Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
General Security
Go to first new post Security -Expert installed multiple remo ...
Go to first new post Solved: not sure?about site
Go to first new post Computer security, may have been hacked ...
Go to first new post Account Maintenance/Upgrade
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > General Security >
Kernel Intrusion on my router

Reply  
Thread Tools
Trebor901's Avatar
Junior Member with 6 posts.
  
Join Date: Aug 2007
Experience: Intermediate
28-Aug-2007, 08:34 AM #1
Kernel Intrusion on my router
Hi last night i checked my routers "Security Log" and i found this line appearing every sort of 10 minutes:

kernel: Intrusion -> IN=ppp_0_38_1 OUT= MAC= SRC=219.148.119.6 DST=172.141.192.159 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 DF PROTO=TCP SPT=12200 DPT=7212 WINDOW=8192 RES=0x00 SYN URGP=0

Is this something i should be worried about or is it just something that happens when having a router.
Register for free to hide this ad!
Frank4d's Avatar
Distinguished Member with 8,718 posts.
  
Join Date: Sep 2006
Location: So. California
Experience: Since MS-Dos 3.0
28-Aug-2007, 09:47 AM #2
It looks like a computer in China: http://isc.incidents.org/ipinfo.html?ip=219.148.119.006 trying to access your AOL IP. It's ok as long as they don't actually get in, happens all the time. If they are getting past the router, well that is different.
Trebor901's Avatar
Junior Member with 6 posts.
  
Join Date: Aug 2007
Experience: Intermediate
28-Aug-2007, 09:49 AM #3
Well i havent got the network setup so you can access files from the pc's on the network so they wouldnt be able to do anything if they did get past the router anyway would they?
Trebor901's Avatar
Junior Member with 6 posts.
  
Join Date: Aug 2007
Experience: Intermediate
28-Aug-2007, 09:55 AM #4
Sometimes i get this aswell : kernel: eth1 Link UP.
Tritone's Avatar
Junior Member with 1 posts.
  
Join Date: Sep 2007
Location: New York City
Experience: Advanced
17-Sep-2007, 09:39 AM #5
Smile No Worries
Hi Trebor,

Basically, SPT=12200 DPT=7212 means "source port 12000 and destination port 7212".

It means something scanned your IP to see if you were open on port 7212.

This is a pretty normal thing to see in a firewall log anywhere. It is very common. There are bots and people who can ports looking for open proxies. 7212 is a tcp port used by a well known open proxy - meaning someone could surf the Internet, send spam, etc through your proxy IF it was open and you didn't have a firewall.

This is simply your firewall telling you it did it's job. You'll see similar entries for other ports, especially ports in the 1020-1030 range which are old Microsoft pop up ports that would let you send pop up messages to people on your local LAN. (or let spammers send you pop up ads).

The other line is just your firewall router telling you it's inside Ethernet interface is up.

This is all normal activity and you don't have anything to worry about. Your firewall is doing it's job and it is good you are monitoring the logs.

If you don't already monitor and keep historical logs, you should. Install something like Kiwi Syslog and set your PC up to receive the logs from your firewall.

Cheers,

T
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | General Security | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 10:46 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.