Solved

Ip address

Posted on 2004-09-13
12
1,074 Views
Last Modified: 2008-03-17
I recently had 2 IP address show up on my Netgear ProSafe Firewall router. One being 169.254.21.30 & 169.254.142.232. I teaced the to a company called IANA.org in Marina Del Ray Cal. I cancelled them out from further access. But I want to trace these IP address. How it is? What is the procedure?
0
Comment
Question by:pserviss
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12050003
169 IP address generally means that your network card cannot see a valid network connection. It is otherwise called as Private IP address.

But they could be valid IP address used in the internet. Try giving the IP address going to www.arin.net and see if their search result give any idea

SR
0
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 12050083
Just like sunray said... the 169 address space is untraceable outside your router.  The 169.x.x.x IPs are usually due to DHCP failures to which Windows assigns itself these IPs...

How did you initially find out that they are from IANA.org in MDR Cal?
0
 
LVL 5

Accepted Solution

by:
epylko earned 250 total points
ID: 12051220
169.254.x.x addresses (not 169.x.x.x) are from IP autoconfiguration. These are usually obtained when a DHCP server is unavailable. You should not be seeing these addresses from the Internet. If your router has one of these addresses, it is most likely it couldn't talk to your ISPs DHCP server.

iana.org is the Internet Assigned Numbers Authority and they are responsible for delegating/coordinating IP addresses for the global internet.

-Eric
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 15

Expert Comment

by:Cyber-Dude
ID: 12052722
Can you view and recognize their IPs when they enter? OR do you want to generate a log where the IP is presented to you?

Cyber
0
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 250 total points
ID: 12052980
These are coming from inside your network.  If a windows DHCP client cannot find a DHCP server, it will auto-configure an IP address.  This feature is summarised here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;220874

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 12054280
where is your DHCP server? the Netgear router itself, or another windoze mashine?
Did you disable the DHCP server and client functionality in your Netgear?
0
 

Expert Comment

by:yasiru89
ID: 12054410
the 169.x.x.x ip string is internally generated due to DHCP reroutes of varying reasons. But since you seem to miraculously know the sites related to these IPs, simply do a ping search on your command prompt
format: ping "url"
and once you find a deciferable IP- use an IP geo search utility to trace.
For more info on DHCP and further assistance if need be follow the link posted by tim Holman above.
0
 

Expert Comment

by:ezanolin
ID: 12055240
Show up on your router? This is a vague statement. I suspect you are talking about your ARP table. If thats the case then that means that someone on your local network with those ips is accessing the router.

0
 
LVL 8

Expert Comment

by:RLGSC
ID: 12058250
Pserviss,

The 169.254.*.* block is reserved for automatic, non-DHCP address assignment, referred to as AIPA (Automatic IP Assignment, there is an applicable RFC, but the number escapes me at this instant -- I did cite it in my chapter on Internet security in the Computer Security Handbook, 4th Edition. The other addresses that you will often see, 192.168.*.*, 172.16-31.*.*, and 10.*.*.* are covered by RFC 1918, Address Allocation for Private Internets.

These IP address blocks should not occur naturally on ISPs. If you do encounter them coming FROM an ISP, notify them immediately.

For consistency, it is not surprising that these blocks are marked as owned by IANA, which is the organization responsible for managing the IP address space.

I hope tha the above is helpful. If I have been unclear, please let me know!

- Bob (aka RLGSC)
0
 
LVL 24

Expert Comment

by:SunBow
ID: 12079707
ditto
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question