Yea the only thing that worries me.
Port 6699 - Napster (and other p2p programs)
Port 6699 - Napster (and other p2p programs)
- Welcome to Networking-Forums.com.
We're Here to Help!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
Security / Re: Vodafone router port 6699 open
July 27, 2015, 08:43:57 AM
So, defauled the router tonight.
Help down the reset pin for roughly 20 secs, did its default proceedure and re-configured the WiFi SSID and password so know clients could reconnect.
And, port 6699 is still ipen. This guys good!
So, now I would immagine hes actually edited the firmware, so its when it loads default configuration the port is still open.
Or? Am I overthinking this? But, this port really shouldnt be open.
And I hate to say it, ive been seeing some weird shit hapenning. Like DNS caching and massive lagg, maybe im a botnet haha.
Your thoughts please. Starting to get rather suspect!
Help down the reset pin for roughly 20 secs, did its default proceedure and re-configured the WiFi SSID and password so know clients could reconnect.
And, port 6699 is still ipen. This guys good!
So, now I would immagine hes actually edited the firmware, so its when it loads default configuration the port is still open.
Or? Am I overthinking this? But, this port really shouldnt be open.
And I hate to say it, ive been seeing some weird shit hapenning. Like DNS caching and massive lagg, maybe im a botnet haha.
Your thoughts please. Starting to get rather suspect!
#3
Homework Help / Re: LAN connected to WAN port
July 17, 2015, 08:03:25 AM
Thanks for the reply.
I am not sure if it shows linked on the switch on the 192.168.1.0 network.
As for connectivity, I have not tried WiFi, but have connected to the switch which the WiFi access point is connected to on the 192.168.0.0 network and I get DHCP and DNS, am able to pull pages etc... google, trademe facebook etc.
Based on this, I would imagine the access point is working. But obviously the WAN link back to the gateway (at what I believe is 192.168.1.0) has internet.
SO, this WAN port works one way? how am I able to reach the 192.168.0.0 network from 192.168.1.0 when routing does not seem possible? These are not layer 3 switches.
Cheers
I am not sure if it shows linked on the switch on the 192.168.1.0 network.
As for connectivity, I have not tried WiFi, but have connected to the switch which the WiFi access point is connected to on the 192.168.0.0 network and I get DHCP and DNS, am able to pull pages etc... google, trademe facebook etc.
Based on this, I would imagine the access point is working. But obviously the WAN link back to the gateway (at what I believe is 192.168.1.0) has internet.
SO, this WAN port works one way? how am I able to reach the 192.168.0.0 network from 192.168.1.0 when routing does not seem possible? These are not layer 3 switches.
Cheers
#4
Homework Help / LAN connected to WAN port
July 17, 2015, 02:16:18 AM
Hey guys,
Had an issue today with a weird network. We were installing some IP cameras, and generally find the nearest point to jump on the network and chuck some PoE switches or injectors in.
This senario, we have a public wifi.
The main network, the router with DSL is at 192.168.1.254 on the 192.168.1.0 network and the public wifi is at 192.168.0.1 on 192.168.0.0 all /24
We have installed a 8 port PoE switch on the public wifi side as they have access points everywhere. Saves running cables all over.
It appears they have the router at 192.168.1.254, then into a switch. From the switch they have run a cable to a wireless access point and connected via the WAN port. From there they have just jumped between LAN ports on the access points.
so a basic diagram
192.168.1.254 (Gateway with DSL) >>
4 port layer 2 switch >>
192.168.0.1 (Public Wifi access point connected via WAN port) connected to other access points along the line.
I can ping google and get DHCP on the 192.168.0.0 network, however I cannot reach the 192.168.0.0 network from 192.168.1.0 and the other way around.
Our NVR is closest to the 192.168.1.0 network but all cameras are on the 192.168.0.0 network.
My conclusion was, there is NO routing possible here as they are using the WAN port and going via a switch off the router, rather then configuring a separate interface on the actual router and setting it up for the 192.168.0.0 network, that way routing could take place between the two interfaces or networks.
I hope this information is clear enough, I can draw a diagram if needed.
Cheers
Had an issue today with a weird network. We were installing some IP cameras, and generally find the nearest point to jump on the network and chuck some PoE switches or injectors in.
This senario, we have a public wifi.
The main network, the router with DSL is at 192.168.1.254 on the 192.168.1.0 network and the public wifi is at 192.168.0.1 on 192.168.0.0 all /24
We have installed a 8 port PoE switch on the public wifi side as they have access points everywhere. Saves running cables all over.
It appears they have the router at 192.168.1.254, then into a switch. From the switch they have run a cable to a wireless access point and connected via the WAN port. From there they have just jumped between LAN ports on the access points.
so a basic diagram
192.168.1.254 (Gateway with DSL) >>
4 port layer 2 switch >>
192.168.0.1 (Public Wifi access point connected via WAN port) connected to other access points along the line.
I can ping google and get DHCP on the 192.168.0.0 network, however I cannot reach the 192.168.0.0 network from 192.168.1.0 and the other way around.
Our NVR is closest to the 192.168.1.0 network but all cameras are on the 192.168.0.0 network.
My conclusion was, there is NO routing possible here as they are using the WAN port and going via a switch off the router, rather then configuring a separate interface on the actual router and setting it up for the 192.168.0.0 network, that way routing could take place between the two interfaces or networks.
I hope this information is clear enough, I can draw a diagram if needed.
Cheers
#5
Homework Help / DNS Questions..
July 14, 2015, 05:33:45 AM
So ive basically labelled DNS as the most powerful protocol on the internet today...
Im not sure how true that is, but it seems to me.... Also im not sure if this post is even in the right PLACE (austech in general)
But, I have some questions regarding DNS.
1. If I set my NIC on windows to statically use DNS 8.8.8.8, does it do a direct request via 8.8.8.8, or will it send that request to the gateway and then send the DNS request via the ISP assigned DNS servers? So, in order to do a legitimate DNS request to 8.8.8.8, do I need to statically set the routers DNS server to 8.8.8.8?
2. Does anyone know about DNS leaking? and Transparent DNS proxies? Would like to talk more
Im not sure how true that is, but it seems to me.... Also im not sure if this post is even in the right PLACE (austech in general)
But, I have some questions regarding DNS.
1. If I set my NIC on windows to statically use DNS 8.8.8.8, does it do a direct request via 8.8.8.8, or will it send that request to the gateway and then send the DNS request via the ISP assigned DNS servers? So, in order to do a legitimate DNS request to 8.8.8.8, do I need to statically set the routers DNS server to 8.8.8.8?
2. Does anyone know about DNS leaking? and Transparent DNS proxies? Would like to talk more
#6
Security / Re: Vodafone router port 6699 open
July 12, 2015, 06:39:51 AM
Im not sure. I havnt managed to capture any traffic yet.
I have a server directly connected to the router to the gigabit port, ran a wireshark cap on that
tcp.port==6699 with absolutely no traffic.
Have powered the server down, and re checked the port, still open to I know its not the server.
Cheers
I have a server directly connected to the router to the gigabit port, ran a wireshark cap on that
tcp.port==6699 with absolutely no traffic.
Have powered the server down, and re checked the port, still open to I know its not the server.
Cheers
#7
Security / Re: Vodafone router port 6699 open
July 12, 2015, 02:48:42 AM
Thanks for the reply.
Theres no forwards in the router. Also nothing in the DMZ. Checked uPnP and disabled it.
Ive nampped most clients on the LAN for 6699 open. Nothing.
So my guess is its the router iteself thats listenning. But ive been through everything settinga wise and cant find anything, which is what make me extremely suspect.
The other night, I had a windows 8 style popup come up saying a windows update is available and im running windows 7, I clicked update and nothing happened.
I will do some more testing, but my guess is someone has opened this port in the backend.
Cheers
Theres no forwards in the router. Also nothing in the DMZ. Checked uPnP and disabled it.
Ive nampped most clients on the LAN for 6699 open. Nothing.
So my guess is its the router iteself thats listenning. But ive been through everything settinga wise and cant find anything, which is what make me extremely suspect.
The other night, I had a windows 8 style popup come up saying a windows update is available and im running windows 7, I clicked update and nothing happened.
I will do some more testing, but my guess is someone has opened this port in the backend.
Cheers
#8
Security / Vodafone router port 6699 open
July 11, 2015, 08:26:48 AM
Hey guys,
I have a vodafone router, supplied by vodafone. I have recently done a namp scan on my router and found port 6699 open, then check it externally and 6699 is still open, externally. I have checked my forwards and also checked DMZ, disabled uPnP. I cant understand how this port is open.
The only thing I can think is its been open in the backend, modifying the code. I cant really default the router cause I am flatting but also really want to try see whats going on. Ive also noticed some weird stuff going on ( an example is I had a windows 8 style update box popup on windows 7 asking me to update windows, I clicked yes not thinking and nothing happened. )
I have a server directly attached to the router running wireshark, and tried listening in promiscuous mode on tcp.port==6699 but I get no results. No traffic on that port? Is it possible the port is being changed using NAT or something?
Im quite worried about this, but I want to get under or behind it as a learning process. Ive considered intercepting traffic with the server ( WAN in on one NIC and LAN out on another so no traffic can phisically pass with me seeing it. ) but this would not be right based on my living situation.
Is there a way to see the traffic on that port? Or other captures I can use to see whats going on?
Cheers
I have a vodafone router, supplied by vodafone. I have recently done a namp scan on my router and found port 6699 open, then check it externally and 6699 is still open, externally. I have checked my forwards and also checked DMZ, disabled uPnP. I cant understand how this port is open.
The only thing I can think is its been open in the backend, modifying the code. I cant really default the router cause I am flatting but also really want to try see whats going on. Ive also noticed some weird stuff going on ( an example is I had a windows 8 style update box popup on windows 7 asking me to update windows, I clicked yes not thinking and nothing happened. )
I have a server directly attached to the router running wireshark, and tried listening in promiscuous mode on tcp.port==6699 but I get no results. No traffic on that port? Is it possible the port is being changed using NAT or something?
Im quite worried about this, but I want to get under or behind it as a learning process. Ive considered intercepting traffic with the server ( WAN in on one NIC and LAN out on another so no traffic can phisically pass with me seeing it. ) but this would not be right based on my living situation.
Is there a way to see the traffic on that port? Or other captures I can use to see whats going on?
Cheers
#9
Security / Re: Port 6699 open on vodafone router
July 06, 2015, 06:48:14 PM
Thanks, ill give it a default.
I find it stupid these routers are pushed out with no basic security.
Having said that, my own fault for not changing the password and being nlmore onto it
I find it stupid these routers are pushed out with no basic security.
Having said that, my own fault for not changing the password and being nlmore onto it
#10
Security / Re: Port 6699 open on vodafone router
July 06, 2015, 10:25:55 AM
Thats the issue. According to the router its not open?
Im trying to get a background on this router? Is it easy to exploit?
Also how is this port open if theres no node/service running or listenning for a connection on my network?
From my understanding, and please correct me if im wrong, but a host, PC or the router, must be listenning for a connection on that port for it to be open?
Thanks for the reply
Im trying to get a background on this router? Is it easy to exploit?
Also how is this port open if theres no node/service running or listenning for a connection on my network?
From my understanding, and please correct me if im wrong, but a host, PC or the router, must be listenning for a connection on that port for it to be open?
Thanks for the reply
#11
Security / Port 6699 open on vodafone router
July 06, 2015, 08:10:00 AM
Hey guys, I have an usuaual situation here.
I have a vodafone router, It came default with open authentication to login to the web interface.
I have found port 6699 open, and I have been through, checked all NAT forwards, NAT translations and also if theres a DMZ specified. Ive also done a NAMP scan on all local hosts to see it any have listening connections on that port, none.
So, im thinking someone has gone in and opened port 6699 in the backend config. I would imagine this is quite easy with open login and a simple line of code executed with a backdoor or whatever.
My last resort which I haven't tried yet is to default the router, and hope that sorts the problem, but I live in a flat with 5 odd people so its kind of hard to find a opportunity to default the router.
Any Ideas? Should I be worried?
Cheers
I have a vodafone router, It came default with open authentication to login to the web interface.
I have found port 6699 open, and I have been through, checked all NAT forwards, NAT translations and also if theres a DMZ specified. Ive also done a NAMP scan on all local hosts to see it any have listening connections on that port, none.
So, im thinking someone has gone in and opened port 6699 in the backend config. I would imagine this is quite easy with open login and a simple line of code executed with a backdoor or whatever.
My last resort which I haven't tried yet is to default the router, and hope that sorts the problem, but I live in a flat with 5 odd people so its kind of hard to find a opportunity to default the router.
Any Ideas? Should I be worried?
Cheers
Pages1