network card hacked?

S

SpitefulPentium

Disciple
I am not sure but is my network card hacked?
I had a cheapo Realtek (RTL8139D) card got with my tata connection
I had left my pc on for a while (when I was not around). When I started IE/FF it gave me a message "Holycow (192.168.1.101) is managing this device".

I thought this would have screwed up with that XP installation and so I started another XP installation on a diff HDD but in the same setup.
Here too IE gives me this message leading me to believe that the network card may be hacked or whatever. I removed the card am using the on board nVidia device.

I could see this machine in NN with his ip address and could also access his PC. all shared folders could be accessed.

so three Qs:
1. is the card gone?
2. how do I improve protection so such things dont happen?
3. <REVENGE>can someone help me with a script which will erase/screw up his stuff and then display a message? I want to do this </REVENGE (is sweet)>:eek:hyeah:
 
SpitefulPentium said:
UPDATE: i'm having an ADMtek card which works fine. I again installed the realtek card removing the admtek card. same holycow message in IE.
Click to expand...

then how do you explain this? and this is on new XP installation which was not on when this happened.
so whats the problem then?
 
how did u do the new xp installation?

format & install fresh copy or installed over the previous installation...?

& how abt the drivers for the NIC??...xp default or u installed a 3rd party drivers??
 
^^ i had installed the xp on a diff hdd a week back. the hdd was in the same setup. so i booted to that xp installation and checked the NIC.so in IE it gave me the holy cow sh!t.

drivers for NIC were default i guess. but it has recognised the NIC as Realtek yada yada.

now am usingthe on board nvidia
 
^u can spoof the mac id using some tools..but everytime you reinstall a os...u would have to spoof it again & again....;)

i dont recommend it...but ya..it is a solution..

p.s: google for the software..i dont remeber the software name..
 
dont go for spoofing spoofing is one of the highly critical things.
you may just end up with improper handshake and a messed up packet moving nowhere.
what i'll suggest you is try a nesus scan and see also post the ipconfig /all.
are you udner NAT? if thats the scenario maybe someone really is making fun but eh y dont u just block the address.
or just change the card and use a firewall.
i think better option wud be to filter all tcp/ip packets before run a nmap o nesus scan or a languard scan and ban all the local ip ranges using a firewall. i hope 192.168.1.101 isnt ur dns :p then u cant ban the ip just tell the damn admin.
and yea one more thing r u by anychance using tht 24 online shit?
 
x86 said:
dont go for spoofing spoofing is one of the highly critical things. you may just end up with improper handshake and a messed up packet moving nowhere.
Click to expand...

ok. anyways I'm not much of a n/w guru. so wont venture into this. all i want is a solution and revenge if it is a prank :evil:

x86 said:
what i'll suggest you is try a nesus scan and see also post the ipconfig /all. are you udner NAT? if thats the scenario maybe someone really is making fun but eh y dont u just block the address.
or just change the card and use a firewall.
Click to expand...
using ZA as firewall. and 192.168.1.0/255.255.255.0 is shown as a netword in ZA. I'm not under NAT. will try blocking that address. changed the card to admtek and that works fine. reinstalled the realtek and is still showed the holycow message.

UPDATE: i wasn't able to browse yesterday at all. but now the message in both browsers was 192.168.1.30 is managing this device. I've contacted the tata CC and hopefully some *cough*knowledgable engineer shows up today.
this message was for the realtek card.

x86 said:
i think better option wud be to filter all tcp/ip packets before run a nmap o nesus scan or a languard scan and ban all the local ip ranges using a firewall. i hope 192.168.1.101 isnt ur dns :p then u cant ban the ip just tell the damn admin.
and yea one more thing r u by anychance using tht 24 online shit?
Click to expand...

i tried Kerio yesterday but its too confusing (maybe i'm used to ZA).
I cant post any ipconfig screenies as i cant get online. but the funniest part is that I was able to download updates for Adaware.

24hr online meaning keeping the pc on 24hrs or that always online stuff where you dont have to login at all. anyway its neither. I just keep it on when using it.
 
Back
Top