|reply to passedout |
Re: IP spoofing
So if your internal network is not using the 10.x.x.x range, and those 10.83.x.x IP addresses are registering
as coming from the belkin's WAN interface, the spoof message makes perfect sense -- see Wiki here.
If 10.83.x.x is coming from the LAN interface, I'd say someone's on your internal network and messing around
As for multicast, look here for a definition. Basically,
a host on your network is looking to "join a group" for a shared stream of data. Whether it's legit or not
basically needs someone versed in network operation and figuring out who joined and what they are doing.
said by passedout:- strong passwords
Are there other precautions I can take to prevent future attacks to this newly fitted router?
- do not use the default passwords
- disable unneeded services
- disable remote access if not needed
- enable logging
- if there's wireless, ensure it is using the strongest possible encryption and a strong password
- change passwords on a regular basis
- know what is plugged into your router -- it really sucks to trace out a cable and find out some jack-twat
ran their own line to another unauthorized device(s) without your knowledge and borked the whole thing.
- PHYSICAL SECURITY -- if no one else is supposed to access / manage this device, lock it in a room!