Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: IP address 169.254.192.163/17 hacking my computer?


25 Mar 2012   #1

windows 7
 
 
IP address 169.254.192.163/17 hacking my computer?

The past 2 days I have come home and found my MMORPG disconnected and in it's place is a message from Comodo firewall that I have joined a new network from IP address 169.254.192.163/17.

Obviously, not even being home, I have joined no such network. I don't know who this IP address belongs to and I don't think it's my neighbor trying to get into my system to use my Wifi because a search of the IP address puts it in another state.

Anyone know what's going on here or what I can do to stop it? I tried to block the IP address in Comodo, but that only blocks incoming, not outgoing and I have no idea if I'm already on this person's network for outgoing info....

Please assist.

My System SpecsSystem Spec
.

25 Mar 2012   #2

Windows 7 Ultimate x64 SP1
 
 

That IP address means that your computer can't get an IP address, which means that something has gone wrong. Here's a brief recap of the 169.254.xx.xx addresses:

Why can't I connect with a 169.254.x.x IP address?

This can be solved by something as simple as rebooting your router. I'd try that and see if it fixes your problem.
My System SpecsSystem Spec
25 Mar 2012   #3

windows 7
 
 

thanks for the reply. Why would it tell me I've joined a network if it just can't access my IP address? And why isn't it happening to my other computers connected to the same router? and I did find that IP address online (in Arkansas).
My System SpecsSystem Spec
.


25 Mar 2012   #4

W7 Pro SP1 64bit
 
 

What search tool or website showed that IP in Arkansas? Can you locate that IP using the same search tool on your other computers or does it only work on the computer that has the problem you are posting about?

I'm wondering if it is a game related VPN. Maybe the game server drops your connection and Windows assigns the "169 IP" to the virtual NIC. This could happen to other computers that were dropped by the server, but still in the tunnel. In other words, you are no longer connected to the game server, but you are still connected to other computers that are also no longer connected to the game server. If this is what is happening, then it sounds like a poorly implemented VPN.

When your firewall software gives you this notification that you have joined this network, can you still get to the internet - can you still surf the web?
My System SpecsSystem Spec
25 Mar 2012   #5

Windows 7 Ultimate x64 SP1
 
 

There are no valid external IP addresses in the 169.254.xx.xx range. The 169.254.xx.xx is known as APIPA (automatic private IP addressing), and it happens when there is no DHCP server available to the computer. Windows will automatically assign an IP in this range when DHCP is lost, and it continually checks for a valid DHCP server every 5 minutes or so, and it will automatically stop using APIPA when a valid IP address and gateway is assigned. You couldn't connect to anyone outside of your local network if you have this IP address, because the computer would have no default gateway from which to communicate.

If all of your other computers work fine, then there must be something unique on this particular computer that's causing a loss of DHCP. If you don't use your MMORPG, does it continue to happen? If it doesn't, then look at the MMORPG. If it continues, I'd look closely at Comodo. Personally I have no use for anything other than MSE, so I'd completely uninstall it and see if the network connection issue stops.
My System SpecsSystem Spec
26 Mar 2012   #6

windows 7
 
 

Again, thanks for the replies. I would never know any of this without people to help^^.

I don't know if I can connect to the web when it happens, because both times seemed to be around the same time of day and both times, I wasn't home. When I got home and saw the messages about the Network, I was able to connect to the internet no problem.

It wasn't just Comodo which gave me the network message, Bitdefender also did. So something definitely happened.

Yes, it's isolated to my computer, but my other computer is also connected to the same MMORPG and it's not happening on that one.

Both times, I dced on the game on my computer, but the other computer did not DC on the game.

I found the IP address in a PDF doc which listed IP addresses for various networks in Arkansas. It was the only one on the entire internet I could find that matched exactly the IP address I was given as a Network I was trying to connect to. From what you're saying, it now just sounds like a coincidence and maybe those addresses were internal.
My System SpecsSystem Spec
26 Mar 2012   #7

Windows 7 Ultimate x64
 
 

As mentioned by kegobeer, as well as referenced in the article he linked to, there would be no legitimate way to connect to the net with that IP address.

If your machine is set up to get an address from a DHCP server, then you're likely getting a valid address for a set period of time. This may correspond with the fact that you mention that it happened twice, both at the same time of day. These address "leases" are often set to expire after 24 hours. I've seen this same thing happen on a few user's computers after they had made changes or upgraded/added software firewalls. In those cases all it took was changing settings in the firewall to enable acceptance of the new lease (in which case the PC typically keeps the same valid address it had when the old lease expired).

Try doing an ipconfig/all. You'll likely see a lease obtained/expires timestamp. If so, does it correspond with your times?
My System SpecsSystem Spec
26 Mar 2012   #8

windows 7
 
 

I tried the ipconfig/all and it looks like it was reset when I got home and restarted my computer after seeing the network message. I'm not sure if it was like that before the computer restart, but as it stands right now, the times correspond with a later time than when I got home. I guess I'll see tomorrow what happens. Thanks again^^
My System SpecsSystem Spec
26 Mar 2012   #9

Windows 7 Ultimate x64
 
 

Your response made me think about this some more (it's been a long, long time since I've seen this happen). If I am remembering this correctly, it was a software firewall block with the automatic request (outbound from the PC) for a new lease.

In any case, you would always lose it 24 hours after you re-establish a new valid address.
My System SpecsSystem Spec
Reply

 IP address 169.254.192.163/17 hacking my computer?




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:38 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33