A strange IP address in my network!!

**thorin** · 11-05-2009, 02:14 PM

Well I might make the following shade of grey suggestion. IANAL but I'd argue the following.

192.168.x.x falls within RFC1918 therefore you should have no exectation of it being a remote system (you should fully expect it to be local) therefore knowing that it has telnet running there's no reason you shouldn't attempt to telnet to the device/system. If once you telnet you receive a banner saying "authorized people only...." kind thing then obviously disconnect but the telnet banner might give you some useful info as to who/what the device/system is.

@ Gitsnik et al re: Law WRT port scanning etc
The following might help:
Canadian Criminal Code (C-46, Code Section 326) Theft of Telecomunication Services
Canadian Criminal Code (C-46, Code Section 430) Mischief in relation to data
State Hacking Laws
10 ways you might be breaking the law with your computer

**generaluser123** · 11-05-2009, 06:31 PM

But what if you think this device maybe the embedded telnet application in some of your machines? Thats why you do trace route.

Originally Posted by thorin

Well I might make the following shade of grey suggestion. IANAL but I'd argue the following.

192.168.x.x falls within RFC1918 therefore you should have no exectation of it being a remote system (you should fully expect it to be local) therefore knowing that it has telnet running there's no reason you shouldn't attempt to telnet to the device/system. If once you telnet you receive a banner saying "authorized people only...." kind thing then obviously disconnect but the telnet banner might give you some useful info as to who/what the device/system is.

@ Gitsnik et al re: Law WRT port scanning etc
The following might help:

**spawn** · 11-05-2009, 08:09 PM

Originally Posted by streaker69

Chances are, your ISP is doing some funky NAT work using the 192.168.x.x network

I agree too

**thorin** · 11-05-2009, 09:01 PM

Originally Posted by generaluser

But what if you think this device maybe the embedded telnet application in some of your machines? Thats why you do trace route.

If I thought it was one of my machines (which is a reasonable assumption based on RFC1918 address space), I'd simply go ahead and connect. No need to traceroute.

**jlxsolutions** · 11-05-2009, 09:37 PM

Considering the ports, Ip and data received that most probably is Wifi acces point.
And about port scanning in finland that is a criminal offense equal to tresspassing.
running actual exploits would be = to breaking an entry.

BackTrack Linux - Penetration Testing Distribution

Thread: A strange IP address in my network!!

Thread Tools

Search Thread

Display

Well

Posting Permissions