Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help, strange ip's in router log


  • Please log in to reply
2 replies to this topic

#1 Chris Bunday

Chris Bunday

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin, Tx
  • Local time:06:13 PM

Posted 18 July 2012 - 07:04 PM

I have quite a few ip's in my security log for my router. Now most of them are my public ip within a range of 7, so i figure thats household
computers....but there are quite a few that arent any computer in this house i believe. How i can find out who these belong to? Thanks.

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:13 AM

Posted 19 July 2012 - 01:00 AM

Hi -
I usually copy the IP into Google and quite often I get a response.
However many times these are just "crawler bots" that cruise around looking for open ports on unsecured systems.

Run your Antivirus in Full scan and also programs like SuperantiSpyware Free -

Regards -

#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,719 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:13 AM

Posted 19 July 2012 - 07:35 AM

How i can find out who these belong to? Thanks.


You mean figuring out the owner of these computers? Your ISP has that data, but I'm sure it will not share that data with you.

You could always try a reverse DNS query to the DNS server of your ISP for the IP addresses you see.
That could give you machine names, but it also depends if your ISP gives public addresses to routers/modems or individual PCs.

But why do you want to identify the owners? Are they abusing your computer systems?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users