Fragmented IP Packets?

You shouldn't worry about this. Most likely someone has adjusted their MTU.
Actually, dropping fragments may make your network connections unreliable - dropped packets mean lost data that has to be resent (and may be dropped again).

Did you look up the source IP of this dropped packet? It's from fpsgameservers.com
Do you play there?

Yeah I played on FPSGameservers.com servers a few times on CS but that's about it

Ok well now I keep getting these alerts:



In the desc. they say the port is used for the BackDoors.

I got about 60 of them already, I usually delete them once they appear. Also they are all from the same IP address

Again, check the source IP address. Which machine on your LAN has 192.168.1.101?

The destination address is a broadcast address, meaning "send to everyone". The 1.101 machine is probably doing some sort of discovery.

Yes, it could be malware looking for peers, but it may as well be a game looking for a server or whatever. The answer lies in the machine with the source address.

none of my computers have .101 at the end Nodsu

And I haven't played any CS for awhile so I don't think it would be a game server

What antivirus programme are you running? It wouldn`t happen to be Kaspersky would it?

Regards Howard

No howard, it's AVG

Well, that packet had to come from somewhere. You can find out the MAC address of the sending device by running "arp -a" at Windows command line (right after receiving the alert).

Maybe someone is piggybacking your wifi?

That's what came up Nodsu

Also when I rebooted today my COMODO firewall was on Allow-All and my internet firewall was Disabled, I put the firewall to Block-all and turned off my internet and ran for scans and all that, nothing found so it was probably just something that happened on boot...

Maybe someone is piggybacking your wifi?

Click to expand...

That is possible, my neighbor used my internet before I got some security on my router ( my mom didn't think it was necessary till I showed her a video about how people WarDive your wifi and use it for stuff )


Also is it normal to have way more packets received then sent?

The ARP cache didn't show the 1.101 address probably because it was too long since the last communication. You could try pinging that address and then try arp -a again.

Yes, usually you download much more data than you upload and you don't always acknowledge the arrived packets one by one.

Here nodsu, I pinged it and it appeared



I didn't know if I should include the port number

Type the following code into the Windows command line on all the computers in your network:
Check the resulting physical address against the physical address for 192.168.111.101. I think that it's possible for one computer to have two mapped IP addresses; it seemed to happen in my network once.

Well I checked mine and my sister's computer, the front computer is so bad and full of useless crap I couldn't even get to the CMD without it crashing to BSOD :haha:

I don't see how this happened to begin with, last week it didn't get these alerts every 2 seconds, I think it started happening when I reformatted my computer and reinstalled my wireless PCI card

Have you tried updating the wireless card's drivers?

Do I download a new firmwire for the Router or the wireless card drivers? ( I cant find the drivers for the card )

you should ALWAYS drop fragmented packets -- these are often used to reassemble
data used to breach your firewall rules. Any system sending packets too large
will be adjusted automatically to fit your MTU size, so it's a normal condition.
I set my MTU to 1492 by intent to avoid fragmentation of the stupid 1500 default value.
In a dial-up connnection, the MTU is best set at a minimum 496 anyway --
so just think how many sites have to readjust values for those users!

How would I changed the MTU of the firewall to 1492?

Depends on mfg/model, but it's on the config --- somewhere.

Correction: MTU and Fragmentation

A good list of MTU sizes is described here
I've set 1492 as the MTU value.