cancel
Showing results for 
Search instead for 
Did you mean: 

windows windows..

30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

windows windows..

13 REPLIES 13
HairyMcbiker
All Star
Posts: 6,792
Thanks: 266
Fixes: 21
Registered: ‎16-02-2009

Re: windows windows..

Cheesy Crazy
30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

I's like trying to catch an eel with a bar of soap.
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: windows windows..

That's interesting.
However my router says:
Quote
jeremy@HECTOR:~$ sudo nmap -sS 192.168.1.1
Starting Nmap 5.21 ( http://nmap.org ) at 2013-07-24 22:12 BST
Nmap scan report for ROUTER (192.168.1.1)
Host is up (0.0036s latency).
Not shown: 996 closed ports
PORT    STATE SERVICE
23/tcp  open  telnet
53/tcp  open  domain
80/tcp  open  http
5000/tcp open  upnp
MAC Address: A0:21:B7:87:56:18 (Unknown)
Nmap done: 1 IP address (1 host up) scanned in 0.38 seconds

So although I have extra ports open locally (SAMBA, nfs etc) I feel relatively safe.

"In The Beginning Was The Word, And The Word Was Aardvark."

30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

I'm sure you do feel safe, Now then, i smell an hamanchi install.
anybody like to enlighten me on which hammer i need to select ?
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: windows windows..

I'd never heard of such a beast as a "hamanchi" program.
It claims to act as a kind of limited VPN, but says that its very hard to share files over the internet (securely).
I think it may be Windows based.
It is easy to share files if you can use ssh, especially with nfs.

"In The Beginning Was The Word, And The Word Was Aardvark."

30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

Info Jul 25 11:34:19 LOGIN User admin logged in on [HTTP] (from 192.168.1.40)

Warning Jul 25 11:29:58 IDS scan parser : tcp port scan: 173.194.113.72 scanned at least 10 ports at XXX (1 of 1) : 173.194.113.72 XXX 0040 TCP 443->59762 [...R..] seq 2547249433 win 0

Error Jul 25 11:28:30 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.143.228.43 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 11:27:13 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.163.1.225 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 11:23:28 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 176.250.206.162 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Warning Jul 25 11:22:27 SNTP Unable to contact server: 212.159.6.10 FIREWALL HIGH!

Info Jul 25 11:21:51 LOGIN User admin logged in on [HTTP] (from 192.168.0.20)

Error Jul 25 11:16:58 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.163.1.225 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 11:13:28 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 176.250.206.162 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Info Jul 25 11:06:47 LOGIN User admin logged in on [HTTP] (from 192.168.1.40)

Error Jul 25 11:06:43 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.163.1.225 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 11:03:23 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 176.250.206.162 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 10:56:28 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.163.1.225 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Error Jul 25 10:53:48 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 176.250.206.162 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Info Jul 25 10:53:14 CONFIGURATION mbus igd sync successfull

Info Jul 25 10:53:11 CONFIGURATION mbus atomic sync successful

Info Jul 25 10:52:05 FIREWALL event (1 of 2): modified rules

Info Jul 25 10:50:06 CONFIGURATION mbus igd sync successfull

Info Jul 25 10:50:03 CONFIGURATION mbus atomic sync successful

Info Jul 25 10:48:57 FIREWALL event (1 of 2): modified rules

Info Jul 25 10:47:26 CONFIGURATION mbus igd sync successfull

Info Jul 25 10:47:23 CONFIGURATION mbus atomic sync successful

Info Jul 25 10:46:17 FIREWALL event (1 of 1): modified rules

Error Jul 25 10:46:13 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 86.163.1.225 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable

Info Jul 25 10:45:39 CONFIGURATION mbus igd sync successfull

Info Jul 25 10:45:36 CONFIGURATION mbus atomic sync successful

Info Jul 25 10:44:30 FIREWALL event (1 of 1): created rules

Error Jul 25 10:43:33 FIREWALL replay check (1 of 2): Protocol: ICMP Src ip: 176.250.206.162 Dst ip: XXX Type: Destination Unreachable Code: Host Unreacheable
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: windows windows..

What's your point with these posts?
What was labelled as a port scan from the google IP is obviously a large number of connection reset packets coming from a HTTPS server.
If port 80 is open, just open a web browser, go to the IP, and see what you get.
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: windows windows..

Or try port 443 for https.

"In The Beginning Was The Word, And The Word Was Aardvark."

30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

ejs how do i block log me in,
why do these errors only happen from 1 computer on my network, which is the best way to see what is causing the errors from a lan perspective, ie what program would i need. how do i see what out going ports/protocols are being used from 1 specific computer on my lan from the router? why only one group of ip's all the time ? Yes i do get quite a few scans from google thats not my issue.
30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

Quote from: vilefoxdemonofdoom
Or try port 443 for https.

I closed it for testing, and it still is.
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: windows windows..

See https://www.grc.com/port_443.htm
You should block incoming traffic on 443, but allow outgoing traffic on 443 - unless you are running a web server!
If you totally block it, then you can only make unencrypted web connections.
Which is probably silly.

"In The Beginning Was The Word, And The Word Was Aardvark."

30FTTC06
Pro
Posts: 2,286
Thanks: 108
Fixes: 4
Registered: ‎18-02-2013

Re: windows windows..

Oh gawd no  Grin just  for for 1 lan ip
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: windows windows..

If you want to see the data from the computer you would either need to capture all the wifi traffic, or for a wired connection set up ethernet port mirroring and use wireshark.
There's probably some telnet command for technicolor routers to show all current TCP/IP connections but I don't know what it is.
With the plusnet firewall set to high, you won't be receiving incoming connections to port 80, 443, nor any other ports anyway.