Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

intruder found on TCP port


  • Please log in to reply
5 replies to this topic

#1 lulabelle

lulabelle

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:48 AM

Posted 07 January 2005 - 05:25 PM

Hi folks,

Perhaps you will be able to shed some light on this particular problem.
I am using a PTI (Paradigm Technolgies) Wireless ADSL router PTI 840G. I have three computers in total linked to the internet, all running Windows SP2 each with the firewall running. What I don't understand is that every so often we are unable to connect to the internet. When I go into the router's 802.11g set up and log on as admin, I see on the log that there has been an "intruder on TCP port" followed by lots of numbers. What's happening? To date I have managed to re-set the router each time (by re-entering the settings) and have got up and running again. The connection doesn't seem to go (that is, the two computers are still showing in the task bar) but is this a virtual attempted burglary???? If so, is this the router's way of locking down so no one gets in? How can I prevent this happening? Or is this what should be happening?

I am a complete novice - so any explanation needs to be very simple - treat me as a complete novice - a friend (now abroad) got the whole network up and running and I am now lost in his absence!

Thanks in anticipation....

BC AdBot (Login to Remove)

 


#2 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:05:48 AM

Posted 08 January 2005 - 12:16 PM

My guess (thats all i can offer because i can find no info about that router) is the router is indeed shutting down due to excess traffic. You may be experiencing a Denial of Service attack. It might be that the router can not handle the volume of traffic and locks up. Or it might be a "feature" to prevent any break-in attempts. Like i said i can't find any docs or manuals about this router so this is just purely a guess on my part.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#3 groobeex

groobeex

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:48 AM

Posted 14 September 2005 - 11:40 AM

I am having the same problem here, but nobody knows what the problem is...

#4 lulabelle

lulabelle
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:48 AM

Posted 14 September 2005 - 02:33 PM

Hi,
I do seem to have sorted the problem out (touch wood), but I still don't know what the problem was! But just in case it helps, here is what happened.
Firstly it is worth noting that going into the router and looking at the log is probably a red herring. Of course the only time we all go into the router settings is when there is a problem. Even when everything is going just tickety-boo, there are endless entries in my log saying 'intruder alert'. So it might be worth just ignoring that!
I found two ways of reconnecting to the net when it (inexplicably) went down.
1. Go into the router as admin. Go to advanced settings. Go to WAN. In the line where it says PPOA service name, I just delete what is there and put something else instead (anything- including Mickey Mouse once). Then save and restart and see if that does the trick. You can always go back and put what was there back again, if it doesn't work.
2. sometimes I just flick the switch on the back of the router and leave it a few minutes - turn all the machines off to and then re-start them all. That has worked on occasion.
3. I emailed Paradigm (max 'at' paradigm.com.tw). After a couple of weeks I got a reply. I think they are in Taiwan and the reply I got wasn't great English. However the email had a firmware attachment (V1.95.8m) which and friend ran for me (I didn't know what to do with it and was far too nervous to mess with it!) The whole router seems to be more stable and reliable since then and I'm a happy on line bunny.
I hope this is helpful, though I am really in the dark myself and can only say that these methods have worked for me ... to date!
Good luck!
Lulabelle

#5 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:04:48 AM

Posted 14 September 2005 - 04:03 PM

Is This your modem/router?
"2007 & 2008 Windows Shell/User Award"

#6 lulabelle

lulabelle
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:48 AM

Posted 14 September 2005 - 05:07 PM

Yep, that's what it says on the box!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users