Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Trace route leads me to an unknown router login

Johanbrown
Tuning in

on ‎13-04-2022 00:50

Hello, I ask for some advice, assurance or explanation as to why there is an unknown router which (I think) is connected to my network.

I have / am still suffering privacy and fraud issues and I know that digging for answers combined with my lack of computer/ network knowledge may result in me worrying about something that is normal, hence my post on here to conclude my worries.

my router would not login as usual. It was trying a 169.254.105.50 IP address and not connecting 

4377C4AB-ADED-44A4-960A-8C1201022E41.png

So….. I input the normal 192.168 IP’s and o connected to the internet. 

5D4663F0-60AA-449C-899E-8F6E3EE8D499.png

I did a scan on network Analyzer app of the home network. Not sure why but I increased the search range from only 192.168 addresses to 192.168 to 194.8.255.255 

the dns server for virgin is 194.168.8.100 so my thoughts were to include that for some reason. 
the results were as follows 

AE549098-53C8-4690-BF56-7D679615FA78.jpeg

The blue w on the right of the circled address means it has a web interface . I followed this …. 

99FB79C2-C502-40D4-9539-40E45309DD2B.jpeg

It lead me to this login page 

92BD0AFE-67AD-4D79-8CA5-6D4B0B6903BB.png

 then 5 min later I followed it and it lead me to this log in screen

4457C12A-4041-4ACF-A610-AAFB865010C0.png

 is this normal?

is this secure?

Am I exposed?

can the location of this router be traced?

I look forward to your advice

thanks ever so much 

Johan 

 

 

0 Kudos
4 REPLIES 4

Tudor
Very Insightful Person
Very Insightful Person

on ‎13-04-2022 01:33

A 169.x.x.x address is because the station  isn't able to communicate with the DHCP server, something called Automatic Private IP Addressing (APIPA) kicks in.

You need to check the settings in your router and make sure the VM hub is in modem mode.


Tudor
There are 10 types of people: those who understand binary and those who don't and F people out of 10 who do not understand hexadecimal c1a2a285948293859940d9a49385a2
0 Kudos

Johanbrown
Tuning in
In response to Tudor

on ‎13-04-2022 02:23

Thanks for the reply 

I logged in and hub is on router mode.

hopefully once the screenshots are visible/ validated you can assist further 

thanks 

Johan 

0 Kudos

Johanbrown
Tuning in
In response to Johanbrown

on ‎13-04-2022 02:28

There are 2 web interfaces now showing 

 

7B45984C-49A0-4E0D-A7F6-63CDFEC1636D.png

E8130422-B6A2-4158-9E9D-86AF71F070A5.png

6A9F3A7A-C8F3-44A7-8E8F-01CFFD08D5E4.jpeg

 

 

 

 

 

0 Kudos

g0akc
Problem sorter
In response to Johanbrown

‎13-04-2022 09:11 - edited ‎13-04-2022 09:18

The host at http://194.168.255.124/ appears to be a device within or connected to the VM network - I can reach it from here - it's a brand I would associate with Video and security cameras.  A virgin customers security camera?

194.168.255.98 is a Draytek Router - also on the VM network - likely a customers router.

These appear to be public fixed IP addresses assigned to VM customers with devices on.

You are scanning part of the public internet - not just your own network - not surprising you will find hosts on it.

It is not that your network has been compromised.

 

 

------------------------------------------------------------------------------------------------------------------------------
I know a bit about Wi-Fi, Telecoms, and TV as I used to do it for a living but I'm not perfect so don't beat me up... If you make things you make mistakes!
0 Kudos
Top