Hey
first of all, sorry if this is the wrong forum category.
Recently i did a traceroute to my providers homepage and saw some strange ip addresses, here is the output:
Code:
delta9@netbook ~ $ traceroute aon.at
traceroute to aon.at (195.3.96.72), 30 hops max, 60 byte packets
1 DD-WRT (192.168.1.1) 1.143 ms 1.895 ms 2.038 ms
2 dsldevice.lan (10.0.0.138) 55.488 ms 55.193 ms 54.058 ms
3 113.67.91.160 (113.67.91.160) 30.485 ms 113.70.44.160 (113.70.44.160) 31.837 ms 113.71.176.192 (113.71.176.192) 32.552 ms
4 195.3.66.133 (195.3.66.133) 19.999 ms 21.821 ms 24.391 ms
5 AUX10-LKREBC10.highway.telekom.at (195.3.68.61) 48.377 ms 50.161 ms 50.391 ms
6 195.3.118.182 (195.3.118.182) 36.015 ms 28.154 ms 29.900 ms
7 172.18.96.235 (172.18.96.235) 81.617 ms 73.965 ms 72.844 ms
- DD-WRT (192.168.1.1) - my linksys wrt54gs running dd-wrt micro
- dsldevice.lan (10.0.0.138 ) - the modem i got from my provider - speedtouch 546v6
All those 113.xxx addresses looked kinda suspicious to me, so i did some whois query's:
http://whois.domaintools.com/113.67.91.160
Code:
inetnum: 113.64.0.0 - 113.95.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
remarks: service provider
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-GD
mnt-routes: MAINT-CHINANET-GD
What do you guys think? Have i been hacked or am i just paranoid?
The strange thing is btw, that those ip's change all the time. I even get some from Taiwan sometimes (xxxx.veetime.com or sth??)
And the problem isnt OS specific, on Windows the traceroute looks the same (also on different devices).
Want to hear your opinions.
Bookmarks