Posted: 10/28/2006 8:43:17 AM EDT
|
Hello and thanks for looking. For all the computer types out there, I have a question. I run a wireless network at home. Nothing fancy, just a simple network so I can get online with the laptops from anywhere in the house. I am using WEP encyption for the wireless connections and I am also running Norton Internet Security 2007 and the associated firewalls. Now I know some out there prefer things other than Norton, that is not what this thread is about, so please keep from offering the "You need to get such and such because Norton sucks @$$" comments to yourself please!!  My question is when I checked the device log in the wirless base station management tools, I have several logged events that read something like this: "2006/10/26 04:36:57 ** Unauthorized HTTP Access ** <IP/TCP> 22.556.308.40:44 ->> 38.223.357.45:50 Does anyone know what this means and if it is something I need to be concerned about, how do I go about tracking it down and correcting it? Thanks again, Cavu |
|
It looks like somebody else tried to log in? Like a nieghbor or something? One of our neighbors had wireless and we actually used that before we got our network set up. We thought ours was working but we were actually on thiers. We couldn't figure out why we had such a weak signal.   Just a guess. |
|
That probably has nothing to do with your wireless setup. Those are publically routed IP hosts that are trying to access your machine. As long as you are running a decent firewall program, assuming it is set up correctly, you should be fine. Most likely they were either random scans from some rogue host, or more likely it was a hung connection from a site you had been connected to that tried to send or recieve data over the existing connection after you had closed it from your side. For the record I use a McAfeee firewall and have never had a problem with my home pc's. Here is a good site to visit where you can test your firewall if you have concerns: Link |
| Also see if you can set up a MAC address filter table. This is what I did on my Linksys A.P. This will only allow MAC addresses that are assigned to the table to access your A.P. Any other MAC address trying to make connection to your A.P. will be ignored. This along with WEP and your firewall will deter the majority from trying to use your network |
Never mind, with those IP addresses, you are trolling here. Go away troll! 
|
|
believe it or not. you will get attacks on your external ip address all day long. their is not much you can do about it. your "router" using NAT (thats why your computers internal ip address is 192.168.1.100 (example) so it is hidden from the outside world). you also have a very basic SPI (state packet inspection) firewall that will block basic attacks either way since you have norton installed it will protect you 
|
Yeah, I know that WPA is better, but unfortunately at the moment it isn't an option because I run win 98 on one of the laptops. It can't handle XP and from what I've read, if you go WPA, all machines have to be running XP. Is that correct? |
Well, apparently you were the only one to either notice the IP's or care. I think you will notice in my OP I said that the message was something like this, "*****". I am sorry I couldn't remember the exact IP addresses for you. But I assure you that the messages are legit, the IP addresses were just random numbers I pulled out of my reloading manual. Lighten up already. And one other thing, BITE ME!   ETA: If you want the actual IP addresses just let me know, I can IM them to you. I would have to switch machines. I do most of my surfing from the laptops and the logs are on my desktop as it is the only system with "manager" priveledges and I am not smart enough to figure out how to get that access with the laptops. I rarely ever fire up the desktop anymore. |
Forged packet headers maybe? ETA: LOL! Now I realize that the IP's are combinations of different ammo calibers. |
See my post above please. I can assure you I am no troll. I don't have the energy or the inclination to do it and I don't see the logic in it either. I was trying to add a little humor to a post, I was definitely not trolling. I have one laptop in my workshop on my bench and I surf Arfcom from there frequently. All of my reloading stuff is there as well as my engraving equipment. If I were any good at this Internet stuff I could probably take a pic and post it. But it would probably be quicker if you just drove over and looked!! Again, the messages are real, the addresses were an attempt at humor. I didn't know whether it was anything to be concerned about or not. Thanks for the replies fellas. |
|
Well what caught my eye is that the IP addresses are invalid, but then I realized they were calibers, so I figured you just didn't copy the exact message and then made up the numbers. I don't believe it's anything to worry about. Any machine connected to the outside world will have all sorts of people/programs trying to access it or exploit it. The fact that your router is logging the event as "unauthorized" seems to indicate that nothing bad happened. Even if someone was able to get past your router's security, they'd only have access to your internet connection. To do any real damage, they'd have to get past your computer's security as well. |
|
Thanks Landrace, I guess what had me concerned was the phrase "unauthorized access" not something like "attempted access". It just sounds as if someone was successful at doing something. To be honest, I am not even really sure that it might not be me on one of the laptops. I am trying to cross check the times on the log entries to see if it could have been me. Honestly though, everything in these logs is greek to me other than the times.
|