Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
I get this little window with that message from my antivirus program several times a day. I know the nature of how someone is scanning my computer to look for a port to trying to get inside, but the remote IP is always the same: 192.168.1.254. I assume the local IP is me; that is also always the same but it bugs me that it appears the exact same person is trying to access my computer dozens of times a week. I googled the IP and could not find anything useful on it. Is this a malicious attack by a lone hacker or is it something like a business, maybe even my own server trying to contact me in a benign way? Thanks for any input that can help me understand what's going on.
192.168.1.x is usually your local router or another system connected to your router.
What type of network do you have at home, how many systems?
Wanna play it safe? Change your routers admin password.
Thanks for the info, plwhit. My server is SBC. I only have one system far as I know that is wired and wireless using a standard SBC modem. I don't know how to change a router's admin password--I'm not even aware if I have one or not. I have a password that SBC asks me to give if I want to talk about my account with them. Is that the router password you're referring to? And why would my own local router be trying to access my computer?
Do you have a router, or is your computer connected directly to the modem?
If you have a router, is the wireless secure, or disabled it not needed, it may be a neighbor connecting to your wireless.
DSL or cable?
192.168.x.x is a private address range and not allowed on the internet. However based on how your ISP is configured it may be another subscriber, or a board tech at the ISP. I know that some DSL subscribers are assigned a private IP by the ISP, specifically AT&T in this case.
If you have a router, you should be immune from any port probes from everything except perhaps wireless that has been left open or has been compromised, which is easy if you are using WEP to secure it.
Searches will not find the IP assigned to anyone as a private IP, it is not assigned by the IANA, it is reserved for use in private networks, such as behind a router at home.
Do you have a router, or is your computer connected directly to the modem?
If you have a router, is the wireless secure, or disabled it not needed, it may be a neighbor connecting to your wireless. DSL or cable?
Thank you, Ashville. My computer is connected directly to the modem---no router. It is DSL connected by cable, but we do have wireless capability built into the modem. When you say 192.168 is a private address range does that mean it is used specifically by individuals like me and never businesses? And when you say it is not allowed on the internet, does that mean that the people using it are on the internet illegally in some way?
I get my internet through SBC and my bill comes form AT&T so I assume SBC is AT&T. Whether I have a private IP I don't know. As i don't have a router I rely on my antivirus to stop the attacks. If it is a private IP and is not supposed to be on the internet then I assume these people are trying to probe me illegally. Would that be a fair assumption? Why don't they get the fact that my antivirus keeps stopping then and will continue to do so? Why don't they just move on to the next victim?
PS I NEVER use wireless.
192.168.x.x is a private address range and not allowed on the internet. However based on how your ISP is configured it may be another subscriber, or a board tech at the ISP. I know that some DSL subscribers are assigned a private IP by the ISP, specifically AT&T in this case.
If you have a router, you should be immune from any port probes from everything except perhaps wireless that has been left open or has been compromised, which is easy if you are using WEP to secure it.
Searches will not find the IP assigned to anyone as a private IP, it is not assigned by the IANA, it is reserved for use in private networks, such as behind a router at home.[/quote]
Private IPs are designated address pools that are used for private networks. Meaning they're simply used for networking home or businesses systems. These address are not used on the "public facing" internet. It has nothing to do with legality, just how the internet protocols are configured (backbone/Internet exchange routers on the Internet won't even route packets from those addresses). Compare it to internal phone extensions.
Whether or not this is your private home network will depend on how the network was designed. However, since you mentioned that your "modem" has wireless. Its most likely that its a router as well. So I would guess that it is your home network, and the device that is using the address 192.168.1.254 is most likely on the local network. This is just a guess based on the info provided....
Is your wireless network on (regardless if you're using it, it can still be on)? If so, someone may have just hopped on there gave themselves that address and started to scan the network. Also, what A/V program are you using? I'm guessing its also an HIDS as most A/V's by themselves will not detect port scans.
You definitely want to have admin access to your router. At the very least, you can turn off the wireless if you don't use it. But it also may provide additional info to who maybe connected to your network (if that is the case). Another option would be to use nmap to get a quick visualization of your network.
Private IPs are designated address pools that are used for private networks. Meaning they're simply used for networking home or businesses systems. These address are not used on the "public facing" internet. It has nothing to do with legality, just how the internet protocols are configured (backbone/Internet exchange routers on the Internet won't even route packets from those addresses). Compare it to internal phone extensions.
Whether or not this is your private home network will depend on how the network was designed. However, since you mentioned that your "modem" has wireless. Its most likely that its a router as well. So I would guess that it is your home network, and the device that is using the address 192.168.1.254 is most likely on the local network. This is just a guess based on the info provided....
Is your wireless network on (regardless if you're using it, it can still be on)? If so, someone may have just hopped on there gave themselves that address and started to scan the network. Also, what A/V program are you using? I'm guessing its also an HIDS as most A/V's by themselves will not detect port scans.
You definitely want to have admin access to your router. At the very least, you can turn off the wireless if you don't use it. But it also may provide additional info to who maybe connected to your network (if that is the case). Another option would be to use nmap to get a quick visualization of your network.
Thanks for the detailed info, macroy. Most of what you say about public-facing internet and such is above my level of comprehension, but my a/v is kaspersky. It is top-of-the-line so I assume it is doing a right job of protecting me. We leave the wireless on just for convenience's sake, so I guess I'm running a risk with that. It's a trade-off, I suppose.
Ashville, my modem is a gateway but I can't read the model info---it's badly scratched from abuse. I really should ask SBC to send me another one because it's badly out-of-date.
If your provider has set a password on the device blocking your ability to secure your wireless, DEMAND they give it to you so that you can secure your wireless to protect yourself from people connecting without your permission.
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
