Search Advanced

Search section:

This topic

Forums

Members

Help Files

Calendar
View New Content
SWI Forums
Members
Forums
Calendar
ListLogs
More

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

So much for routers... Heh...

Started by 23Antz, Jul 15 2004 12:56 PM

Please log in to reply

3 replies to this topic

#1 23Antz

Member

Full Member
7 posts

Posted 15 July 2004 - 12:56 PM

Maybe all routers aren't created equal, but I installed the DI604 yesterday and today Norton logged this:

Trojan attempt detected from address 204.157.1.94:7777 by rule "Default Block Bla Trojan horse". Inbound UDP packet

And, curiously, ARIN says:

Search results for: 204.157.1.94:7777

AGIS ALERON-204-157 (NET-204-157-0-0-1)
204.157.0.0 - 204.157.255.255
Defender Technologies Group, LLC DEFENDER-204-157-1-0-24 (NET-204-157-1-0-1)
204.157.1.0 - 204.157.1.255

A Yahoo search:
http://www.deftechgroup.com/

More from ARIN:

OrgName: Defender Technologies Group, LLC
OrgID: DTGL
Address: 43643 Mink Meadows St
City: South Riding
StateProv: VA
PostalCode: 20152
Country: US

NetRange: 204.157.1.0 - 204.157.1.255
CIDR: 204.157.1.0/24
NetName: DEFENDER-204-157-1-0-24
NetHandle: NET-204-157-1-0-1
Parent: NET-204-157-0-0-1
NetType: Reassigned
Comment:
RegDate: 2004-03-30
Updated: 2004-03-30

OrgTechHandle: TKI5-ARIN
OrgTechName: Kiblin, Tom
OrgTechPhone: +1-703-327-7368
OrgTechEmail: admin@defenderhosting.com

___________

THe really odd thing about all this is that the Norton alert log doesn't show my actual IP as the "local address." It shows this:

192.168.0.100

OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

Man, this networking stuff is just kooky.

Edited by 23Antz, 15 July 2004 - 01:10 PM.

Back to top

#2 Tuxedo Jack

Creator of TuxPE, a Cat5-o'-9-Tails, Etherkillers, and more

Expert
1,757 posts

Posted 16 July 2004 - 09:25 AM

Heh, that is your "real" IP address. You're behind a router with NAT (Network Address Translation), which assigns your machine an address in a block of IPs exclusively reserved for machines behind routers, and thus can be duplicated all over the world with no ill effects on the Internet itself.

The 192.168.x.x range is reserved for NAT, as is 10.x.x.x.

Signature file is under revision. This will be back shortly.

Back to top

#3 23Antz

Member

Full Member
7 posts

Posted 16 July 2004 - 12:02 PM

Heh, this is virtually indistinguishable from magic.

Should I get a copy of Networking for Dummies? Or just go with the assumption that the router is adding a layer to my defenses and otherwise not worry about it?

:weee:

:weee:

Back to top

#4 Paranoid

Forum Deity

Full Member
533 posts

Posted 17 July 2004 - 09:53 AM

Definitely get a copy of networking for dummies, plus one on network computer security.

Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.

Back to top

Back to Firewalls and Proxies

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button PayPal - The safer, easier way to pay online!

Community Forum Software by IP.Board
Licensed to: SpywareInfo Forum