Jump to content

uPnP Router Access Point and Blocked Taffic from internal Devices


Recommended Posts

So ESET has blocked about x31 IN packets from my own computer, every detail shows up as N/A.
Inside the network monitor tool there is also a uPnP Access Point router while uPnP is shut off in my router.
What else can I do do investigate more as every detail is either N/A or not shown.

2.png

Link to comment
Share on other sites

  • Administrators

I'd suggest the following:

- Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics.
- Reboot the computer.
- After you've encountered a problem with the communication blocked by the firewall, disable logging.
- Collect logs with ELC and upload the generated archive to a safe location.
- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

Link to comment
Share on other sites

3 hours ago, Marcos said:

I'd suggest the following:

- Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics.
- Reboot the computer.
- After you've encountered a problem with the communication blocked by the firewall, disable logging.
- Collect logs with ELC and upload the generated archive to a safe location.
- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

I have activated the logs, last night my network seemed to have been attacked. I switched over to OpenDNS, and tried blocking that router via my routers firewall and ESET firewall. At first my router was unable to save settings so I made a hard reset. After the hard reset I was able to save the firewall settings but to no avail. Even with ESETs firewall rule blocking that routers internal IP 1.1.1.2, Viewing wireshark I could still see activity in my network also communicating with my device.

This all happend around 2am - 6am.
I was up all night trying to work this out.

Right now the network scanner doesnt detect the uPnP access router so I believe it usually happens at night (I believe it may be a neighbor as you need to be within my wifis distance in order to connect a device like that am I correct?). I activated the log now, but after awhile I'll disable it and reactivate it at night again as during the day everything is normal.

upnp.png

upnp2.png

upnp3.png

browser.png

Edited by sunnyh
Link to comment
Share on other sites

Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them.

 

Edited by sunnyh
Link to comment
Share on other sites

  • Most Valued Members
5 hours ago, sunnyh said:

Here are the logs ran after startup for a few minutes. I dont think its enough time as these packets get blocked every once in awhile and its hard for me to turn it on as soon as I notice them.

 

If your logs contain any private information I recommend that you edit your post to remove the link and send it  to Marcos in a PM (Private Message) as he suggested

 

On 12/4/2017 at 10:36 AM, Marcos said:

- Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

.

Edited by SCR
Link to comment
Share on other sites

1 hour ago, SCR said:

If your logs contain any private information I recommend that you edit your post to remove the link and send it  to Marcos in a PM (Private Message) as he suggested

 

.

They dont have any private info as far as I know, but I'll remove it just in case. Thank you for the heads up.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...