cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Thomson TG585v8 Unknown device on network

nipi29
Newbie
Posts: 2
Registered: ‎19-03-2011

Thomson TG585v8 Unknown device on network

‎19-03-2011 5:24 PM

I've set up my TG585 v8 router and all seems to work OK but my McAfee SecurityCenter Home Network software detects an unknown device with IP address 192.168.1.253.
I have changed Encryption key and SSID and the device still appears at the same IP address as detected by McAfee. Windows Network map does not show the device. I can however PING the address and response times are similar to those of the router's address. In addition the MAC address for the 'unknown device' is almost the same as the router's - only the second digit is different.
This leads me to suspect that rather than an 'intruder' this is related to the router itself but I can find no information about this in the manuals for the router, the manufacturers website or anywhere else online.
So if anyone else has any information about this or has experienced the same thing I would be grateful to hear from them if only to reassure me that this is not a security issue for my home network.
Cheers
Message 1 of 4
(7,573 Views)
0 Thanks
3 REPLIES 3
spraxyt
Resting Legend
Posts: 10,063
Thanks: 674
Fixes: 75
Registered: ‎06-04-2007

Re: Thomson TG585v8 Unknown device on network

‎19-03-2011 7:32 PM

Interesting, I think you've probably discovered an undocumented feature of the TG585v8, that internally it is a TG587.
I think 192.168.1.253 is probably the address of the USB data port that TG587s have but (externally) TG585s don't.
Doesn't strike me as being a security risk, and unlikely that DHCP allocations would reach as far as that (top end of its pool). The results I get from ping are as follows:

C:\>ping 192.168.1.254
Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=1ms TTL=64
Reply from 192.168.1.254: bytes=32 time<1ms TTL=64
Reply from 192.168.1.254: bytes=32 time<1ms TTL=64
Reply from 192.168.1.254: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms
C:\>ping 192.168.1.253
Pinging 192.168.1.253 with 32 bytes of data:
Reply from 192.168.1.253: bytes=32 time=2ms TTL=64
Reply from 192.168.1.253: bytes=32 time=1ms TTL=64
Reply from 192.168.1.253: bytes=32 time<1ms TTL=64
Reply from 192.168.1.253: bytes=32 time=1ms TTL=64
Ping statistics for 192.168.1.253:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 2ms, Average = 1ms
David
Message 2 of 4
(2,468 Views)
0 Thanks
nipi29
Newbie
Posts: 2
Registered: ‎19-03-2011

Re: Thomson TG585v8 Unknown device on network

‎19-03-2011 10:44 PM

Thanks spraxyt, your comments are reassuring and your ping results look similar to mine. Hopefully will get a definitive answer somehow.
Message 3 of 4
(2,468 Views)
0 Thanks
gtcoDave
Newbie
Posts: 1
Registered: ‎08-11-2014

Re: Thomson TG585v8 Unknown device on network

‎08-11-2014 9:03 PM

Starting Nmap 6.00 ( http://nmap.org ) at 2014-11-08 20:51 GMT
NSE: Loaded 17 scripts for scanning.
Initiating ARP Ping Scan at 20:51
Scanning 192.168.1.253 [1 port]
Completed ARP Ping Scan at 20:51, 0.01s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 20:51
Completed Parallel DNS resolution of 1 host. at 20:51, 0.01s elapsed
Initiating SYN Stealth Scan at 20:51
Scanning 192.168.1.253 [1000 ports]
Discovered open port 139/tcp on 192.168.1.253
Discovered open port 515/tcp on 192.168.1.253
Completed SYN Stealth Scan at 20:51, 0.37s elapsed (1000 total ports)
Initiating Service scan at 20:51
Scanning 2 services on 192.168.1.253
Completed Service scan at 20:51, 11.19s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against 192.168.1.253
NSE: Script scanning 192.168.1.253.
Nmap scan report for 192.168.1.253
Host is up (0.0042s latency).
Not shown: 998 closed ports
PORT    STATE SERVICE    VERSION
139/tcp open  netbios-ssn Samba smbd (workgroup: BWORKGROUP)
515/tcp open  printer    Xerox lpd
MAC Address: 32:91:8F:11:28:BE (Unknown)
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:kernel:2.6
OS details: Linux 2.6.9 - 2.6.30
Uptime guess: 3.308 days (since Wed Nov  5 13:27:28 2014)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=204 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: Device: printer

Nmap scan report for 192.168.1.253
Host is up (0.0098s latency).
Not shown: 974 closed ports
PORT    STATE    SERVICE
21/tcp  filtered ftp
22/tcp  filtered ssh
23/tcp  filtered telnet
25/tcp  filtered smtp
80/tcp  filtered http
110/tcp  filtered pop3
111/tcp  filtered rpcbind
113/tcp  filtered ident
139/tcp  filtered netbios-ssn
143/tcp  filtered imap
199/tcp  filtered smux
256/tcp  filtered fw1-secureremote
443/tcp  filtered https
445/tcp  filtered microsoft-ds
515/tcp  open    printer
554/tcp  filtered rtsp
587/tcp  filtered submission
993/tcp  filtered imaps
995/tcp  filtered pop3s
1025/tcp filtered NFS-or-IIS
1720/tcp filtered H.323/Q.931
1723/tcp filtered pptp
3306/tcp filtered mysql
5900/tcp filtered vnc
8080/tcp filtered http-proxy
8888/tcp filtered sun-answerbook
Nmap scan report for dsldevice.lan (192.168.1.254)
Host is up (0.0023s latency).
Not shown: 993 filtered ports
PORT    STATE SERVICE
21/tcp  open  ftp
23/tcp  open  telnet
53/tcp  open  domain
80/tcp  open  http
443/tcp  open  https
1723/tcp open  pptp
8000/tcp open  http-alt
Message 4 of 4
(2,468 Views)
0 Thanks