| reply to passedout
Re: IP spoofing So if your internal network is not using the 10.x.x.x range, and those 10.83.x.x IP addresses are registering
as coming from the belkin's WAN interface, the spoof message makes perfect sense -- see Wiki here.
If 10.83.x.x is coming from the LAN interface, I'd say someone's on your internal network and messing around
with something.
As for multicast, look here for a definition. Basically,
a host on your network is looking to "join a group" for a shared stream of data. Whether it's legit or not
basically needs someone versed in network operation and figuring out who joined and what they are doing.
said by passedout:Are there other precautions I can take to prevent future attacks to this newly fitted router?
- strong passwords
- do not use the default passwords
- disable unneeded services
- disable remote access if not needed
- enable logging
- if there's wireless, ensure it is using the strongest possible encryption and a strong password
- change passwords on a regular basis
- know what is plugged into your router -- it really sucks to trace out a cable and find out some jack-twat
ran their own line to another unauthorized device(s) without your knowledge and borked the whole thing.
- PHYSICAL SECURITY -- if no one else is supposed to access / manage this device, lock it in a room!
My 00000010bits
Regards |
