Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Network In trouble... Deeply Disturbing Packets...and other oddities..


  • Please log in to reply
5 replies to this topic

#1 Sfrius

Sfrius

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 August 2014 - 03:00 PM

Note:Sorry If I seem scatter brained, my network is doing so many weird things. Some of these problems are old and I just havent figured out...and now I have brand new interests thanks to google and microsoft....................................................I will concisely explain  this in the greatest possible detail I can.

Hey guys, I usually never have to do this but...my knowledge of computers and networking has recently risen because of school. Now I'm aware of certain things that are happening on my network and I'm having trouble figuring out what "all my problems" mean.

List of Devices on network: Two tablets, 3 work stations with windows 7, wii, wireless printer.

Problems: 

 

Anyways, first problem is my printer is wireless...it always asks me for a connection. My IDS says "packet injection to network, if this is not something your doing then you might want to block it"

(I'm gonna say this is a normal thing for wireless printers, I updated the firmware as well) It's main connection is through SNMP and a network ip is allocated to it.

 

Second problem is that I have something on one of my computers...and im not sure which one. and it's pinging all the computers on my network. When I run wireshark I see many foreign/weird protocols but usually can be explained when i do a whois.com search.

In my firewall I see this, I'm not sure if its my nic card acting up or what but my router is spamming my computers.

Capture_zps1318fb98.gif

I don't understand what ff02::1:3 is ....fe80 is my router........on computer two it shows the local ip as ffc0::c  <--hmmm

So I have no idea why my router is sending me these weird packets.

 

I am running apache on computer 1. I know this causes a lot of unnecessary commotion on the network as well.

 

The next problem is that all of my computers are spamming google at IP 74.125.196.1

It's spamming google from all of my devices....every 1-3 seconds or so...I hate google so this isn't really a problem but...LOL jk...still hate google though.

All computers are spamming googleupdate.exe night and day without rest to the IP stated above. So I have to block this in my firewall. If this is how they wrote the coding them they are idiots. The amount of packets I'm sending to them is absurd and it's non-stop. How often do they update chrome?

 

wicaobjectinventory(not sure how to spell it) rundll32.exe and two other programs in windows32 are suddenly starting to ask for connections???? Damnit microsoft stop spying on me :(

(I'm sorry I can't replicate this, it only happens when I'm sleeping. lol) Of course my IDS picks it up and blocks it temporarily until I wake up. I've been using windows 7 for 3-4 years and these connections have never been initiated before... I just updated windows but they were "security fixes", my guess is that they were holes placed into my operating system. There was no need to do whetever they did. Now I have 4 extra programs wanting to connect to the god damn internet. I call that a "security risk".

 

I have run malware-bytes, combofix, spybot, hijackthis and several other programs to determine what problems I have.

 

I believe someone was hacking my wifi but I kept changing the password often and making it extremely long(also learned some things about network+). Also, I have a google chrome cast and it's been acting up lately as well. It won't let me change the input on my tv sometimes and I think this is odd. Are there any known exploits for google chrome cast? One big problem I have is that I have to disable wireless isolation to get it to work as with any networked game, shared folder or whatever. I realize wireless nic cards are a huge security risk as well...but I have to work with what I have and I'm not running cables anytime soon.

 

As for the second computer, it got some very bad  trojan/malware and the computer was affected. I can no longer load a desktop image on it. It's my wifes computer and it has the sims 3 with 13 expansions on it and formatting or reinstalling windows is out of the question. Never use a computer as an administrator, lesson learned :( Always, make a seperate account without admin privilages so that way the machine is always "like new" if something happens you can just make a new user too ! :) again, lessons learned, microsoft sucks. 

 

So Google and Microsft are pushing lots of packets into and out of my network. Please give me plenty of program suggestions and ideas. I want to put an end to my fear that my ass is being spied on and my information is safe... google chrome is becoming more and more demanding. My IDS blocks the notifcation bell, lol. Stay off my computer google, you're a "web" browser. And microsoft...god damn you.
 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 PM

Posted 20 August 2014 - 09:29 PM

Hello we obviously need a better look.. Please follow tis guide and repost your issue.

Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Sfrius

Sfrius
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 20 August 2014 - 11:29 PM

No, I spent a lot of time making that post. Would rather get my ass spied on than redo it.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:13 PM

Posted 21 August 2014 - 09:59 AM

Just post this link back to here
http://www.bleepingcomputer.com/forums/t/545093/network-in-trouble-deeply-disturbing-packetsand-other-oddities/#entry3454034
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Sfrius

Sfrius
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 22 August 2014 - 02:16 AM

I don't let the programs run duh...would be pointless to tell you what's not running on my computer...you think I'm just gonna run all that bleep so I can show you it's frickin running?



#6 Sfrius

Sfrius
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:13 PM

Posted 22 August 2014 - 02:23 AM

It doesn't help that most of my problems are coming from legitimate programs that I use on my computer that are in legitimate program folders. You know exactly what's running if you read my god damn post. SVCHOST.exe GoogeUpdate.exe. And all these windows app search programs that just suddenly started "trying" to run.  






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users