Route print table shows an unknown network...am I being hacked?!?

Posted on 2008-06-10
Medium Priority
Last Modified: 2013-12-04
I am currently doing a little experimentation with the ROUTE ADD command and used ROUTE PRINT to view if the command worked. A completely unknown IP address is listed here and is in no way whatsoever connected with me, the company or anything else as its way out of any scope I know of.
I will not list the IP for obvious reasons but it is pingable and when I put it into internet explorer I get an ADSL router home page where I logged in with default credentials!

Should I be worried about this because I have a feeling someone is using my work computer as a zombie or whatever they are called!

The only other explanation I could have had is that I am currently using a torrent tracker (to download Linux stuff...honestly!), I have looked at the peer connections and some IP's are similar but not the same.
Question by:PVUK
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3

Expert Comment

ID: 21752306
If the subnet is something like 169.254, is normal
It is the default when a DHCP client can't get a response

Author Comment

ID: 21752360
No I know that IP address, as an example our internal network here is 172.16.6.xxx. This ip address is 59.99.xx.xx netmask is and the gateway is our firewall

Accepted Solution

albuitra earned 2000 total points
ID: 21752510
use netstat -n
find the IP and verify the remote port, and the local port
Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.


Author Comment

ID: 21757751
I left work at 5pm last night so before I left I deleted the route. So the results of the netstat -n command do not show the IP address.

I will go and check the firewall logs to see if its listed anywhere.

Expert Comment

ID: 21761693
Is the torrent tracker active ?
Try with some torrents, then verify the netstat -n

Author Comment

ID: 21767408
The IP address has not reappeared and nothing else suspicious either. I find it strange that only 1 IP would be logged in my route table when I was downloading several different files, each with lots of peers.

Author Closing Comment

ID: 31472704
Thanks everyone, I forgot the netstat -n command as I dont do much network stuff here. The dodgy IP address never came back so I have been unable to go any further.

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
In this article, we’ll look at how to deploy ProxySQL.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question