IP Address Question

[Wide_Glide]

I had a friend ask me "What does 192.168.0.1 (8) mean?" I am at a complete loss as to what the "(8)" means. Any suggestions would be appreciated!

[DarkSnakeKobra]

Hi Wide Glide,

I just looked that up and comes up as an invalid IP Address. Possibly something is concealing the real IP Address. I'm not really sure this is just a random guess. Might want to get that pc checked out.

[Wide_Glide]

Thanks Button's I was concerned that it did have a hidden issue. He has been advised of what needs to be done.

[DarkSnakeKobra]

Good to hear.

[swagger]

192.168.x.x is a private address which is used on LANs behind routers. Something called NAT where multiple private IP addresses are mapped to 1 public IP address. I do not know what the (8) means however, sorry.

Regards,

Keith

[Wide_Glide]

Thanks, Keith

After doing a little research and finding this could be a DOS attack and by Buttons suggestion that this machine be checked out, I did suggest to the owner of it, start a new topic in the malware removal section here at the forum and let one of the Experts take a look at it. But have a not seen a new post of this nature. I tried

Thanks

Randy

[DarkSnakeKobra]

Thanks, Keith

After doing a little research and finding this could be a DOS attack and by Buttons suggestion that this machine be checked out, I did suggest to the owner of it, start a new topic in the malware removal section here at the forum and let one of the Experts take a look at it. But have a not seen a new post of this nature. I tried

Thanks

Randy

The good thing is you tried. Unfortunately, it seems that the machine is left in it's current state.

[CCMUA2009]

Hi all. Thanks to Wide Glide for posting my concern. Sometimes I'm not able to access the forums from work, they don't allow forums/message boards

Let me give some specs

Windows Vista 32bit home premium with vista service pack 2

HP desk top using Norton as realtime ( AV and firewall ) protection with on demand free version of malwarebytes, spybot S&D, and windows defender

Anyway the issue I have involves entries in my firewall log that show

Unused port blocking has allowed 192.168.0.1 (8)

this logs every 5 minutes or so

Now my firewall does show other IP addresses that are blocked for one reason or another, so I know the firewall is working

I also know that 192.168.0.1 is the assigned number to my DSL modem.

Two things throw me/have questions about:

1. Why is (8) at the end of 192.168.0.1?

Does the (8) at the end of 192.168.0.1 mean that it is connecting to my machine on port 8? My DSL modem is a Siemans speed stream 4100, so could it just be that the DSL Modem is randomly assigned to the port 8?

2. why does the entry show every 5 minutes in my firewall activity log?

In some ways it makes sense that the logging is just showing that my DSL modem is connecting to my machine (as I'm on DSL my computer is connected to the internet everytime its turned on). And for some reason the logging refreshes itself every 5 minutes?

Now let me also point out that my security logs also note any outbound connections from my computer and there are no outbounds that strictly coincide with every inbound firewall entry of 192.168.0.1

I have also checked my "network" set up and it just shows 1 pc, mine (checked this both throw Vista control and my Norton network security configuration) So there are no

other computers connected to mine.

Also all scans, only show tracking cookie, no spyware, virus, etc.

so if anyone can help me make sense of this, I'd be greatly appreciative. If I need to post this elsewhere, let me know

THANKS

[Wide_Glide]

Hello CCMUA2009 and glad to see you made it.

To have your computer checked out as they don't work on Malware removal or diagnostics in the general forums these are the areas to follow -

Please print out, read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available.

After posting your new post make sure under options that you select Track this topic and choose one of the Email options so that you're alerted when someone has replied to your post.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org

Thank You

[CCMUA2009]

Thanks all- Before I go through those steps, I"d like to throw something out there first.

I decided to do a little further exploration. I use Vista Home Premium 32 bit with vista service pack 2

I went to

Settings> Control Panel> Network and internet> Network and Sharing center

(this of course just showed my 1 PC as the only computer on the network)

Under network, I clicked the "view status" button/link. This brought up local area connection status

When I clicked on the details of this, there was a heading "Lease Expires" referring to the Ip assigned by my ISP

I notice that here the lease shows to expire just about every 5 minutes and then resets for another 5 minute interval.

Does it sound like this would be the answer as to why the 192.168.0.1 (80 seems to log in the firewall log every 5 minutes or so?

[Firefox]

Does the (8) at the end of 192.168.0.1 mean that it is connecting to my machine on port 8? My DSL modem is a Siemans speed stream 4100, so could it just be that the DSL Modem is randomly assigned to the port 8?

If it was connecting to port 8 it would show like this: 192.168.0.1:8

[CCMUA2009]

It seems like the logging with this firewall log shows all the ports as ( ) rather than :

It is the log of the antivirus/firewall program from Norton. Even on the internet connection logs it will show

for example

12.34.56.78 (443) or (80)

[Firefox]

great then they are ports in your computer....

[swagger]

I'm not familiar with what port 8 is... But that is concerning that your lease is set to expire every 5 minutes. That does not make good sense. Is the IP you are referring to the private IP address of your computer (ex 192.168.0.22) or the public IP address assigned from your ISP to your DSL modem (ex 68.12.31.265)? Also, in your setup, you don't have a router or anything? Just the DSL modem to your computer?

After a bit of research, now I know why I'm not familiar with port 8... It's not assigned to anything according to IANA. If that is supposed to be the port number, I would definitely get your computer checked out because your connection is communicating on unassigned well-known ports which doesn't happen very often or at all even.