How to check incoming LAN connections on XP?


  1. EOF
    Posts : 18
    Win7 Ultimate
       #1

    How to check incoming LAN connections on XP?


    Hi!
    I have an old XP machine running which serves as a file sharing PC.
    It is connected to the internet and to my local network also.

    I found some strange files on some shared folders, actually some of the files are decrypted.
    I know, there was some cryptolocker malware attack.
    The files are junk files, so I don't worry about them.

    Avira is running 24/7 on that machine, up-to-date.

    Is there any possibility to check backward on XP who or from what IP address was some connections in the past?

    I checked Avira's log's and quarantine but nothing was recorded.

    I also checked with Avast, F-secure, MalwareBaytes etc... for possible infections on that machine, but nothing was recognized as an infection...

    Now I setup Wireshark to log the LAN, but at the moment when that happen there was no logger app installed.

    It look's for me like somebodies PC was infected who was connected to my PC and the malware found the shared folders and they encrypted the content of the folders remotely, and didn't jumped over to my pc.
    I have also a .txt file where is writing how to contact the guys who can enecrypt my unused files.
    Btw. I have also a full backup all the time. So I 'm not worried about the content of that folder.
    Is this a logical explanation?

    Thanks for any idea.
      My Computer

  2. jimbo45's Avatar
    Posts : 10,483
    Windows / Linux : Arch Linux
       #2

    EOF said:
    Hi!
    I have an old XP machine running which serves as a file sharing PC.
    It is connected to the internet and to my local network also.

    I found some strange files on some shared folders, actually some of the files are decrypted.
    I know, there was some cryptolocker malware attack.
    The files are junk files, so I don't worry about them.

    Avira is running 24/7 on that machine, up-to-date.

    Is there any possibility to check backward on XP who or from what IP address was some connections in the past?

    I checked Avira's log's and quarantine but nothing was recorded.

    I also checked with Avast, F-secure, MalwareBaytes etc... for possible infections on that machine, but nothing was recognized as an infection...

    Now I setup Wireshark to log the LAN, but at the moment when that happen there was no logger app installed.

    It look's for me like somebodies PC was infected who was connected to my PC and the malware found the shared folders and they encrypted the content of the folders remotely, and didn't jumped over to my pc.
    I have also a .txt file where is writing how to contact the guys who can enecrypt my unused files.
    Btw. I have also a full backup all the time. So I 'm not worried about the content of that folder.
    Is this a logical explanation?

    Thanks for any idea.
    Hi there
    Have a look at the ROUTER Hardware logs -- amazing that this resource which is available on almost any router out there is usually often overlooked whatever the OS.

    Cheers
    jimbo
      My Computer

  3. Mystere's Avatar
    Posts : 3,257
    Windows 10 Pro
       #3

    STOP. Don't use XP for ANYTHING connected to the internet. There are literally thousands of vulnerabilities in the OS, and many of which can be exploited with no direct interaction from someone using the machine. XP cannot be safely connected to the internet. Ever.

    Depending on the machine, you may be able to run Windows 10, but more likely this sounds like a use case for a simple linux media server distribution. It can act as a fileserver for windows machines, or a media server for smart tv's or other devices.

    Your machine has probably been used for all kinds of things by hackers.. such as a DDOS zombie, or spam distribution host.

    Just don't connect XP to the internet... I cannot say this strongly enough.
      My Computer

  4. Jacee's Avatar
    Posts : 1,589
    Win 10 home 20H2 19042.928
       #4

    I agree with @Mystere
      My Computers


  5. EOF
    Posts : 18
    Win7 Ultimate
    Thread Starter
       #5

    Thanx for the attention, I'we know about the outdated OS, but in some situation there is hard to overcome some
    problems when it comes to OS switching.
    I don't have to care about security on this machine cos I have an .img for the system and in 15 min I'm on the road again.
    The machine is not literally on the Inet, just has shared folders.

    But however, I assume there is no way to check inbound connections I assume...
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 22:30.
Find Us




Windows 10 Forums