Hacked? External address knocks on internal private address...
From: Randell D. (randelld@com.yahoo)Date: 07/24/02
- Next message: : "Re: security on iis 5 open port router"
- Previous message: Brian Davis: "Re: ZA3 and MSN Messenger"
- Next in thread: Whatever: "Re: Hacked? External address knocks on internal private address..."
- Reply: Whatever: "Re: Hacked? External address knocks on internal private address..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Randell D." <randelld@com.yahoo> Date: Wed, 24 Jul 2002 17:08:53 GMT
Folks,
I examine the log files daily and have more recently found the following
messages
22/07/2002 13:55:24.528Out-of-order command packet dropped24.64.63.20, 21,
WAN192.168.168.21, 1945, LAN
22/07/2002 13:57:42.624Out-of-order command packet dropped24.64.63.20, 21,
WAN192.168.168.21, 1979, LAN
22/07/2002 14:01:53.624Out-of-order command packet dropped24.64.63.20, 21,
WAN192.168.168.21, 1988, LAN
22/07/2002 14:03:16.336Out-of-order command packet dropped24.64.63.20, 21,
WAN192.168.168.21, 2005, LAN
We do not have any local services thus everything from HTTP, POP and
whatever are blocked when requested from the world though employees within
the building can mail, surf and FTP out. I have two networks - One that sits
behind the firewall which has two laptops being used by independant (sales)
staff. I have little/no control over these users machines. I also have a
router configured behind the firewall creating a network purely for
permanent employees who utilise PCs owned by the business with which I have
full control over - Each PC has an antivirus program running on it as well
as a software firewall thus, correct me if I am wrong, but someone from the
Internet would have to climb two walls (firewall and router) before getting
in at the business owned and controlled network.
My concern is the above log file tells me that a source IP of 24.64.63.20 is
attempting to access 192.168.168.21 (the latter being my router) I am
wondering if someone has managed to bypass the firewall and are now working
bypassing the router - Could I be right? If I am wrong, how do they know my
routers IP address since it is behind the firewall and hidden... There are
only three devices
on the 192.168.168 network and the fact they've come straight in at the
router's
address really has put the wind up me...
All help would be hugely appreciated as I've taken great care with my
network - before my time, someone had hijacked the servers and sent junk
email to the world - and neither I nor the business want this to happen
again...
Regards
Randell D.
- Next message: : "Re: security on iis 5 open port router"
- Previous message: Brian Davis: "Re: ZA3 and MSN Messenger"
- Next in thread: Whatever: "Re: Hacked? External address knocks on internal private address..."
- Reply: Whatever: "Re: Hacked? External address knocks on internal private address..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
