PDA

View Full Version : Weird...


Sirpingalot
09-05-2007, 16:14
I downloaded Homenet manager earlier and just now it's come up displaying the following: (It seems to show that all the devices are online, and they all appear to have 82.** etc pings which would suggest they are on the Virgin network.- They're not on my network) Could someone explain?

Sirpingalot
09-05-2007, 16:33
Ahh! I just logged on to somebody elses broadband router! WTF is going on...-

Sirpingalot
09-05-2007, 16:39
Ok...so I'm on somebody else's broadband router...

---------- Post added at 15:39 ---------- Previous post was at 15:37 ----------

Remember guys...this is through a wired connection.

grubbymitts
09-05-2007, 18:12
how have you managed to log onto someone else's router when you have a wired connection to your pc? Do you have your wifi adaptor set to log onto any available network or something?

cybernetic_tiger
09-05-2007, 18:17
Well if they are 82. addresses they are public addresses so you must be getting to the ubr then routing back to those CPE's.

The router you logged on-to must have remote administration switched on and others must not be using firewalls (or poo ones)

Horace
09-05-2007, 18:24
It looks like the software is assuming your private ip range starts with 82.*.*.* and it's scanning all the ip's in that range. I assume you're not behind a router and therefore you're using a public ip address instead of a private (192.168.*.*) range.
What is strange is the fact that it's picking up Ambit modems in some cases and in others the PC themselves.

Ahh! I just logged on to somebody elses broadband router! WTF is going on...-

Remote Administration usually requires a username and password. Are you saying it didn't ask for one?

Sirpingalot
09-05-2007, 19:43
It looks like the software is assuming your private ip range starts with 82.*.*.* and it's scanning all the ip's in that range. I assume you're not behind a router and therefore you're using a public ip address instead of a private (192.168.*.*) range.
What is strange is the fact that it's picking up Ambit modems in some cases and in others the PC themselves.



Remote Administration usually requires a username and password. Are you saying it didn't ask for one?

No...it did, but I assumed default password.

I usually connect through a Netgear router, but this time I decided to go direct and it picked up all of those addresses.

Is it possible I'm being routed through these people? I don't want to interfere with their service, or them to interfere with mine.

Sirpingalot
09-05-2007, 19:52
It picked up on a total of 28 other devices; does this mean there are a total of only 29 VM connections in the area? Oh, and when I'm connected through the router, this is what happens -

Sirpingalot
09-05-2007, 19:53
how have you managed to log onto someone else's router when you have a wired connection to your pc? Do you have your wifi adaptor set to log onto any available network or something?

Don't have a wi-fi adapter.

RXP
09-05-2007, 19:55
I heard years ago that a US cable ISP left a massive security hole so that browsing the network neighbourhood actually meant you could browse everyone's PC's on his street. Maybe same has happened here?

Sirpingalot
09-05-2007, 20:03
It's really starting to worry me. Fortunately I do have security set up, a password and a firewall. It's really baffling.

If anyone else would download homenet manager, we can see if it's possible in all areas.

cybernetic_tiger
09-05-2007, 20:03
You have a public IP address... the public bit gives it away. Once you are past your router (i.e. directly connected to the cable modem) you are on the public network.

This is why it is always important to run secure firewalls (one that blocks spurious attempts to connect both outbound and inbound) as apposed to windows firewall which just blocks inbound.

Sirpingalot
09-05-2007, 20:06
I have the firewall on my netgear router set up - is this good enough?

cybernetic_tiger
09-05-2007, 20:10
Yes its ok, I wouldn't use it on it's own. IPNAT and the fact that your connected to your own Local network which then routes to the public network is one of the best security features.

Sirpingalot
09-05-2007, 20:28
Just shows how insecure the network is...shocking

---------- Post added at 19:21 ---------- Previous post was at 19:16 ----------

So what is IPNAT?

---------- Post added at 19:28 ---------- Previous post was at 19:21 ----------

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Mike>tracert 82.**.***.**

Tracing route to cpc2-brmb1-0-0-cust19.bagu.cable.ntl.com [82.**.**.**]
over a maximum of 30 hops:

1 1 ms 1 ms 1 ms cpc2-brmb1-0-0-cust***.bagu.cable.ntl.com [82.**
.**.**]
2 15 ms 8 ms 14 ms 10.***.***.*
3 61 ms 36 ms 34 ms cpc2-brmb1-0-0-cust***.bagu.cable.ntl.com [82.**.
***.**]

Trace complete.

That's what I get when I run a tracert to one of the addresses. I believe it goes through the UBR.

cybernetic_tiger
09-05-2007, 20:28
So what is IPNAT?

Internet Protocol Network Address Translation

... basically allowing multiple internal addresses use one public address by using a default gateway and a table of translations (internal address, internal port > external address, external port)

Sirpingalot
09-05-2007, 20:31
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Mike>tracert 82.**.***.**

Tracing route to cpc2-brmb1-0-0-cust19.bagu.cable.ntl.com [82.**.**.**]
over a maximum of 30 hops:

1 1 ms 1 ms 1 ms cpc2-brmb1-0-0-cust***.bagu.cable.ntl.com [82.**
.**.**]
2 15 ms 8 ms 14 ms 10.***.***.*
3 61 ms 36 ms 34 ms cpc2-brmb1-0-0-cust***.bagu.cable.ntl.com [82.**.
***.**]

Trace complete.

That's what I get when I run a tracert to one of the addresses. I believe it goes through the UBR.

cybernetic_tiger
09-05-2007, 20:47
The uBR (when your router is disconnected) is your first point of routing and as such it needs to go there first to be told where the destination is. Please remember that the cable modem does not make a determination as to the route the data travels it is just a bridge onto the HFC network.

So basically everything you send to the public network needs to go via the uBR.

Sirpingalot
09-05-2007, 21:09
Oh, I see. Is there anything else I can do to make my network more secure; my router is password enabled and it has an SPI firewall?

---------- Post added at 20:09 ---------- Previous post was at 19:55 ----------

I just find it completely baffling and worrying that a simple program that you can download from a certain place would allow you to be able to connect to other devices connected to the same uBR. It really does demonstrate how insecure the network infrastucture is.

cybernetic_tiger
09-05-2007, 21:16
You could connect to anyone in the world... that's why security is so important. Be thankful that you found that out the easy way and not the hard way!!

Sirpingalot
09-05-2007, 21:28
Thanks for all your help cyber! Enjoy the 2 rep points :)

Dai
09-05-2007, 21:47
Just shows how insecure the network is...shocking


Remember, the internet IS basically a huge network...

We're all linked to an extent. It's down to you to make certain that Joe next door can't share your files.

nffc
09-05-2007, 22:24
That program doesn't seem to work on VHP though I haven't restarted.

Sirpingalot
09-05-2007, 22:27
Should work.

nffc
09-05-2007, 22:30
Yeah, I'm gonna restart anyway, seeing as i last did so -88 days, -1 hour, -30 mins and 0 seconds ago. :rolleyes: at the dumb uptime timer.

Or shall I wait for the Nvidia drivers' instant restart feature to do it for me? ;)

nockie3
09-05-2007, 22:30
Its doing the same for me too on that program (Ex-TW)

i cant believe it shows all these! If they show up in this program, howcome you cant see them in my network places etc..

Sirpingalot
09-05-2007, 22:36
And some of them you can actually log onto (I wouldn't advise it).

nockie3
09-05-2007, 22:39
Dont be silly, i havent even tried :angel:

Nah, really, i wouldnt. I just tried one out of curiosity and it does seem to work but it came up with a password box asking for the username and password for the 'Prestige 645'. I didnt go any further than that.

Theres loadss of IP's listed in the program though.

nffc
10-05-2007, 00:00
The uptimer is even gheyer now. -118 days and all the rest!

it works now. But boringly, it doesn't find anything beyond my router. Is there a setting or something to make it look further? :)

Sirpingalot
10-05-2007, 00:13
you have to run it without a router...or at least without it blocking ports. Just re-connect directly to the modem

nffc
10-05-2007, 00:28
i don't think I have an ethernet cable long enough...