Ip Filter Rules appear magicaly

Author	All Replies
easpc join:2009-02-12 Seaside, OR	Ip Filter Rules appear magicaly Hi, I have a speedstream 5200 E240 and i found out that magically appeared 50+ rules, all protected, I changed the password, reset the firewall level to med and two days later again like mushrooms, am I been hacked? what can I do to prevent this? thanks
	to forum · permalink · · 2009-02-12 12:18:54 ·
graysonf Premium,MVM join:1999-07-16 Fort Lauderdale, FL	I think you will have to post the rules or at least describe them if you want some help. Particularly, you need to state whether you recognize any of the IP addresses involved. Maybe they are legitimate and created on the fly based on what you are doing - uPNP type things?
	to forum · permalink · · 2009-02-12 12:42:02 ·
easpc join:2009-02-12 Seaside, OR	thank you for your quick reply, well yes as a mater of fact I recognize those ips involved they are valid IPs. The rules involve allowing UDP packages to various ports for instance here are a couple rules: 2028 P,E,N permit in UDP any WAN Interface any any any any WAN Interface 192.168. 2. 48 host = 8941 no 2030 P,E,N permit in UDP any WAN Interface any any any any WAN Interface 192.168. 9.113 host = 14200 no I didn't know the rules could be created on the fly, I supposed that only the administrator could add or edit rules, but you were correct, uPNP was enabled, I've just disabled it to see if that corrects the problem.
	to forum · permalink · · 2009-02-12 13:30:19 ·
graysonf Premium,MVM join:1999-07-16 Fort Lauderdale, FL	The purpose of uPNP is to open and forward ports automatically on the fly based on what client applications on your LAN need in order to work. The upside is that this happens automatically and you don't have to set the rules up by hand. For apps that need to have random, not possible to identify in advance ports opened, this can make the difference between an app working or not working. I believe this is "better" than manually opening large ranges of ports to accommodate apps. The downside is, that since you didn't set these rules up, they can become questionable once discovered, as has happened to you.
	to forum · permalink · · 2009-02-12 13:53:24 ·
easpc join:2009-02-12 Seaside, OR	Until now, I didn't know what difference Upnp would have in my network, now I know. Thank you very much.
	to forum · permalink · · 2009-02-13 12:21:19 ·
graysonf Premium,MVM join:1999-07-16 Fort Lauderdale, FL	Yer welcome.
	to forum · permalink · · 2009-02-13 12:45:45 ·


Monday, 09-Nov 15:22:32	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF