Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Router - New log entry


  • Please log in to reply
1 reply to this topic

#1 Zen Seeker

Zen Seeker

  • Members
  • 695 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:31 PM

Posted 14 December 2012 - 01:45 PM

I picked up a new wireless router last week, acting as a AP and DHCP, and after setting things up I checked the log file and noticed an entry I've never seen on any of my old routers. (Stock or DD-WRT.)

The following is just a small sample of the log where it goes on and on, continuously. (Along with normal routing entries which are removed.)
Dec 9 09:31:05 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=359 TOS=0x00 PREC=0x00 TTL=255 ID=44524 PROTO=UDP <1>SPT=67 DPT=68 LEN=339
Dec 9 09:31:19 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=44922 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:31:19 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=44923 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:35:24 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=329 TOS=0x00 PREC=0x00 TTL=255 ID=51437 PROTO=UDP <1>SPT=67 DPT=68 LEN=309
Dec 9 09:38:02 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=335 TOS=0x00 PREC=0x00 TTL=255 ID=55429 PROTO=UDP <1>SPT=67 DPT=68 LEN=315
Dec 9 09:38:34 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=56234 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:38:34 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=56248 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:43:09 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=63262 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:43:10 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=63284 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:43:13 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=357 TOS=0x00 PREC=0x00 TTL=255 ID=63375 PROTO=UDP <1>SPT=67 DPT=68 LEN=337
Dec 9 09:43:40 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=64026 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:43:41 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=64075 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:45:54 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=2085 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:45:56 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=2139 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:46:27 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=2935 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:48:37 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=363 TOS=0x00 PREC=0x00 TTL=255 ID=6467 PROTO=UDP <1>SPT=67 DPT=68 LEN=343
Dec 9 09:48:37 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=363 TOS=0x00 PREC=0x00 TTL=255 ID=6469 PROTO=UDP <1>SPT=67 DPT=68 LEN=343
Dec 9 09:48:48 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=357 TOS=0x00 PREC=0x00 TTL=255 ID=6804 PROTO=UDP <1>SPT=67 DPT=68 LEN=337
Dec 9 09:49:35 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=8064 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:49:35 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=8073 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:49:44 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=8348 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:49:46 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=8374 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:49:50 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=8515 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:49:50 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=8520 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:49:53 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=331 TOS=0x00 PREC=0x00 TTL=255 ID=8590 PROTO=UDP <1>SPT=67 DPT=68 LEN=311
Dec 9 09:50:20 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=357 TOS=0x00 PREC=0x00 TTL=255 ID=9305 PROTO=UDP <1>SPT=67 DPT=68 LEN=337
Dec 9 09:51:57 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=357 TOS=0x00 PREC=0x00 TTL=255 ID=11975 PROTO=UDP <1>SPT=67 DPT=68 LEN=337
Dec 9 09:52:18 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=357 TOS=0x00 PREC=0x00 TTL=255 ID=12547 PROTO=UDP <1>SPT=67 DPT=68 LEN=337
Dec 9 09:52:25 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=12707 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:52:27 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=12780 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:53:28 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=14611 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:53:29 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=355 TOS=0x00 PREC=0x00 TTL=255 ID=14643 PROTO=UDP <1>SPT=67 DPT=68 LEN=335
Dec 9 09:53:32 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=14742 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:53:32 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=341 TOS=0x00 PREC=0x00 TTL=255 ID=14745 PROTO=UDP <1>SPT=67 DPT=68 LEN=321
Dec 9 09:53:52 kernel: ACCEPT <4>ACCEPT IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:e8:b7:48:0c:97:e0:08:00 <1>SRC=7.65.12.1 DST=255.255.255.255 <1>LEN=359 TOS=0x00 PREC=0x00 TTL=255 ID=15424 PROTO=UDP <1>SPT=67 DPT=68 LEN=339


I've always used masquerade and tried to keep things locked down but never saw IP "7.65.12.1" before. Isn't this one of the DoD addresses?

My ISP modem/router is the only thing connected to the WAN side and it was out into "modem mode only".


Thanks,

Zen

BC AdBot (Login to Remove)

 


#2 Zen Seeker

Zen Seeker
  • Topic Starter

  • Members
  • 695 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:31 PM

Posted 19 December 2012 - 10:24 AM

Added the old router in front of the new one with a new subnet. This time it's dropping 7.65.12.1 as I would expect.

Still looking to resolve it with the new one directly.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users