sunnyh 0 Posted December 3, 2017 Posted December 3, 2017 So ESET has blocked about x31 IN packets from my own computer, every detail shows up as N/A. Inside the network monitor tool there is also a uPnP Access Point router while uPnP is shut off in my router. What else can I do do investigate more as every detail is either N/A or not shown.
Administrators Marcos 5,462 Posted December 4, 2017 Administrators Posted December 4, 2017 I'd suggest the following: - Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics. - Reboot the computer. - After you've encountered a problem with the communication blocked by the firewall, disable logging. - Collect logs with ELC and upload the generated archive to a safe location. - Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.
sunnyh 0 Posted December 4, 2017 Author Posted December 4, 2017 (edited) 3 hours ago, Marcos said: I'd suggest the following: - Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics. - Reboot the computer. - After you've encountered a problem with the communication blocked by the firewall, disable logging. - Collect logs with ELC and upload the generated archive to a safe location. - Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues. I have activated the logs, last night my network seemed to have been attacked. I switched over to OpenDNS, and tried blocking that router via my routers firewall and ESET firewall. At first my router was unable to save settings so I made a hard reset. After the hard reset I was able to save the firewall settings but to no avail. Even with ESETs firewall rule blocking that routers internal IP 1.1.1.2, Viewing wireshark I could still see activity in my network also communicating with my device. This all happend around 2am - 6am. I was up all night trying to work this out. Right now the network scanner doesnt detect the uPnP access router so I believe it usually happens at night (I believe it may be a neighbor as you need to be within my wifis distance in order to connect a device like that am I correct?). I activated the log now, but after awhile I'll disable it and reactivate it at night again as during the day everything is normal. Edited December 4, 2017 by sunnyh
Administrators Marcos 5,462 Posted December 4, 2017 Administrators Posted December 4, 2017 Please provide the logs as instructed in my previous post to troubleshoot the issue further.
sunnyh 0 Posted December 5, 2017 Author Posted December 5, 2017 (edited) Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them. Edited December 5, 2017 by sunnyh
Most Valued Members SCR 195 Posted December 5, 2017 Most Valued Members Posted December 5, 2017 (edited) 5 hours ago, sunnyh said: Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them. If your logs contain any private information I recommend that you edit your post to remove the link and send it to Marcos in a PM (Private Message) as he suggested On 12/4/2017 at 10:36 AM, Marcos said: - Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues. . Edited December 6, 2017 by SCR
sunnyh 0 Posted December 5, 2017 Author Posted December 5, 2017 1 hour ago, SCR said: If your logs contain any private information I recommend that you edit your post to remove the link and send it to Marcos in a PM (Private Message) as he suggested . They dont have any private info as far as I know, but I'll remove it just in case. Thank you for the heads up.
Recommended Posts