Network Penetrated?
2006/03/12 15:49:51 ** Unauthorized HTTP Access ** <IP/TCP> 202.64.229.86:3152 ->> 12.215.124.171:80
2006/03/12 15:49:54 ** Unauthorized HTTP Access ** <IP/TCP> 202.64.229.86:3152 ->> 12.215.124.171:80
2006/03/12 15:50:00 ** Unauthorized HTTP Access ** <IP/TCP> 202.64.229.86:3152 ->> 12.215.124.171:80
2006/03/12 21:34:24 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:2016 ->> 12.215.124.171:80
2006/03/12 21:34:27 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:2016 ->> 12.215.124.171:80
2006/03/12 21:38:15 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4159 ->> 12.215.124.171:80
2006/03/12 21:38:18 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4159 ->> 12.215.124.171:80
2006/03/12 21:38:18 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4166 ->> 12.215.124.171:80
2006/03/13 06:24:12 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:3077 ->> 12.215.124.171:80
2006/03/13 06:24:15 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:3077 ->> 12.215.124.171:80
2006/03/13 10:00:06 ** Unauthorized HTTP Access ** <IP/TCP> 66.241.88.82:4911 ->> 12.215.124.171:80
2006/03/13 10:00:09 ** Unauthorized HTTP Access ** <IP/TCP> 66.241.88.82:4911 ->> 12.215.124.171:80
2006/03/13 12:38:17 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.37.210:3721 ->> 12.215.124.171:80
2006/03/13 12:38:20 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.37.210:3721 ->> 12.215.124.171:80
2006/03/13 18:05:08 192.168.2.2 login successful
2006/03/13 18:09:50 RF Reset...Pass
This was in my kids wireless router. I looked and the security was WEP. I changed their security to WPA. What can I do here? Is it a real threat? Is it most likely that the IP address was spoofed? Anyone with exp here have any thoughts?
Heading back home and will check back then...
2006/03/12 15:49:54 ** Unauthorized HTTP Access ** <IP/TCP> 202.64.229.86:3152 ->> 12.215.124.171:80
2006/03/12 15:50:00 ** Unauthorized HTTP Access ** <IP/TCP> 202.64.229.86:3152 ->> 12.215.124.171:80
2006/03/12 21:34:24 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:2016 ->> 12.215.124.171:80
2006/03/12 21:34:27 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:2016 ->> 12.215.124.171:80
2006/03/12 21:38:15 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4159 ->> 12.215.124.171:80
2006/03/12 21:38:18 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4159 ->> 12.215.124.171:80
2006/03/12 21:38:18 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:4166 ->> 12.215.124.171:80
2006/03/13 06:24:12 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:3077 ->> 12.215.124.171:80
2006/03/13 06:24:15 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.103.179:3077 ->> 12.215.124.171:80
2006/03/13 10:00:06 ** Unauthorized HTTP Access ** <IP/TCP> 66.241.88.82:4911 ->> 12.215.124.171:80
2006/03/13 10:00:09 ** Unauthorized HTTP Access ** <IP/TCP> 66.241.88.82:4911 ->> 12.215.124.171:80
2006/03/13 12:38:17 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.37.210:3721 ->> 12.215.124.171:80
2006/03/13 12:38:20 ** Unauthorized HTTP Access ** <IP/TCP> 12.215.37.210:3721 ->> 12.215.124.171:80
2006/03/13 18:05:08 192.168.2.2 login successful
2006/03/13 18:09:50 RF Reset...Pass
This was in my kids wireless router. I looked and the security was WEP. I changed their security to WPA. What can I do here? Is it a real threat? Is it most likely that the IP address was spoofed? Anyone with exp here have any thoughts?
Heading back home and will check back then...
To protect and to serve(r)...
Comments
-
JDMurray Admin Posts: 13,101 AdminThe address 12.215.124.171 is being probed for an active HTTP server on port 80, and your router is rejecting the connection requests. It looks like the probes are originating from the Internet rather than from a wireless device. You can't really tell for sure if the source addresses are spoofed or not, but in this case it really doesn't matter.
Congratulations, your firewall works! -
cairtaker Member Posts: 140On the router there is an option to allow or disallow access by mac address? How about some opionions on just how more or less secure this will make the network with this wireless router? Is there other considerations when making a user authenticate by mac address? That would make it multiple authentication and therefore raise the security level by adding another layer? I'm new to this so anyone feel free to throw some thoghts at me.To protect and to serve(r)...