mooser 0 Posted April 20, 2020 Posted April 20, 2020 Hi my IP address recently got blocked by Spamhaus and a computer friend recommended ESET smart security to help keep my Network safe. Everything has been great with the ESET set up and have not seen any unusual traffic except for a mystery connection that has a MAC address from CIMSYS Inc out of south korea. The only thing i recently changed was switching over to Rogers ignite internet and only after that did i get blocked. Also switched over to new Cisco router I scanned my network when Cimsys was connected as per ESET's Connected Home Monitor and Eset identified it a Network service that said "this device is running common network services. these are needed by the network and are probably safe". it shows up on ESET as a device that comes and goes at random times but does not show up as a device on my Rogers app. I have looked on other websites and no one has really nailed down who or what is CIMSYS Inc and why it shows up a bunch of people's networks. can anyone help with this? cimsys.pdf
itman 1,801 Posted April 20, 2020 Posted April 20, 2020 (edited) Based on what is posted here: https://forums.att.com/conversations/att-internet-features/is-this-a-loop-or-is-someone-trying-to-get-into-my-network/5e43a9a1c17a06619164ea04 , it most likely is a legit device on your local network. You might want to start checking MAC ids on those devices for a match. Edited April 20, 2020 by itman
mooser 0 Posted April 21, 2020 Author Posted April 21, 2020 Thanks itman, i did see that post and a bunch of others but no one has nailed down who CIMSYS Inc really is or what they do. I did find a site that says they have 14 employees and make about 4 million a year in revenue so it sounds like a real company. ESET shows the blocked list and typically we get alot of Microsoft hits and CIMSYS hits, and if Microsoft has 9 hits so does CIMSYS so i assume they are somehow connected. I have every MAC address linked up between my Rogers app for Devices and ESET device list. The only mystery device is CIMSYS and only ESET shows it. Hopefully ESET can take care of whatever Spamhaus is seeing on my IP address.
mooser 0 Posted April 26, 2020 Author Posted April 26, 2020 To close this i want to advise that i am no longer blocked on Spamhaus. I changed my wifi password to a longer and crazy complicated one and that has removed most of the traffic i have seen on ESET Home Monitor & my Ignite app. I did request Spamhaus remove me from the list so whatever happened and how it happened, its over and ESET will keep protecting my internet. CIMSYS is still around but it now shows itself as CISCO which is the same make of my router and the IP address is now a Rogers one. the MAC address is still the same CIMSYS korea one but i am less paranoid about them now.
Recommended Posts