Help - Unknown IP in network , Hacked ??

kuduku

Skilled
I am using BNSL 3G in Huawei e5573s hotspot .
Hotspot IP 192.168.8.1
Only 2 devices connected to hotspot
hu.jpg


but i am able to ping 192.168.1.1 , the address doesnt open in browser .
Tried telnet on default port , did not connect .Ftp asks for username and pwd
To whom does this belong ?
BSNL gateway somewhere in between or i have got hacked ?

hu1.jpg
 
bro i believe ur hotspot is unlocked. when it is not locked it is in 192.168.1.1 but when it's unlocked , it goes to 192.168.8.1 but it goes through 192.168.1.1 so it's all fine. if you are trying to go to router settings, then that will be 192.168.8.1 for you. dn't worry abt 192.168.1.1 as i think it is somehow creating a tunnel (or may be something like that) for unlocking process or might be acting like a localhost for unlocking process.
 
bro i believe ur hotspot is unlocked. when it is not locked it is in 192.168.1.1 but when it's unlocked , it goes to 192.168.8.1 but it goes through 192.168.1.1 so it's all fine. if you are trying to go to router settings, then that will be 192.168.8.1 for you. dn't worry abt 192.168.1.1 as i think it is somehow creating a tunnel (or may be something like that) for unlocking process or might be acting like a localhost for unlocking process.
thanks
yes its unlocked
so will change IP range to 192.168.1.1 subnet
 
thanks
yes its unlocked
so will change IP range to 192.168.1.1 subnet
don't as it won't remain unlocked afaik. just don't try to mess something which u don't know how to revert back. your hotspot is working perfectly, why fix something which is not broken.
 
don't as it won't remain unlocked afaik. just don't try to mess something which u don't know how to revert back. your hotspot is working perfectly, why fix something which is not broken.
Mine is permanently unlocked and doesnt get locked by IP set change
Was earlier on 192.168.1.1 only but changed due to another router with same IP
thanks
 
I dont think its an internal IP, as the response time is too high for the ping. Do run a tracert to see if it is something in the middle- especially if you have multiple hops.
 
Also post a tracert to google dns - 8.8.8.8 or 8.8.4.4, L3 - 4.2.2.2 and open DNS and see if the same entries pop up.
check this and same for OPENDNS Ip also -
2.jpg

If you try to access http://www.huaweimobilewifi.com/ it doesn't seem to be opening, it could be something internal in your hotspot, similar to router.asus.com will open up the router homepage without any connectivity to Internet
Its internal , opens up 192.168.8.1 , my router page[DOUBLEPOST=1508296990][/DOUBLEPOST]
I think bad route configuration on bsnls end. Why 192.168.1.1 needs to route once it leaves the gateway.
Its seems its internal and external IP both , keeping the ping times in mind ....

Now what ?[DOUBLEPOST=1508297299][/DOUBLEPOST]tracert top OPENDNS gave out chinese and worldwid IPs also
2.jpg
 
Last edited:
as I said before, i am 99% sure it's because of unlocking. unlocking is done on localhost ip, and for your hotspot router, it goes through 192.168.1.1 which directs it to 192.168.8.1 , if you think i am wrong, use another or different router which is not unlocked and you won't see any redirect.

and btw unlocking in this case is not permanent, one update to firmware an there your unlocking goes out the window.

btw those ping times are alright, mostly they are 1ms, sometimes fluctuate which is normal for any router.

tbh very odd thread , trying to find a problem where one doesn't exist.

/thread.
 
Last edited:
This is over BSNL Home ADSL Broadband.

C:\Users\Admin>tracert 192.168.1.1

Tracing route to 192.168.1.1 over a maximum of 30 hops

1 1 ms <1 ms <1 ms HacBox [10.10.10.1]
2 23 ms 24 ms 21 ms 117.196.32.1
3 22 ms 25 ms 20 ms 218.248.165.42
4 * * 236 ms 218.248.235.197
5 36 ms 34 ms 34 ms 218.248.235.198
6 71 ms 57 ms 56 ms 192.168.1.1

Trace complete.

Something has to do at BSNL's end. It is wrong configuration from BSNL.

**probably they are running some services on that particular node. it is routing inside BSNLs network. of course it is non routable over internet address.

*** it is checkpoint connectra websecurity gateway.

upload_2017-10-18_11-18-10.png
 
Last edited:
Looking at the traceroutes, its evident that the IPs are on BSNLs end, mostly done for some services. By default, most people use 192.168.1.1 for the internal IP, hence that IP would be non routable mostly.

However, what BSNL is doing is wrong, its a violation of IETF RFCs which say these should be non routable from the internet.[DOUBLEPOST=1508305980][/DOUBLEPOST]
*** it is checkpoint connectra websecurity gateway.

View attachment 72380

F*** I guess someone has no brains and done a quick hack to get them working without realising that these will be routable from the net.
 
This is over BSNL Home ADSL Broadband.

C:\Users\Admin>tracert 192.168.1.1

Tracing route to 192.168.1.1 over a maximum of 30 hops

1 1 ms <1 ms <1 ms HacBox [10.10.10.1]
2 23 ms 24 ms 21 ms 117.196.32.1
3 22 ms 25 ms 20 ms 218.248.165.42
4 * * 236 ms 218.248.235.197
5 36 ms 34 ms 34 ms 218.248.235.198
6 71 ms 57 ms 56 ms 192.168.1.1

Trace complete.

Something has to do at BSNL's end. It is wrong configuration from BSNL.

**probably they are running some services on that particular node. it is routing inside BSNLs network. of course it is non routable over internet address.

*** it is checkpoint connectra websecurity gateway.

View attachment 72380


this is my bsnl adsl tracert :

C:\Users\soura>tracert 192.168.1.1

Tracing route to 192.168.1.1 over a maximum of 30 hops

1 1 ms <1 ms 1 ms 192.168.1.1

Trace complete.

everything seems fine.

@cisco_tech what is hacbox on ur tracert? is this something u r running on your internal network probs?
 
this is my bsnl adsl tracert :

C:\Users\soura>tracert 192.168.1.1

Tracing route to 192.168.1.1 over a maximum of 30 hops

1 1 ms <1 ms 1 ms 192.168.1.1

Trace complete.

everything seems fine.

@cisco_tech what is hacbox on ur tracert? is this something u r running on your internal network probs?
It's router Asus ac68u .
Just given name [emoji39][emoji39]
 
Back
Top