Strange hosts appearing in network

Started by ram0042, July 10, 2024, 03:59:11 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 10, 2024, 03:59:11 PM Last Edit: July 11, 2024, 03:30:46 AM by ram0042
Hello:

I got a network on LAN: 192.168.0.0/24
OpenVPN (road warrior): 10.0.0.0/24 (5 concurrent connections)

I see that there are a handful of hosts like 10.0.0.11, 10.0.0.13, 10.0.0.107, 10.0.0.120, etc.
I want to know how are they showing up. They are tagged with LAN as their source. On System>Routes>Status the 10.0.0.0/24 comes from the OPT1 interface as expected.

How do I go about finding out where these IPs are coming from other than physically unplugging cables from the switch?

Edit: forgot to mention; My biggest concern are the DNS request they are sending to nat.vssnat.net and ets.mny9.com
They seem to be resolving to China IPs.
Print
Go Up Pages1
User actions