Forum1.netgear.com

LAN access from remote (WNDR3300)

2016-01-13

Hi All,

I am absolutely no networking guru and only recently began "playing around" with my router (an older device WNDR3300 that I bought in 2009/ 2010) and looking at the logs, during which I discovered some bothersome log entries:

[LAN access from remote] from 178.26.204.154:11232 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:29:05
[LAN access from remote] from 93.212.223.231:28967 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:28:47
[LAN access from remote] from 75.103.2.154:32690 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:27:27
[LAN access from remote] from 78.207.34.2:11153 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:26:36
[LAN access from remote] from 31.16.180.26:8421 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:26:20
[LAN access from remote] from 98.114.31.139:15969 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:26:02
[LAN access from remote] from 157.55.130.154:40032 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:23:55
[LAN access from remote] from 101.174.128.218:55053 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:22:58
[LAN access from remote] from 101.174.128.218:52382 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:22:58
[LAN access from remote] from 89.149.127.209:25879 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:22:23
[LAN access from remote] from 188.222.236.116:2370 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:21:55
[LAN access from remote] from 5.168.111.179:58158 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:20:05
[LAN access from remote] from 93.188.28.236:2972 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:19:50
[LAN access from remote] from 46.5.2.160:37709 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:18:01
[LAN access from remote] from 46.5.2.160:39626 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:18:01
[LAN access from remote] from 46.5.121.80:51876 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:15:24
[LAN access from remote] from 65.55.223.29:40027 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:14:34
[LAN access from remote] from 94.218.116.57:58925 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:09:07
[LAN access from remote] from 94.223.84.79:43907 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:09:06
[LAN access from remote] from 64.4.23.142:40007 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:08:49
[LAN access from remote] from 94.218.116.57:55699 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:08:16
[LAN access from remote] from 94.223.84.79:43882 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:08:16
[LAN access from remote] from 94.218.116.57:27817 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:08:08
[LAN access from remote] from 94.223.84.79:43877 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:08:07
[Admin login] from source 10.0.0.3, Wednesday, Jan 13,2016 21:07:50
[LAN access from remote] from 157.55.235.166:40025 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:07:44
[LAN access from remote] from 89.149.127.209:25879 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:06:51
[LAN access from remote] from 188.222.236.116:31714 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:06:12
[LAN access from remote] from 31.16.180.26:8421 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:06:11
[LAN access from remote] from 71.185.230.34:5469 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:05:34
[LAN access from remote] from 189.203.135.2:54601 to 10.0.0.3:29524 Wednesday, Jan 13,2016 21:02:30
[LAN access from remote] from 78.173.144.205:55399 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:59:49
[LAN access from remote] from 78.173.144.205:32770 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:59:45
[LAN access from remote] from 81.169.67.129:10744 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:57:00
[Admin login] from source 10.0.0.3, Wednesday, Jan 13,2016 20:54:37
[LAN access from remote] from 188.247.79.251:33864 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:52:32
[LAN access from remote] from 188.247.79.251:33994 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:52:30
[LAN access from remote] from 88.67.167.211:37138 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:52:29
[LAN access from remote] from 88.67.167.211:58128 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:52:12
[LAN access from remote] from 88.67.167.211:32702 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:51:56
[LAN access from remote] from 88.67.167.211:36644 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:51:56
[LAN access from remote] from 186.210.47.156:34665 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:50:07
[LAN access from remote] from 186.210.47.156:51414 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:50:07
[LAN access from remote] from 176.10.205.223:45504 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:50:00
[LAN access from remote] from 188.222.236.116:49314 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:45:35
[LAN access from remote] from 85.76.36.172:49906 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:39:40
[LAN access from remote] from 88.111.145.154:63898 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:36:26
[LAN access from remote] from 88.111.145.154:5696 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:36:26
[LAN access from remote] from 188.104.222.51:16976 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:36:01
[LAN access from remote] from 98.114.31.139:60045 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:55
[LAN access from remote] from 98.114.31.139:39698 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:55
[LAN access from remote] from 190.146.40.76:65148 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:55
[LAN access from remote] from 190.146.40.76:61971 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:54
[LAN access from remote] from 188.104.222.51:60204 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:54
[LAN access from remote] from 82.143.65.106:55950 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:54
[LAN access from remote] from 188.104.222.51:63470 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:54
[LAN access from remote] from 82.143.65.106:57695 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:54
[LAN access from remote] from 81.169.67.129:10744 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:31
[LAN access from remote] from 67.185.146.20:1039 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:26
[LAN access from remote] from 82.241.164.232:31616 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:24
[LAN access from remote] from 82.241.164.232:55037 to 10.0.0.3:29524 Wednesday, Jan 13,2016 20:35:24
[UPnP set event: Public_UPNP_C5] from source 10.0.0.3, Wednesday, Jan 13,2016 20:35:18

I ran a search for some of the IP addresses and noticed that these are spread all over the world (Belgium, Russia, China, Jordan, etc.)

As I said, I am absolutely no network guru and have absolutely no idea what these entries mean. Do the LAN access from remote entries imply that someone is "fiddling about" on my network? Does it mean that my PC is, i.e. all the devices connected to my network are vulnerable to attacks? Most of all, how can I set my configuration to ensure that nobody can infiltrate my network/ pc? I work from a home office and would like to be able to ensure that my company data is safe.

Also I do not understand what this UPnP set event means???? I do have a chromecast connected to the network and my smart phone, i.e. a PS3 (which is virtualy always switched off, as I do not have time to play anymore). I understood from other posts that this event can be triggered by torrent applications, which I do not use to my knowledge), or might this have something to do with Skype and the likes?

Any help/ advice would be highlöy appreciated. Given my state of paranoia, I ran a full system scan with Kaspersky and there were no threats detected.

I am absolutely lost on this one and would really appreciate some guidance/ advice.

Thanks,

ibaka

PS: in the meantime I have figured out how to deactivate UPNP, but I am still get the remote access log entries. No I am really starting to get worried, especially in the light of the fact that the device that is being accessed is my main laptop.... please help me. Thx!