NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
"LAN access from remote" log entries
I've been looking over my daily router logs for the last few days and keep finding this entry sporadically: [LAN access from remote] from 184.105.247.199:32931 to 10.8.108.64:5353, Wednesday, Jul...
Port 5353 is commonly used for Multicast DNS (Apple calls it Bonjour). It's unusual to see a remote device access this port. In addition to disabling port forwarding/triggering, make sure that UPnP and DMZ are disabled, too. Those are the two other vectors by which a remote device could access the internal network.
shadowserver.org is a bunch of folks who (from Wikipedia): "The Shadowserver Foundation is a volunteer group of professional Internet security workers that gathers, tracks and reports on malware, botnet activity and electronic fraud. It aims to improve the security of the Internet by raising awareness of the presence of compromised servers, malicious attackers and the spread of malware."
And Rapid7 is an Internet security company.
I don't know what they are doing scanning or trying to access your network, but are you sure your local network has not been compromised/part of a botnet, etc..?
BTW, I am an utter nobody and know-nothing-much, and I'm sure someone with Real Smarts can assist you better, but I'd just check your local PCs/devices anyway.
The one time I had something like this happen was when a friend's son used his laptop on my home network. When he wasn't using it, the botnet he been infected with started doing its nefarious deeds. I booted him off the network, cleaned his laptop, and his mum bent his ear for months of his obsession with visiting absolutely any site that said they had "Game Cheats."
Teenagers, huh? ;)
Hope someone can really help you.
Susi xx
And Rapid7 is an Internet security company.
I don't know what they are doing scanning or trying to access your network, but are you sure your local network has not been compromised/part of a botnet, etc..?
BTW, I am an utter nobody and know-nothing-much, and I'm sure someone with Real Smarts can assist you better, but I'd just check your local PCs/devices anyway.
The one time I had something like this happen was when a friend's son used his laptop on my home network. When he wasn't using it, the botnet he been infected with started doing its nefarious deeds. I booted him off the network, cleaned his laptop, and his mum bent his ear for months of his obsession with visiting absolutely any site that said they had "Game Cheats."
Teenagers, huh? ;)
Hope someone can really help you.
Susi xx