Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Page 1 of 2 12 LastLast
    Results 1 to 10 of 15
    Like Tree3Likes

    Intrusion In Log Activity In Broadband set up

    This is a discussion on Intrusion In Log Activity In Broadband set up within the Mac users forums, part of the Sky Broadband help category; Not sure if I am to be worried about this, but when I go to Security Log in Broadband Set ...

    1. #1
      wolfiebrian's Avatar
      wolfiebrian is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky Basic
      Join Date
      Nov 2012
      Posts
      97
      Thanks
      13
      Thanked 0 Times in 0 Posts

      Intrusion In Log Activity In Broadband set up

      Not sure if I am to be worried about this, but when I go to Security Log in Broadband Set Up In My Router, I see a lot of 'intrusion'

      I won't copy all of it, but just a section

      Jan 7 15:08:18 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=187.208.114.249 DST=90.199.222.163 LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=17140 DF PROTO=TCP SPT=53403 DPT=6881 WINDOW=65535 RES=0x00 SYN URGP=0
      Jan 7 15:12:12 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=90.199.207.81 DST=90.199.222.163 LEN=48 TOS=0x00 PREC=0x00 TTL=57 ID=57939 DF PROTO=TCP SPT=60165 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
      Jan 7 15:32:02 (none) user.alert kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=184.189.252.133 DST=90.199.222.163 LEN=52 TOS=0x00 PREC=0x00 TTL=117 ID=3938 DF PROTO=TCP SPT=49571 DPT=6881 WINDOW=8192 RES=0x00 SYN URGP=0

      How do you make sense of these statistics? If I see 'intrusion' it rings alarm bells.


    2. Advertisement
    3. #2
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      27,908
      Thanks
      812
      Thanked 2,195 Times in 2,065 Posts

      Re: Intrusion In Log Activity In Broadband set up

      The IP Address which begins with 187 is from Mexico. The one that starts with 184 is from Georgia, USA (source: WhoIS database). The other IP Addresses are from Sky.

      It looks likely that you are running torrents and the router has picked up something or someone has tried to access your network (Internet bot sniffing for a connection) but has been found and stopped.

      Check your router's setting to see if 'Respond to Ping' is disabled. If it isn't please do disable it.

      Sky Fibre Unlimited Pro: Connected at 80,000 kbps / 20,000 kbps
      Previous ADSL2+ Speed 19999 kbps 1153 kbps, Line Attenuation 17.5 db 6.9 db, Noise Margin 7.5 dB 8.7 dB
      Speedtest: 17.15MB/s 0.97Mb/s Ping 31 ms

    4. #3
      wolfiebrian's Avatar
      wolfiebrian is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky Basic
      Join Date
      Nov 2012
      Posts
      97
      Thanks
      13
      Thanked 0 Times in 0 Posts

      Re: Intrusion In Log Activity In Broadband set up

      Thanks, I am definitely not running torrents, whatever they are, I did notice unusual activity with someone logging into facebook on my computer, I had to log them out. I have the respond to ping box unchecked and I am not using wireless, all boxes in wireless are unchecked.

      There are pages and pages in my log about intrusions, I only copied and pasted a section

    5. #4
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      27,908
      Thanks
      812
      Thanked 2,195 Times in 2,065 Posts

      Re: Intrusion In Log Activity In Broadband set up

      I saw that post of yours. It is likely that the two are linked.

      Download and install something such as Malwarebytes Anti-Malware. Run the full scan to ensure that you don't have any nasties.

      Check through the list of installed programs and remove anything which looks suspicious. If you are unsure, get help.

      Next ensure that you have changed all your passwords.

      Basically I suspect than you have had an account hacked somewhere and that you may have a keyboard logger or something else present on your PC.

      Malwarebytes : Free anti-malware download

      Sky Fibre Unlimited Pro: Connected at 80,000 kbps / 20,000 kbps
      Previous ADSL2+ Speed 19999 kbps 1153 kbps, Line Attenuation 17.5 db 6.9 db, Noise Margin 7.5 dB 8.7 dB
      Speedtest: 17.15MB/s 0.97Mb/s Ping 31 ms

    6. #5
      wolfiebrian's Avatar
      wolfiebrian is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky Basic
      Join Date
      Nov 2012
      Posts
      97
      Thanks
      13
      Thanked 0 Times in 0 Posts

      Re: Intrusion In Log Activity In Broadband set up

      Thank you, Does Malwarebytes work on Mac?

    7. #6
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      27,908
      Thanks
      812
      Thanked 2,195 Times in 2,065 Posts

      Re: Intrusion In Log Activity In Broadband set up

      It doesn't look like it. Search for a anti-malware product which works on your Mac. Perhaps someone may be able to suggest something?

      I am guessing that you haven't got any AV software installed either (sorry most Mac owners think that they are immune from nasties). Please purchase something if you don't. Install it and use it.

      Sky Fibre Unlimited Pro: Connected at 80,000 kbps / 20,000 kbps
      Previous ADSL2+ Speed 19999 kbps 1153 kbps, Line Attenuation 17.5 db 6.9 db, Noise Margin 7.5 dB 8.7 dB
      Speedtest: 17.15MB/s 0.97Mb/s Ping 31 ms

    8. #7
      wolfiebrian's Avatar
      wolfiebrian is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky Basic
      Join Date
      Nov 2012
      Posts
      97
      Thanks
      13
      Thanked 0 Times in 0 Posts

      Re: Intrusion In Log Activity In Broadband set up

      I did a Google search and it came up with ClamXav which is good for Macs, I have run it and it's not picking up anything, not sure if that's a good thing or bad.

    9. #8
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      27,908
      Thanks
      812
      Thanked 2,195 Times in 2,065 Posts

      Re: Intrusion In Log Activity In Broadband set up

      That is an AV product.

      I have found in the past that it is necessary to use several tools. I would suggest an Anti-Malware program but I don't have a Mac. Have a read of this article: The Best Anti-Virus And Anti-Malware Software For Your Mac - Business Insider

      Sky Fibre Unlimited Pro: Connected at 80,000 kbps / 20,000 kbps
      Previous ADSL2+ Speed 19999 kbps 1153 kbps, Line Attenuation 17.5 db 6.9 db, Noise Margin 7.5 dB 8.7 dB
      Speedtest: 17.15MB/s 0.97Mb/s Ping 31 ms

    10. #9
      wolfiebrian's Avatar
      wolfiebrian is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Sky Hub SR102
      Sky TV: Sky Basic
      Join Date
      Nov 2012
      Posts
      97
      Thanks
      13
      Thanked 0 Times in 0 Posts

      Re: Intrusion In Log Activity In Broadband set up

      Thanks for the Link, One of the best is $49.99 which is a bit steep. They also recommend using Safari browser, maybe Firefox is unsafe and it's firefox causing the problems. I do get a lot of pop ups with Firefox even though I have pop ups blocked.

      How Can I determine if I am running torrents, thats for downloading stuff right? So someone could be using my computer for downloading without my knowledge.

    11. #10
      Tezcatlipoca's Avatar
      Tezcatlipoca is offline Sky User Moderator
      Exchange: Cambridge (EACAM)
      Broadband ISP: Sky Fibre Unlimited Pro
      Router: Sky Hub SR101
      Sky TV: Sky+HD box
      Join Date
      Feb 2007
      Location
      Cambridge
      Posts
      855
      Thanks
      13
      Thanked 7 Times in 7 Posts

      Re: Intrusion In Log Activity In Broadband set up

      What version of OS X is your Mac running?

      Is it up to date with all of Apple's available software updates?


      Do you have Java installed? If so, you should disable the browser plugin for Java on Firefox and any other browser that you use. You are highly unlikely to need it, and it's more of a risk than a benefit (Google the Flashback trojan, for just one example). The latest Apple update for Java disables the browser plugins, however I don't know if that applies to all versions.


      To help put your mind at ease, you could try a variety of Mac anti-malware apps, as suggested by Scubbie.

      The following have real-time protection, as well as on-demand scanning:

      Sophos, Avast, and Avira are all free.

      Intego VirusBarrier, Kaspersky, F-Secure and others are not free, but do have free trials that you could use.

      Never have more than one installed at the same time. Always make sure that you fully remove one before installing another.

      NB: Sophos' real-time protection sometimes breaks, and I found that my Mac would sometimes crash when using Avast.



      There are also apps available that *only* have on-demand scanning, such as these in the Mac App Store: ClamXav, Bitdefender Virus Scanner, and VirusBarrier Plus. ClamXav is free, and so is Bitdefender. VirusBarrier Plus is 6.99. As these are Mac App Store apps they are sandboxed, which is why they do not provide real-time protection. [running an anti-malware app that has real-time protection can in itself be a security risk, as they run with "root" privileges]
      speedyrite likes this.

     

     
    Page 1 of 2 12 LastLast

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2017. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION