cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
shamus1
Expert
2,789 Views
Message 1 of 4

remote administration

Go to solution

hi can anyone tell me why bt are trying to remote administration  my so many times of the day or night,heres a list of a few but these are logged all day and night?

13:22:01, 29 Nov.wlan1: STA f0:db:f8:b2:67:a6 IEEE 802.11: Client associated
13:09:18, 29 Nov.IN: BLOCK [16] Remote administration (TCP 208.85.5.66:29033-​>86.179.189.230:80 on ppp0)
13:01:27, 29 Nov.IN: BLOCK [16] Remote administration (TCP 61.174.50.252:6000-​>86.179.189.230:22 on ppp0)
12:35:49, 29 Nov.IN: BLOCK [16] Remote administration (TCP 208.85.5.66:16876-​>86.179.189.230:80 on ppp0)
12:33:56, 29 Nov.IN: ACCEPT [57] Connection closed (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [2.122.148.4:1024] ppp0 NAPT)
12:18:32, 29 Nov.IN: ACCEPT [54] Connection opened (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [90.194.127.54:3074] ppp0 NAPT)
12:14:49, 29 Nov.IN: ACCEPT [54] Connection opened (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [2.122.148.4:1024] ppp0 NAPT)
12:11:22, 29 Nov.IN: ACCEPT [57] Connection closed (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [151.228.118.52:3074] ppp0 NAPT)
11:57:23, 29 Nov.IN: ACCEPT [54] Connection opened (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [151.228.118.52:3074] ppp0 NAPT)
11:51:37, 29 Nov.IN: BLOCK [16] Remote administration (TCP 218.77.79.43:45667-​>86.179.189.230:8080 on ppp0)
11:48:32, 29 Nov.(481894.020000) Lease for IP 192.168.1.88 renewed by host davids-​PC (MAC b4:74:9f:84:64:32). Lease duration: 1440 min
11:48:32, 29 Nov.(481894.020000) Device connected: Hostname: davids-​PC IP: 192.168.1.88 MAC: b4:74:9f:84:64:32 Lease time: 1440 min. Link rate: 65.0 Mbps
11:48:32, 29 Nov.(481893.980000) Lease requested
11:48:29, 29 Nov.wlan0: STA b4:74:9f:84:64:32 IEEE 802.11: Client associated
11:29:16, 29 Nov.IN: ACCEPT [57] Connection closed (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [37.2.156.120:3074] ppp0 NAPT)
11:26:59, 29 Nov.IN: BLOCK [16] Remote administration (TCP 119.15.168.20:53265-​>86.179.189.230:80 on ppp0)
11:25:28, 29 Nov.IN: BLOCK [16] Remote administration (TCP 220.135.2.194:53864-​>86.179.189.230:80 on ppp0)
11:20:34, 29 Nov.IN: BLOCK [16] Remote administration (TCP 218.76.52.50:48254-​>86.179.189.230:443 on ppp0)
11:14:57, 29 Nov.IN: ACCEPT [54] Connection opened (Port Forwarding: UDP 192.168.1.66:28094 <-​-​>86.179.189.230:28094 [37.2.156.120:3074] ppp0 NAPT)
11:12:35, 29 Nov.(479736.840000) Device disconnected: Hostname: Lewiss-​iPhone IP: 192.168.1.69 MAC: f0:db:f8:b2:67:a6
11:12:33, 29 Nov.wlan1: STA f0:db:f8:b2:67:a6 IEEE 802.11: Client disassociated
11:10:35, 29 Nov.(479616.730000) Device disconnected: Hostname: davids-​PC IP: 192.168.1.88 MAC: b4:74:9f:84:64:32
11:10:34, 29 Nov.wlan0: STA b4:74:9f:84:64:32 IEEE 802.11: Client disassociated
11:09:42, 29 Nov.(479563.580000) Lease for IP 192.168.1.69 renewed by host Lewiss-​iPhone (MAC f0:db:f8:b2:67:a6). Lease duration: 1440 min
11:09:42, 29 Nov.(479563.580000) Device connected: Hostname: Lewiss-​iPhone IP: 192.168.1.69 MAC: f0:db:f8:b2:67:a6 Lease time: 1440 min. Link rate: 90.0 Mbps
11:09:42, 29 Nov.(479563.530000) Lease requested
11:09:41, 29 Nov.wlan1: STA f0:db:f8:b2:67:a6 IEEE 802.11: Client associated
10:52:08, 29 Nov.IN: BLOCK [16] Remote administration (ICMP type 8 code 0 198.20.99.130-​>86.179.189.230 on ppp0)
10:42:20, 29 Nov.IN: BLOCK [16] Remote administration (TCP 122.225.109.194:6000-​>86.179.189.230:22 on ppp0)
10:24:40, 29 Nov.IN: BLOCK [16] Remote administration (TCP 218.2.0.128:6000-​>86.179.189.230:22 on ppp0)
0 Ratings
Reply
3 REPLIES 3
Distinguished Sage
Distinguished Sage
2,779 Views
Message 2 of 4

Re: remote administration

Go to solution

Its not BT, it just other worldwide Internet users trying to access your home network. The home hub firewall is blocking these attempts.

If you enter the IP address in this website, you can see which country it originates from.

 

https://apps.db.ripe.net/search/query.html#resultsAnchor

 

Here is the result for the first one.

inetnum:         208.85.0.0 - 208.85.7.255
org: TURNK-1
netname: TURNKEY-INTERNET
status: ALLOCATION
remarks: http://www.turnkeyinternet.net

 

If you are in an online game, or torrent, then everyone can see you public IP address, and attack it.

 

The fact that you have port forwarding enabled, would indicate that you are involved in that sort of activity.

 

shamus1
Expert
2,771 Views
Message 3 of 4

Re: remote administration

Go to solution

thankyou keith nice straight answer,is it safe then and ok,thanks again.

 

0 Ratings
Reply
Distinguished Sage
Distinguished Sage
2,763 Views
Message 4 of 4

Re: remote administration

Go to solution

Nothing to worry about.