Help with Routing Table (Network Utility)

[mackerg4]

Had a problem last weekend, my ISP blacklisted us from sending emails (rbl server). Apparently our IP address (which is fixed) was used to send spam, or as they put it 'unusual email behaviour'. Anyway by Monday morning we were back on again. In the meantime I had run a full Avast anti-virus scan on all the Macs and the Windows PC. Everything came up clean.

The network consists 4 Macs (Mavericks), a Windows 8 PC (which is hardly ever switched on), a Qnap NAS, 2 iPads, 2 iPhones, two Sony TVs, a Humax PVR, an OKI Multifunction and two AppleTV boxes.

Today (Friday) we got a Mail Delivery System message following an email we sent to a Gmail user yesterday saying "Our system has detected an unusual rate of mail originating from your IP address" and the email we sent was delayed. So still something going on by the look of it.

A pal of mine suggested I did a 'Netstat' on the machines on the network and look at the routing tables for anything unusual. He's a Windows person but after a bit of Googling I found that I could do this using Network Utility. I have done this on the desktop Macs. Didn't really know what I was looking for but all seemed quite reasonable to my untrained eye. Then I ran it on our MacbookPro which produced the following routing table which really looks to me as though it cannot be right given that we only have a dozen or so devices on the network?


-------------------------
Routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.0.1 UGSc 47 0 en0
127 localhost UCS 0 0 lo0
localhost localhost UH 11 5033 lo0
169.254 link#4 UCS 0 0 en0
192.168.0 link#4 UCS 255 0 en0
192.168.0.0 ff:ff:ff:ff:ff:ff UHLWbI 0 1 en0
192.168.0.1 20:e5:2a:48:ac:76 UHLWIir 52 893 en0 1199
192.168.0.2 link#4 UHLWI 0 1 en0
192.168.0.3 link#4 UHLWI 0 1 en0
192.168.0.4 f0:d1:a9:1a:6c:22 UHLWI 0 7 en0 1099
192.168.0.5 link#4 UHLWI 0 1 en0
192.168.0.6 link#4 UHLWI 0 1 en0
192.168.0.7 link#4 UHLWI 0 1 en0
192.168.0.8 0:a0:96:e5:e8:bb UHLWI 0 7 en0 1098
192.168.0.9 0:8:9b:cc:ff:eb UHLWI 0 7 en0 1020
192.168.0.10 9c:4:eb:88:ac:6 UHLWI 0 5 en0 1097
192.168.0.11 a8:20:66:39:f5:31 UHLWI 0 7 en0 16
192.168.0.12 a8:20:66:39:ea:54 UHLWI 0 7 en0 16
192.168.0.13 link#4 UHLWI 0 1 en0
192.168.0.14 localhost UHS 0 14 lo0
192.168.0.15 link#4 UHLWI 0 1 en0
192.168.0.16 link#4 UHLWI 0 1 en0
192.168.0.17 link#4 UHLWI 0 1 en0
192.168.0.18 link#4 UHLWI 0 1 en0
192.168.0.19 link#4 UHLWI 0 1 en0
192.168.0.20 0:25:36:86:2d:f6 UHLWI 0 7 en0 1095
192.168.0.21 28:e1:4c:c7:15:dc UHLWI 0 5 en0 1095
192.168.0.22 link#4 UHLWI 0 1 en0
192.168.0.23 link#4 UHLWI 0 1 en0
192.168.0.24 link#4 UHLWI 0 1 en0
192.168.0.25 link#4 UHLWI 0 1 en0
192.168.0.26 link#4 UHLWI 0 1 en0
192.168.0.27 9c:20:7b:9f:eb:72 UHLWI 0 7 en0 1094
192.168.0.28 link#4 UHLWI 0 1 en0
192.168.0.29 link#4 UHLWI 0 1 en0
192.168.0.30 68:5b:35:cf:6b:61 UHLWI 0 7 en0 1094
192.168.0.31 link#4 UHLWI 0 1 en0

------------
There were too many characters in this post to be allowed on the forum so I had to shorten it. However all the lines were exactly the same from 192.168.0.32 to 192.168.0.197
-------------

192.168.0.198 link#4 UHLWI 0 1 en0
192.168.0.199 link#4 UHLWI 0 1 en0
192.168.0.200 20:e5:2a:5e:29:9b UHLWIi 3 682 en0 1007
192.168.0.201 link#4 UHLWI 0 1 en0
192.168.0.202 link#4 UHLWI 0 1 en0
192.168.0.203 link#4 UHLWI 0 1 en0
192.168.0.204 link#4 UHLWI 0 1 en0
192.168.0.205 link#4 UHLWI 0 1 en0
192.168.0.206 link#4 UHLWI 0 1 en0
192.168.0.207 link#4 UHLWI 0 1 en0
192.168.0.208 link#4 UHLWI 0 1 en0
192.168.0.209 link#4 UHLWI 0 1 en0
192.168.0.210 link#4 UHLWI 0 1 en0
192.168.0.211 link#4 UHLWI 0 1 en0
192.168.0.212 link#4 UHLWI 0 1 en0
192.168.0.213 link#4 UHLWI 0 1 en0
192.168.0.214 link#4 UHLWI 0 1 en0
192.168.0.215 link#4 UHLWI 0 1 en0
192.168.0.216 link#4 UHLWI 0 1 en0
192.168.0.217 link#4 UHLWI 0 1 en0
192.168.0.218 link#4 UHLWI 0 1 en0
192.168.0.219 link#4 UHLWI 0 1 en0
192.168.0.220 link#4 UHLWI 0 1 en0
192.168.0.221 link#4 UHLWI 0 1 en0
192.168.0.222 link#4 UHLWI 0 1 en0
192.168.0.223 link#4 UHLWI 0 1 en0
192.168.0.224 link#4 UHLWI 0 1 en0
192.168.0.225 link#4 UHLWI 0 1 en0
192.168.0.226 link#4 UHLWI 0 1 en0
192.168.0.227 link#4 UHLWI 0 1 en0
192.168.0.228 link#4 UHLWI 0 1 en0
192.168.0.229 link#4 UHLWI 0 1 en0
192.168.0.230 link#4 UHLWI 0 1 en0
192.168.0.231 link#4 UHLWI 0 1 en0
192.168.0.232 link#4 UHLWI 0 1 en0
192.168.0.233 link#4 UHLWI 0 1 en0
192.168.0.234 link#4 UHLWI 0 1 en0
192.168.0.235 link#4 UHLWI 0 1 en0
192.168.0.236 link#4 UHLWI 0 1 en0
192.168.0.237 link#4 UHLWI 0 1 en0
192.168.0.238 link#4 UHLWI 0 1 en0
192.168.0.239 link#4 UHLWI 0 1 en0
192.168.0.240 link#4 UHLWI 0 1 en0
192.168.0.241 link#4 UHLWI 0 1 en0
192.168.0.242 link#4 UHLWI 0 1 en0
192.168.0.243 link#4 UHLWI 0 1 en0
192.168.0.244 link#4 UHLWI 0 1 en0
192.168.0.245 link#4 UHLWI 0 1 en0
192.168.0.246 link#4 UHLWI 0 1 en0
192.168.0.247 link#4 UHLWI 0 1 en0
192.168.0.248 link#4 UHLWI 0 1 en0
192.168.0.249 link#4 UHLWI 0 1 en0
192.168.0.250 link#4 UHLWI 0 1 en0
192.168.0.251 link#4 UHLWI 0 1 en0
192.168.0.252 link#4 UHLWI 0 1 en0
192.168.0.253 link#4 UHLWI 0 1 en0
192.168.0.254 link#4 UHLWI 0 1 en0
192.168.0.255 ff:ff:ff:ff:ff:ff UHLWbI 0 46 en0


Internet6:
Destination Gateway Flags Netif Expire
localhost localhost UHL lo0
fe80::%lo0 localhost UcI lo0
localhost link#1 UHLI lo0
fe80::%en0 link#4 UCI en0
marketpo-macbook-p 0:1e:c2:14:d4:6f UHLI lo0
kitchen-apple-tv-7 9c:20:7b:9f:eb:72 UHLWI en0
bobs-imac.local a8:20:66:39:f5:31 UHLWI en0
fe80::%en1 link#5 UCI en1
fe80::8e1:7d60:375 9c:20:7b:9f:eb:72 UHLWI en1
fe80::aa20:66ff:fe a8:20:66:39:ea:54 UHLWIi en1
fe80::aa20:66ff:fe a8:20:66:39:f5:31 UHLWI en1
ff01::%lo0 localhost UmCI lo0
ff01::%en0 link#4 UmCI en0
ff01::%en1 link#5 UmCI en1
ff02::%lo0 localhost UmCI lo0
ff02::%en0 link#4 UmCI en0
ff02::%en1 link#5 UmCI en1


I have now uninstalled Avast from the MBP and scanned it with Sophos. Again it says it's clean.

Any help, pointers, advice very much appreciated.

 

[satcomer]

Someone could have hacked your router, try changing it.