug the router from the modem, reset the router and update its firmware. Make sure the router is set up so it cannot be administered from the outside before you reconnect it.
Belkin 4 Port Cable DSL Router. I think? Also mech...can you advise me on port forwarding if you find out so I can finally *cries* set up a good dc++/bt setup? thanks!
Originally posted by: mechBgon
I haven't a clue on P2Pbut I'll see what I can dredge up on your router. Also, how is your other security stuff: software firewall, windows patching, strong passwords on your Admin-level user accounts, and antivirus protection?
Kerio Personal Firewall
WinXp Pro SP1 + all updates (no sp2)
All admin account have good pws
norton systemwork antivirus 2003 and fully updated
and basically forwarding ports as shown in this doc..
Text
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Is this the right router: link, they call the model F5D5231-4 and I'd expect it's on a label on the rear or underside. If so, unfortunately they only have the stock firmware for it, unless you live in Australia I'm downloading the manual but it's 3.7MB and I'm on 56k, so take a snack break while I get this and see what is in there.
I'm downloading the manual but it's 3.7MB and I'm on 56k, so take a snack break while I get this and see what is in there.np...and thanks again mech. i wonder why they haven't had a firmware release in over 2 years... .
And its surprising to hear your on dialup. Can I use the aus one?
.And its surprising to hear your on dialup. Can I use the aus one?
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Dial-up is cheap, is what it boils down to. Comcast Cable is after me, though... all those advertisements and billboards featuring cheetahs! It's like a persecution!
Well, twice now my attempt to download the Belkin manual has bombed around 45%. I'm going to recommend you go in there and use your common sense. Don't enable remote management. Do set a strong password that has at least one symbol in it.
Personally, I would close every port that is not actually needed by one of your programs or by the OS itself. Ones you would probably need open include 20, 21, 25, 53, 80, 110, 123, and 443 just off the top of my head. I'm seeing a trend in the virus descriptions at McAfee's New Threats page where the viruses etc are running services on the victim computer, and blocking unnecessary ports looks like a good pre-emptive containment measure in the event of an infection, so think about this.
It means that some computer with that IP address has logged in as root.
Disable remote access to your router if you don't need it and most importantly change the root password to something hard to remember but don't forget it!
EDIT:
More information about the IP:
Country: CHINA
ARIN says that this IP belongs to APNIC; I'm looking it up there.
inetnum: 60.0.0.0 - 60.10.255.255
netname: CNCGROUP-HE
descr: CNCGROUP Hebei Province Network
descr: China Network Communications Group Corporation
descr: No.156,Fu-Xing-Men-Nei Street,
descr: Beijing 100031
country: CN
admin-c: CH455-AP
tech-c: ZC24-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HE
status: ALLOCATED PORTABLE
source: APNIC
role: CNCGroup Hostmaster
e-mail: *****@cnc-noc.net
address: No.156,Fu-Xing-Men-Nei Street,
address: Beijing,100031,P.R.China
nic-hdl: CH455-AP
phone: +86-10-82993155
fax-no: +86-10-82993102
country: CN
admin-c: CH444-AP
tech-c: CH444-AP
changed: abuse@cnc-noc.net 20041119
mnt-by: MAINT-CNCGROUP
source: APNIC
person: zhiyong chen
nic-hdl: ZC24-AP
e-mail: ipanm@heinfo.net
address: hebei province shijiazhuang
address: fanxi road No.19
address: hebei shuju tongxin ju
phone: +86-311-6672767
fax-no: +86-311-6672895
country: CN
changed: ele@heinfo.net 20030423
mnt-by: MAINT-CHINANET-HE
source: APNIC
Cheers!
Originally posted by: mechBgon
Dial-up is cheap, is what it boils down to. Comcast Cable is after me, though... all those advertisements and billboards featuring cheetahs! It's like a persecution!
Well, twice now my attempt to download the Belkin manual has bombed around 45%. I'm going to recommend you go in there and use your common sense. Don't enable remote management. Do set a strong password that has at least one symbol in it.
Personally, I would close every port that is not actually needed by one of your programs or by the OS itself. Ones you would probably need open include 20, 21, 25, 53, 80, 110, 123, and 443 just off the top of my head. I'm seeing a trend in the virus descriptions at McAfee's New Threats page where the viruses etc are running services on the victim computer, and blocking unnecessary ports looks like a good pre-emptive containment measure in the event of an infection, so think about this.
not sure how to allow/disallow ports or forward them thats the prob
sometimes if yours address gets cloned it can cause problems
That would be very interesting if a guy from China was seriously haxxoring you
That would be very interesting if a guy from China was seriously haxxoring you
mechBgon
Super Moderator<br>Elite Member
- Oct 31, 1999
- 30,699
- 1
- 0
Wish I could help better, but I can't get the manual from Belkin, must be corrupt or something. Bigger picture: how about a nice shiny Netgear RP614, which they do update the firmware forOriginally posted by: FearoftheNight
Originally posted by: mechBgon
Dial-up is cheap, is what it boils down to. Comcast Cable is after me, though... all those advertisements and billboards featuring cheetahs! It's like a persecution!
Well, twice now my attempt to download the Belkin manual has bombed around 45%. I'm going to recommend you go in there and use your common sense. Don't enable remote management. Do set a strong password that has at least one symbol in it.
Personally, I would close every port that is not actually needed by one of your programs or by the OS itself. Ones you would probably need open include 20, 21, 25, 53, 80, 110, 123, and 443 just off the top of my head. I'm seeing a trend in the virus descriptions at McAfee's New Threats page where the viruses etc are running services on the victim computer, and blocking unnecessary ports looks like a good pre-emptive containment measure in the event of an infection, so think about this.
not sure how to allow/disallow ports or forward them thats the prob
$30 shipped after MIR, and I'm somewhat familiar with that one.actually mech do you know anything about wireless routers? suggestion on which one to get? how are the ones that are showing up at athd for like $10 ar shipped? thanks
No problem. Yep, Azureus is awesome, everyone should use it. Maybe it will encourage more people to install the JRE...
-fs
Yep, Azureus is awesome, everyone should use it. Maybe it will encourage more people to install the JRE...-fs
Originally posted by: mechBgon
You got hacked, you can't configure it, they don't have firmware upgrades and it "works fine?"
mech, you above all people should know those are symptoms of PEBKAC.
- M4H
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter