1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Constant Router/Hard-Drive Activity

Discussion in 'General Security' started by harrogate22, Jan 4, 2008.

Thread Status:
Not open for further replies.
Advertisement
  1. harrogate22

    harrogate22 Thread Starter

    Joined:
    Jan 2, 2008
    Messages:
    4
    Hi There,

    I'm rather worried that my laptop has been "got-at". The Belkin router has an LED which flashes constantly indicating traffic (I presume); it's the one associated with the channel to which the laptop is connected, and it flickers away all the time. I'm getting paranoid wondering to whom it may be chatting.

    I've noticed that coincident with this activity is a file (PFIREWALL.LOG) which is constantly being updated, and its contents are of the following form:

    2008-01-03 05:38:03 OPEN UDP 192.168.2.2 24.87.165.142 56168 60313 - - - - - - - - -
    2008-01-03 05:38:03 OPEN UDP 192.168.2.2 84.211.9.251 56168 9213 - - - - - - - - -
    2008-01-03 05:38:05 OPEN UDP 192.168.2.2 125.27.73.45 56168 8345 - - - - - - - - -
    2008-01-03 05:38:08 OPEN UDP 192.168.2.2 121.23.89.192 56168 11381 - - - - - - - - -
    2008-01-03 05:38:08 OPEN UDP 192.168.2.2 140.135.254.9 56168 15352 - - - - - - - - -
    2008-01-03 05:38:08 OPEN UDP 192.168.2.2 71.123.210.223 56168 26749 - - - - - - - - -
    2008-01-03 05:38:10 OPEN UDP 192.168.2.2 99.244.77.88 56168 24869 - - - - - - - - -
    2008-01-03 05:38:11 OPEN UDP 192.168.2.2 58.209.158.39 56168 10849 - - - - - - - - -
    2008-01-03 05:38:11 OPEN UDP 192.168.2.2 220.191.23.140 56168 25598 - - - - - - - - -
    2008-01-03 05:38:12 OPEN UDP 192.168.2.2 222.20.224.107 56168 16001 - - - - - - - - -
    2008-01-03 05:38:14 OPEN UDP 192.168.2.2 89.103.133.137 56168 13171 - - - - - - - - -

    I have also noticed that the "used" level of my hard disk is also constantly increasing, rather more - I suspect - than the as might be expected by the above pfirewall.log entries might justify.

    I would be most grateful for any ideas. Should I be concerned; what is it, and what is the solution?

    Many thanks in advance,

    Ken
     
  2. lunarlander

    lunarlander

    Joined:
    Sep 21, 2007
    Messages:
    9,211
  3. TOGG

    TOGG

    Joined:
    Apr 2, 2002
    Messages:
    5,856
    According to the IANA Ports list, UDP port 192 is used by the Ohio State University Network Monitoring System; http://www.iana.org/assignments/port-numbers

    I understand that there is, unfortunately, nothing to stop malware using any port it wants to, so, unless you have some connection with OSU, you may well have a problem that the HJT log could help to identify.
     
  4. strouprob

    strouprob Guest

    Joined:
    Jan 3, 2008
    Messages:
    112
    192 is part of the IP address (192.168.2.2) on the LAN not a port number.
    Have you ran a complete virus scan and malware scan?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/667957

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice