IP - I am Confused as to how I can have two

Discussion in 'other security issues & news' started by Cyborg, Jul 17, 2005.

Thread Status:
Not open for further replies.
  1. Cyborg

    Cyborg Registered Member

    Joined:
    Dec 8, 2003
    Posts:
    78
    Hi Guys,

    This post also appears in the Port Explorer area but maybe it is also a general Wilders Issue.

    "I assume the IP that is shown in Port Explorer as "Local Address" is mine?

    I had problems earlier logging onto Wilders Security - I forgot my password and got timed ou and had to wait 15 minutes. I received an E-mail from Wilders telling me that:-

    " Cyborg,

    Your account on Wilders Security Forums has been locked because someone has
    tried to log into the account with the wrong password more than 5 times. You
    will be able to attempt to log in again in another 15 minutes.

    The person trying to log into your account had the following IP address:
    62.252.***.*" I pinged this IP and it took 4 hops with an average 18ms.

    I have blanked out the last 4 digits for now.

    My IP starts 81.9 etc etc and I have pinged it and I get 0ms.

    I put the IP 62.252 etc into Arin Search and got the following:-

    Search results for: 62.252.***.*


    OrgName: RIPE Network Coordination Centre
    OrgID: RIPE
    Address: P.O. Box 10096
    City: Amsterdam
    StateProv:
    PostalCode: 1001EB
    Country: NL

    ReferralServer: whois://whois.ripe.net:43

    NetRange: 62.0.0.0 - 62.255.255.255
    CIDR: 62.0.0.0/8
    NetName: RIPE-C3
    NetHandle: NET-62-0-0-0-1
    Parent:
    NetType: Allocated to RIPE NCC
    NameServer: NS-PRI.RIPE.NET
    NameServer: SEC1.APNIC.NET
    NameServer: SEC3.APNIC.NET
    NameServer: NS2.NIC.FR
    NameServer: SUNIC.SUNET.SE
    NameServer: AUTH03.NS.UU.NET
    NameServer: TINNIE.ARIN.NET
    Comment: These addresses have been further assigned to users in
    Comment: the RIPE NCC region. Contact information can be found in
    Comment: the RIPE database at http://www.ripe.net/whois
    RegDate: 1997-04-25
    Updated: 2004-03-16

    # ARIN WHOIS database, last updated 2005-07-16 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.

    Can you tell me what is going on here? Every now and again my Hard Drive clicks in as it did the other day after I have been online banking and was whirring away like crazy. I felt a chill go down my spine as though I was being hacked and pulled the plug on my Internet Connection.

    Is there something I am getting confused with here but why would a "false" IP come from Wilders to me in an E-mail?

    Can you advise - thanks :doubt:

    My ISP is NTL in the UK by the way.
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    That is not a false IP address. Your ISP uses a cache server (like many do) and the 62.252.*.* address is from your ISP. You project that IP address to websites you visit because of how your ISP works. It is one of your IP addresses, so it is not false.

    You also have a real IP address, the 81.97.*.* address, but, most websites see your ISP's cache server instead. Now, the email was sent because, as you said, you failed to login here, (you forgot your password and tried several time to sign on). When you fail 5 times, an email goes out to the email address on file for your account and it states the IP address that was the source of the failures. In your case, it passed the cache server at ntli.net as the source rather than your real public IP address.
     
  3. Cyborg

    Cyborg Registered Member

    Joined:
    Dec 8, 2003
    Posts:
    78
    Thank you LowWaterMark for the quick response.

    As always, and as I remember from when I have been in need before, the excellence of knowledge and response from members that you find within these forums has no equal. :)
     
  4. Cyborg

    Cyborg Registered Member

    Joined:
    Dec 8, 2003
    Posts:
    78
    Hello again LowWaterMark,

    What I forgot to mention is that I have on several occassions during the past few days heard the "beep" that you get when a download has completed. The problem I have with this is that I am not downloading.

    I heard the "beep" when I was actually in the middle of replying to Jooske about another post I made. I am logged onto Wilders via IE but I have heard this when I have been on Team Speak or also in a game.

    Any ideas on what this could be given that I am already concerned about the extra activity on my hard drive.

    I have recently written to Tony Blair by E-mail, in respect of how I feel he has turned a blind eye to protests on the streets of London where extremists have threatened the security of the UK and that the police did nothing but watch and film them. This is not a political topic but I am just pointing this out as could it be that what is going on now with my hard drive and that the random "beeps" could be activity that is unwarranted.

    I read a thread somewhere that mentioned about government operatives may have access to private user's accounts and this will negatively impact one's personal Internet computing security/privacy. Is this a classic case or me being Paranoid? Its not as though I have anything to hide otherwise I would not have given him my real name and e-mail address now would I, and I would have kept my opinions to myself.

    Maybe that is my answer and this accounts for the somewhat bizarre behaviuor from my Hard Drives and the untimely "beeps" as what appears to be a "Ghost" download is completed.

    If I have an univited audience I may as well express some curtesy and say Hi Tony, :D

    This thread can be deleted if so desired or moved to another area but it seems to me to be a valid concern.
     
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hi,
    Let's say they have access to some account. So what? You can have dozens of email addresses, each with different names and countries, whatever you feel like providing. And even if someone knew it was you, they would need a fleet of analysist to work with the millions of terabytes of info transfered every second. And even if someone could use your data, what do you have to fear. Are you a pedophille? Are you a serial killer who keeps a blog of his deeds?
    The truth is, if ever the government wants to nail you, they'll do it with or without evidence (remember the movie in the name of the father, ira bombings, for instance?). You can be as guilty as hell or as innocent as a . . . puppy, and it won't matter a bit if someone decides to crucify you. And if someone wants to read your mails . . . well . . . I could not think of anything more boring (not you personally). Relax.
    Mrk
     
  6. Cyborg

    Cyborg Registered Member

    Joined:
    Dec 8, 2003
    Posts:
    78
    Hi Mrk,

    The answer on all charges is no, I am a parent first and foremost and a gamer secondly. :eek:

    You missed the reason for my concern in that you could take out the word "government operatives" and put in "account hackers." I went off topic but my message was clear from my first post where I said,

    "Can you tell me what is going on here? Every now and again my Hard Drive clicks in as it did the other day after I have been online banking and was whirring away like crazy. I felt a chill go down my spine as though I was being hacked and pulled the plug on my Internet Connection."

    That is what I said.

    You said, "Let's say they have access to some account," which is exactly what is bothering me - could it be that somebody has access to my PC be it via a "key logger" etc which is why I asked in my first post why I had two IP's.

    I am concerned as I have mentioned before in another post, that what I am currently using for security is not sufficient i.e. no Firewall apart from XP SP2. I have no anti-virus since Zone Alarm Security Suite went pear shaped in that it stopped me gaining access to MSN chat and so I removed it. I need to keep in touch with friends and relatives via MSN, as I am unable to go out due to disability so it was a case of I had no option, as my MSN contacts are a lifeline for me. I should not have sat around waiting to be infected however and should have put my hand into my pocket and splashed out on a replacement for ZASS. Something that works with MSN 7.0 without the glitches.

    I am not concerned about the content of my E-Mails although I wish I had something that was 100% cool with both IE and MSN in taking out the Spam. All I want to see in my inbox is mail that is supposed to be there i.e. from friends or known contacts. Also I have concerns as to what mail is coming to and from my children who share the PC - one is nearly 19 (not so much of a kid these days) the other is 14.

    That is the main reason for my concern and why I should have not perhaps mentioned the political issue because some people get overly excited :rolleyes: but that was meant to be as an example of how others can gain access to personal data. Online Banking is something I stayed away from before but now I have no option but I still do not feel secure even though the banks tell me that it is fool proof.

    I have TDS-3, Trojan Hunter, SpywareBlaster, Ad-Aware, Trojan Hunter Guard, SpyBot, Hijack This, CCleaner, XP SP2 Firewall and Port Explorer. The firewall is always on and I use the other software on a daily basis. I know I need better Firewall and Anti-Virus software and maybe a Router will be an option to my security.

    Next time I think I will just say in my post, "When my hard drive starts working hard and I get mysterious beeps could this be a sign that somebody has control of my PC and could I tell by using Port Explorer and what should I do to rule out anything suspicious." :p
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    For starters XP's Firewall has NO outbound alerts, this I would remedy immediately, with something like ZoneAlarm FREE.

    You can see various setups and further links to security discussions within the link of my signature.

    Hope this helps…

    Cheers :D
     
  8. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    HI cyborg.....

    Blackspear's suggestion re firewall is a good one, but also, seeing as you already have PE, it should give you an overview of who/what proggies are calling out.

    Looking at the colours of the entries just for starters for example, they give a good indication of what is going on.

    Blue = System
    Black = Normal
    Red = Hidden and it's these that you need to check thoroughly, to see if you know what they are ~ see pic, I have a 'hidden' one, but I know what it is, so don't worry about it.

    Then you can simply look at the Remote addresses being shown, and of course Resolve those and see what's server it's going to. In my case the one I marked in red goes to my ISP addy.

    PE is a powerful tool on it's own to find out what calls out from your PC.

    Still, having a FW is a good idea other than XP's.

    Cheers, TAS
     

    Attached Files:

Loading...
Thread Status:
Not open for further replies.