[Mabusi]

Hi

Lately something has been bothering me a bit. As soon as I play a MP3 I see a lot of activity on my Router. This seems to be quite consistent. This made me a bit suspicius so I went and checked my router ( DSL-2500U ) 's activity log. I'm getting quite a bit of the following alerts:

Kernel: Intrusion - IN = ppp_8_35_1 OUT = MAC =
SRC = 41.247.98.27 DST = 41.247.178.91 LEN .....

I'm not to sure what to make of this. Could it be farfetched to think that as soon as I play an MP3, It spews it out somewhere or am I just being a bit paranoid. Somebody did do some work on my computer a while ago and I was not present.

[lotuseclat79]

Hi Mabusi,

Welcome to TSG!

When you first connected your system together, did you change the default router admin password? This is often overlooked by many, and is a vector of attack for malware. The default admin passwords are posted on the Internet.

That is one change you should make.

After making the change, I suggest you visit the Kaspersky.com web site and let them do a full free virus scan of your system over the Internet for malware. Trendmicro.com is another full scan web site. I would certainly let both do a full scan of my system in your situation.

At the very worst case, you may need to do a full reinstallation of Vista, and hope that your BIOS chip is not compromised (in which case, you would need a new BIOS chip).

Note: Vista has good inbound firewall (software) protection, but no outbound firewall protection (by which a miscreant would "phone home" with compromising information from your system). Suggest you get ZoneAlarm Free software firewall for outbound protection. Other firewalls a also very good for outbound protection, but require payment.

-- Tom

[Mabusi]

Hi

I have changed all my passwords, Router's and Computer's after the installation.

Also did a "Deep System Scan" with BitDefender just recently, but it didn't come up with any surprises.

[TechOutsider]

It could just be an annoying neighbor.

[Mabusi]

Hi

What about a "System Restore" to a point before I made the internet connection??

Mabusi

[lotuseclat79]

Sounds like it is worth a shot, if you are confident with System Restores.

-- Tom

[Mabusi]

Hi

"System Restore" seems to be out of the question. I cant go that far back ( about 6 months ). Furthermore I did a scan at "Kaspersky.com" and it didn't come up with anything. Also tried "TrendMicro.com" but this site gave me a bit of a problem , maybe "Housecall" does not support Vista ?

So now maybe a OS Re-installation ? Only problem is, I did not get my
"Windows Vista Home Basic" on a CD with my system . What now?

[Mabusi]

Hi

Looking at my router's log file I noticed something else now : The "Kernel : Intrusion ...." message I've been getting seems to come up every 10min &
18secs. Quite consistently. So I dont know wether there is any link between that and the activity on my router everytime when I play a MP3.

So instead of one problem it looks like I've got 2. There is not perhaps a way of capturing the data to see what the router is actually sending/
receiving at that point in time when I play the MP3?

[lunarlander]

Microsoft has a free network sniffer.

http://www.microsoft.com/downloads/d...DisplayLang=en