Tell me more x
, there is a new speed test available. Give it a try, leave feedback!
dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer

Search Topic:
uniqs
2136
share rss forum feed


hagbard72

join:2000-10-02
Kingsville

Re: Modem security

I'm considering swapping the router out for my old wrt56g with tomato on it.


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:3

1 edit

1 recommendation

reply to hagbard72
Is this a cable modem or DSL? I'm wondering if the modem is seeing something on the ISP's side.

If it's cable (shared) you might be seeing another customers (who's using a switch rather than a router) devices when they turn them on.
--
Don't feed trolls--it only makes them grow!

StuartMW
reply to hagbard72
said by hagbard72:

00:25:71:01:D1:7F

Ok this is a Zhejiang Tianle Digital Electric Co.,Ltd - China (Zhejiang) MAC. They make TV's, Blu-Ray players etc.

»www.hktdc.com/manufactur ··· X05V1V2/

said by hagbard72:

00:90:A2:8E:36:AA

This belongs to CyberTAN Technology.

»www.cybertan.com.tw/
--
Don't feed trolls--it only makes them grow!


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Vonage
·Comcast Business..
·Cingular Wireless

2 edits
reply to hagbard72
said by hagbard72:

No, it doesn't. But the UNKNOWN devices have these addresses according to the router:

00:25:71:01:D1:7F

00:90:A2:8E:36:AA

But they could just be some computer or phone that I'm not aware of.

The first belongs to Zhejiang Tianle Digital Electric Co.,Ltd and they appear to be primarily a TV manufacturer.

The second belongs to CYBERTAN TECHNOLOGY, INC. and they appear to be a somewhat generic manufacturer of phones, game devices and multimedia devices.

I think that you mentioned having an attached TV and an attached Blu-Ray player?

Out of curiosity, does your PC have a public IP address or a private IP address? If the PC runs Windows, open a command prompt and enter the command ipconfig /all. If you use a *nix OS (including OS X), open a terminal window and issue the command ifconfig. The command arp -a should also provide a list of recent active and connected devices with both their IP addresses and MAC addresses. The command netstat -r will also tell us something about your network architecture that might help with a diagnosis.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. -- US Constitution

When governments fear people, there is liberty. When the people fear the government, there is tyranny. -- Thomas Jefferson


hagbard72

join:2000-10-02
Kingsville
Ran ipconfig /all, what am I looking for? BTW, I just switched out routers to my old wrt56g. When I called my ISP they said there was "nothing to worry about" regarding the additional devices showing up but did say I was having dropped packets. I pinged the ISP and it was up around 300ms. That's what prompted me to switch out routers. Didn't make any difference. The only thing that improved the ping rate was connecting directly to the computer.


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Vonage
·Comcast Business..
·Cingular Wireless
said by hagbard72:

Ran ipconfig /all, what am I looking for? BTW, I just switched out routers to my old wrt56g. When I called my ISP they said there was "nothing to worry about" regarding the additional devices showing up but did say I was having dropped packets. I pinged the ISP and it was up around 300ms. That's what prompted me to switch out routers. Didn't make any difference. The only thing that improved the ping rate was connecting directly to the computer.

You might get your questions answered more quickly if you just supplied the requested information instead of trying to filter information when you don't know what you are looking at.

Just to show that posting the information I requested is "safe", I will show you below the information I requested taken from my Windows server. I chose my Windows server because it has both public and private information, so that if you want to try to interpret the difference and filter your results, you can do so. However, if you filter too much, you might as well not bother since the information won't be very useful. I have edited the results to mask the last three segments of the MAC address using "-**-**-**" for directly attached devices (that is really the only thing that someone using your ISP could use to cause you problems, and even that is very unlikely).





To make your posted information display properly, you may need to put the information between "code" brackets as shown below:
[code]
Put whatever you need to post
between the two "code" brackets
[/code]

If you post the requested information, I can look at it and tell you if there is anything that would help to explain the symptoms you are seeing. However, it would help if the symptoms were present before you bother to post it. OTOH, it would not hurt to save the information if you do it while the symptoms are not present, and then compare the results to when the symptoms are present.

--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


hagbard72

join:2000-10-02
Kingsville

4 edits
No offence, but you didn't actually ask me to post the results. I thought you thought I'd know what I was seeing and go from there. I'll run it again and post it.


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Vonage
·Comcast Business..
·Cingular Wireless

1 edit
reply to hagbard72
May I assume that the previously posted (but now deleted) "ipconfig /all" information is using the second router, and also that you are not at this time seeing the mysterious devices?

If so, if/when you see the symptoms again, do the "ipconfig /all" again and also the "arp -a" command (if the problem returns, that arp information can be helpful, and it would be helpful to also have that information saved from when you were not seeing the mystery devices).

One thing that is already helpful is knowing that your PC is connected using WiFi instead of via a direct ethernet cable connection (that could explain why your connection was better when connecting the PC directly to the modem):
" I pinged the ISP and it was up around 300ms. That's what prompted me to switch out routers. Didn't make any difference. The only thing that improved the ping rate was connecting directly to the computer."
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


hagbard72

join:2000-10-02
Kingsville
Ping tests were all done with direct (not wifi) connection. When doing the testing, at the end, I reset the modem so yes, only one device is showing now. I'll rerun the above if more devices show up again, should I post the results then?


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Vonage
·Comcast Business..
·Cingular Wireless
said by hagbard72:

Ping tests were all done with direct (not wifi) connection. When doing the testing, at the end, I reset the modem so yes, only one device is showing now. I'll rerun the above, should I post the results then?

If the "ipconfig /all" and "netstat -r" did not change, then you could probably just note that. The "arp -a" results could definitely be helpful (both before and after).
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.

NetFixer

1 edit
reply to hagbard72
said by hagbard72:

Ping tests were all done with direct (not wifi) connection. When doing the testing, at the end, I reset the modem so yes, only one device is showing now. I'll rerun the above if more devices show up again, should I post the results then?

Since you are now using WiFi, and I seem to recall you saying that the router currently in use runs Tomato, do you have your WiFi setup in the router to isolate WiFi clients from each other (and/or from your LAN)? If so, that would limit the usefulness of using a WiFi connected PC for troubleshooting since a WiFi connected PC would not be able to see what needs to be seen.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


hagbard72

join:2000-10-02
Kingsville

1 edit
I have tomato and no, I don't think so but don't really know (I'm more techie than the average guy but not that much more so).

Update: problem appears to have cleared up with removing the router and replacing it with an old wrt56g.


NetFixer
Snarl For The Camera Please
Premium
join:2004-06-24
The Boro
Reviews:
·Vonage
·Comcast Business..
·Cingular Wireless

1 edit

1 recommendation

said by hagbard72:

Update: problem appears to have cleared up with removing the router and replacing it with an old wrt56g.

I am not too surprised by that. From the symptoms you posted it sounded as if you either had a wiring/connection problem, or the router was passing packets between the WAN and LAN that should have been blocked.

If the router in question is a "better quality" router and/or has certain features that you like/need, you might consider doing a "30-30-30"* factory default reset on it and manually reloading any special config that it needs (restoring the config from a saved file might also restore the problem) and trying it again. I have had the "30-30-30"* factory default reset procedure fix a lot of strange problems with residential and soho grade routers.

* The 30-30-30 factory default reset is to keep the router's reset button depressed while you:
1. Wait 30 seconds
2. Power the router off and wait another 30 seconds
3. Power the router on and wait another 30 seconds
The reset button must remain depressed for the entire 90 seconds.

That procedure may sound hokey, but I have seen "bricked" routers and routers with really strange symptoms fixed by doing this. Just recently I had to use that procedure to "unbrick" my brand new D-Link DIR655 after it went belly up while doing a required firmware upgrade.
--
A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms shall not be infringed. -- US Constitution

When governments fear people, there is liberty. When the people fear the government, there is tyranny. -- Thomas Jefferson


hagbard72

join:2000-10-02
Kingsville
No, it was a cheap, crappy router destine for the trash pile. I had a wrt320n with tomato before, but the WAN port died. Tried all the above to bring it back to life, then tried reinstalling tomato and finally killed it. The 30/30/30 couldn't bring bring it back to life. I've ordered a wrt310n router for twenty bucks, will put tomato or dd-wrt on it and hope it lasts longer than the last one. After that, I'll spend the big bucks and get the Asus RT-N66U. Thanks for the help!


antdude
A Matrix Ant
Premium,VIP
join:2001-03-25
United State
kudos:5
Reviews:
·Time Warner Cable
said by hagbard72:

No, it was a cheap, crappy router destine for the trash pile. I had a wrt320n with tomato before, but the WAN port died. Tried all the above to bring it back to life, then tried reinstalling tomato and finally killed it. The 30/30/30 couldn't bring bring it back to life. I've ordered a wrt310n router for twenty bucks, will put tomato or dd-wrt on it and hope it lasts longer than the last one. After that, I'll spend the big bucks and get the Asus RT-N66U. Thanks for the help!

Consumer routers don't seem to last long from what i have seen. See »How long do Linksys routers last? ...
--
Ant @ AQFL.net and AntFarm.ma.cx. Please do not IM/e-mail me for technical support. Use this forum or better, »community.norton.com ! Disclaimer: The views expressed in this posting are mine, and do not necessarily reflect the views of my employer.


hagbard72

join:2000-10-02
Kingsville

1 recommendation

Bought my WRT56g nearly ten years ago...been rock solid.