Solved

Route print table shows an unknown network...am I being hacked?!?

Posted on 2008-06-10
7
548 Views
Last Modified: 2013-12-04
I am currently doing a little experimentation with the ROUTE ADD command and used ROUTE PRINT to view if the command worked. A completely unknown IP address is listed here and is in no way whatsoever connected with me, the company or anything else as its way out of any scope I know of.
I will not list the IP for obvious reasons but it is pingable and when I put it into internet explorer I get an ADSL router home page where I logged in with default credentials!

Should I be worried about this because I have a feeling someone is using my work computer as a zombie or whatever they are called!

The only other explanation I could have had is that I am currently using a torrent tracker (to download Linux stuff...honestly!), I have looked at the peer connections and some IP's are similar but not the same.
0
Comment
Question by:PVUK
  • 4
  • 3
7 Comments
 
LVL 4

Expert Comment

by:albuitra
Comment Utility
If the subnet is something like 169.254, is normal
It is the default when a DHCP client can't get a response
0
 

Author Comment

by:PVUK
Comment Utility
No I know that IP address, as an example our internal network here is 172.16.6.xxx. This ip address is 59.99.xx.xx netmask is 255.255.255.255 and the gateway is our firewall
0
 
LVL 4

Accepted Solution

by:
albuitra earned 500 total points
Comment Utility
use netstat -n
find the IP and verify the remote port, and the local port
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:PVUK
Comment Utility
I left work at 5pm last night so before I left I deleted the route. So the results of the netstat -n command do not show the IP address.

I will go and check the firewall logs to see if its listed anywhere.
0
 
LVL 4

Expert Comment

by:albuitra
Comment Utility
Is the torrent tracker active ?
Try with some torrents, then verify the netstat -n
0
 

Author Comment

by:PVUK
Comment Utility
The IP address has not reappeared and nothing else suspicious either. I find it strange that only 1 IP would be logged in my route table when I was downloading several different files, each with lots of peers.
0
 

Author Closing Comment

by:PVUK
Comment Utility
Thanks everyone, I forgot the netstat -n command as I dont do much network stuff here. The dodgy IP address never came back so I have been unable to go any further.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video discusses moving either the default database or any database to a new volume.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now