Jump to content

Recommended Posts

Posted

So ESET has blocked about x31 IN packets from my own computer, every detail shows up as N/A.
Inside the network monitor tool there is also a uPnP Access Point router while uPnP is shut off in my router.
What else can I do do investigate more as every detail is either N/A or not shown.

2.png

  • Administrators
Posted

I'd suggest the following:

- Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics.
- Reboot the computer.
- After you've encountered a problem with the communication blocked by the firewall, disable logging.
- Collect logs with ELC and upload the generated archive to a safe location.
- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

Posted (edited)
3 hours ago, Marcos said:

I'd suggest the following:

- Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics.
- Reboot the computer.
- After you've encountered a problem with the communication blocked by the firewall, disable logging.
- Collect logs with ELC and upload the generated archive to a safe location.
- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

I have activated the logs, last night my network seemed to have been attacked. I switched over to OpenDNS, and tried blocking that router via my routers firewall and ESET firewall. At first my router was unable to save settings so I made a hard reset. After the hard reset I was able to save the firewall settings but to no avail. Even with ESETs firewall rule blocking that routers internal IP 1.1.1.2, Viewing wireshark I could still see activity in my network also communicating with my device.

This all happend around 2am - 6am.
I was up all night trying to work this out.

Right now the network scanner doesnt detect the uPnP access router so I believe it usually happens at night (I believe it may be a neighbor as you need to be within my wifis distance in order to connect a device like that am I correct?). I activated the log now, but after awhile I'll disable it and reactivate it at night again as during the day everything is normal.

upnp.png

upnp2.png

upnp3.png

browser.png

Edited by sunnyh
  • Administrators
Posted

Please provide the logs as instructed in my previous post to troubleshoot the issue further.

Posted (edited)

Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them.

 

Edited by sunnyh
  • Most Valued Members
Posted (edited)
5 hours ago, sunnyh said:

Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them.

 

If your logs contain any private information I recommend that you edit your post to remove the link and send it  to Marcos in a PM (Private Message) as he suggested

 

On 12/4/2017 at 10:36 AM, Marcos said:

- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

.

Edited by SCR
Posted
1 hour ago, SCR said:

If your logs contain any private information I recommend that you edit your post to remove the link and send it  to Marcos in a PM (Private Message) as he suggested

 

.

They dont have any private info as far as I know, but I'll remove it just in case. Thank you for the heads up.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...