cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ninakent2019
Beginner
728 Views
Message 1 of 2

bt business hub 6 hacked

does this log seem strange my devices and laptop have been acting strange

 

01:26:34 07 Mar. :HTTP UserAdmin login from 192.168.1.166 successfully
01:26:23 07 Mar. :HTTP UserBasic login from 192.168.1.166 successfully
01:26:11 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3601901936
01:25:41 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3601901936
01:25:35 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3600414352
01:25:05 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3600414352
01:24:06 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:23:15 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3600572592
01:22:45 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 [UNREPLIED] src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3600572592
01:22:38 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=146.88.240.4 DST=86.129.2.218 LEN=49 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=UDP SPT=58219 DPT=5683 LEN=29 MARK=0x8000000
01:22:23 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=BR_LAN src=192.168.1.254 DST=192.168.1.168 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=31363 DF PROTO=TCP SPT=36981 DPT=8060 WINDOW=281 RES=0x00 ACK PSH FIN URGP=0
01:22:09 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:21:11 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3601435920
01:20:41 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3601435920
01:20:34 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3602664336
01:20:04 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3602664336
01:18:15 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3602110768
01:17:59 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:17:45 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 [UNREPLIED] src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3602110768
01:16:10 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3602428720
01:15:51 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:15:40 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3602428720
01:15:34 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3654453968
01:15:04 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3654453968
01:13:47 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:13:47 07 Mar. wl1:IGMP group 224.0.1.187 on interface wl1 started by 192.168.1.176
01:13:47 07 Mar. wl1:IGMP group 224.0.1.187 on interface wl1 by 192.168.1.176 requested
01:13:15 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3578901264
01:12:45 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 [UNREPLIED] src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3578901264
01:12:17 07 Mar. : HTTP UserAdmin timeout from 192.168.1.166
01:11:10 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3656387184
01:10:40 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3656387184
01:10:37 07 Mar. BR_LAN:The DHCP options that are offered by the device (id:2): DiscoverOptions: | DiscoverOption55: | RequestOptions: 53 61 50 12 81 60 55 | RequestOption55: 1 3 6 15 31 33 43 44 46 47 119 121 249 252 | HostName: DESKTOP-MGHS174 | VendorId: MSFT 5.0
01:10:37 07 Mar. :DHCP Confirmation of Request
01:10:36 07 Mar. wl0:A WiFi device <34:F3:9A:9F:D5:DA> has successfully connected to SSID (Device/WiFi/SSIDs/SSID[WL_PRIV5G])
01:10:34 07 Mar. wl0:Device <34:F3:9A:9F:D5:DA> was disconnected on SSID (Device/WiFi/SSIDs/SSID[WL_PRIV5G])
01:10:33 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3600772048
01:10:05 07 Mar. wl1:IGMP group 224.0.1.187 on interface wl1 ended by 192.168.1.176
01:10:03 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3600772048
01:08:14 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3677752304
01:07:44 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 [UNREPLIED] src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3677752304
01:06:09 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3600757264
01:05:53 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f158:0082:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=60 TC=0 HOPLIMIT=54 FLOWLBL=0 PROTO=TCP SPT=443 DPT=38340 WINDOW=0 RES=0x00 RST URGP=0
01:05:52 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f158:0082:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=60 TC=0 HOPLIMIT=54 FLOWLBL=0 PROTO=TCP SPT=443 DPT=38340 WINDOW=0 RES=0x00 RST URGP=0
01:05:52 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f158:0082:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=60 TC=0 HOPLIMIT=54 FLOWLBL=0 PROTO=TCP SPT=443 DPT=38340 WINDOW=0 RES=0x00 RST URGP=0
01:05:45 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:05:39 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3600757264
01:05:33 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3602063824
01:05:03 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3602063824
01:04:55 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f129:0083:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=111 TC=140 HOPLIMIT=245 FLOWLBL=0 PROTO=TCP SPT=443 DPT=54790 WINDOW=134 RES=0x00 ACK PSH FIN URGP=0
01:03:52 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:03:14 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3577768272
01:02:44 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.64 dst=192.168.1.254 type=8 code=0 id=3458 [UNREPLIED] src=192.168.1.254 dst=192.168.1.64 type=0 code=0 id=3458 id=3577768272
01:02:25 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f158:0082:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=111 TC=140 HOPLIMIT=245 FLOWLBL=0 PROTO=TCP SPT=443 DPT=38340 WINDOW=122 RES=0x00 ACK PSH FIN URGP=0
01:02:24 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=221.237.162.111 DST=86.129.2.218 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=31727 DF PROTO=TCP SPT=40693 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000
01:02:24 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=193.113.11.77 DST=86.129.2.218 LEN=93 TOS=0x00 PREC=0x00 TTL=53 ID=60062 DF PROTO=TCP SPT=53060 DPT=54356 WINDOW=37752 RES=0x00 ACK PSH FIN URGP=0 MARK=0x8000000
01:02:23 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=193.113.11.77 DST=86.129.2.218 LEN=93 TOS=0x00 PREC=0x00 TTL=53 ID=60061 DF PROTO=TCP SPT=53060 DPT=54356 WINDOW=37752 RES=0x00 ACK PSH FIN URGP=0 MARK=0x8000000
01:02:23 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=193.113.11.77 DST=86.129.2.218 LEN=93 TOS=0x00 PREC=0x00 TTL=53 ID=60059 DF PROTO=TCP SPT=53060 DPT=54356 WINDOW=37752 RES=0x00 ACK PSH URGP=0 MARK=0x8000000
01:02:23 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=193.113.11.77 DST=86.129.2.218 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=60060 DF PROTO=TCP SPT=53060 DPT=54356 WINDOW=37752 RES=0x00 ACK FIN URGP=0 MARK=0x8000000
01:02:15 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=ppp1 src=86.129.2.218 DST=193.113.11.77 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=38542 DF PROTO=TCP SPT=54356 DPT=53060 WINDOW=18870 RES=0x00 ACK PSH FIN URGP=0 MARK=0x71
01:02:14 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=ppp1 src=86.129.2.218 DST=193.113.11.77 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=38541 DF PROTO=TCP SPT=54356 DPT=53060 WINDOW=18870 RES=0x00 ACK PSH FIN URGP=0 MARK=0x71
01:02:13 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=ppp1 src=86.129.2.218 DST=193.113.11.77 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=38540 DF PROTO=TCP SPT=54356 DPT=53060 WINDOW=18870 RES=0x00 ACK PSH FIN URGP=0 MARK=0x71
01:02:13 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=ppp1 src=86.129.2.218 DST=193.113.11.77 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=38539 DF PROTO=TCP SPT=54356 DPT=53060 WINDOW=18870 RES=0x00 ACK PSH FIN URGP=0 MARK=0x71
01:02:13 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=ppp1 src=86.129.2.218 DST=193.113.11.77 LEN=93 TOS=0x00 PREC=0x00 TTL=64 ID=38538 DF PROTO=TCP SPT=54356 DPT=53060 WINDOW=18870 RES=0x00 ACK PSH URGP=0 MARK=0x71
01:01:23 07 Mar. :FIREWALL --INPUT_DROP--IN=ppp1 OUT= MAC= src=180.149.126.246 DST=86.129.2.218 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=54321 PROTO=TCP SPT=61614 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
01:01:16 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:01:09 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3600443056
01:01:06 07 Mar. :FIREWALL --OUTPUT_DROP--IN= OUT=BR_LAN src=192.168.1.254 DST=192.168.1.255 LEN=256 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=236
01:00:39 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.65 dst=192.168.1.254 type=8 code=0 id=3477 [UNREPLIED] src=192.168.1.254 dst=192.168.1.65 type=0 code=0 id=3477 id=3600443056
01:00:33 07 Mar. :PORT FORWARDING [DESTROY] ipv4 2 icmp 1 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3656713552
01:00:04 07 Mar. wl1:IGMP join received for group 224.0.1.187 on interface wl1
01:00:04 07 Mar. wl1:IGMP group 224.0.1.187 on interface wl1 started by 192.168.1.176
01:00:04 07 Mar. wl1:IGMP group 224.0.1.187 on interface wl1 by 192.168.1.176 requested
01:00:03 07 Mar. :PORT FORWARDING [NEW] ipv4 2 icmp 1 30 src=192.168.1.175 dst=192.168.1.254 type=8 code=0 id=560 [UNREPLIED] src=192.168.1.254 dst=192.168.1.175 type=0 code=0 id=560 id=3656713552
00:59:11 07 Mar. :FIREWALL --FORWARD_DROP--IN=ppp1 OUT=BR_LAN MAC= src=2a03:2880:f158:0082:face:b00c:0000:25de DST=2a00:23c7:ea86:2800:34f8:fdd2:8cff:4ab1 LEN=111 TC=140 HOPLIMIT=245 FLOWLBL=0 PROTO=TCP SPT=443 DPT=38286 WINDOW=124 RES=0x00 ACK PSH FIN 

0 Ratings
Reply
1 REPLY 1
Keith_Beddoe
Distinguished Sage
Distinguished Sage
693 Views
Message 2 of 2

Re: bt business hub 6 hacked

@ninakent2019 

Try posting on the Business forum https://business.forums.bt.com/

This is the residential forum.

Thanks

 

0 Ratings
Reply