| View previous topic :: View next topic |
| Author |
Message |
Amity88
Apprentice
Joined: 03 Jul 2010
Posts: 265
Location: Third planet from the Sun
|
 Posted: Mon Apr 11, 2011 8:07 am Post subject: router seems to have been compromised |
 |
|
I have a beetel 450tc1 wireless router, which I secured with a resonably strong WPA and administration passwords. A couple of days ago I got locked out of my router (the wireless password and internet was working however), I called up customer care and they reset it remotely.
There are two things that bother me, first of all about the password itself, there was no way that I could have mistyped the password (I had written it down some place safe, no one could have seen it), it was not guessable (12+ random character).... besides I used it occasionally, how could it stop working all of a sudden?
Then, I had turned on the router's firewall and a web based port scan (www.grc.com) shows that that ports 1:1023 dropped incoming packets. Despite this the people at my ISP was able to reset the administration password, it was convinient (I was thinking that they would have to send someone over to manually reset and reconfigure the router) BUT it raises the question of security.... If they could do it, couldn't someone else do it as well..... I wan't even supposed to be locked out in the first place.....
Any help would be appreciated 
_________________
| Ant P. wrote: | | The enterprise distros sell their binaries. Canonical sells their users. |
Also... Be ignorant... Be happy! |
|
| Back to top |
|
 |
djinnZ
Advocate
Joined: 02 Nov 2006
Posts: 4831
Location: somewhere in L.O.S.
|
| Posted: Tue Apr 12, 2011 2:16 pm Post subject: Re: router seems to have been compromised |
|
|
| Amity88 wrote: | | I called up customer care and they reset it remotely |
this is the problem and the question is very old. Look here.
The only reasonable solution is to use a router (openwrt?) without a documented backdoor password builtin.
A reasonable start will be reflash the firmware.
_________________
scita et risus abundant in ore stultorum sed etiam semper severi insani sunt
mala tempora currunt...mater stultorum semper pregna est 
Murpy'sLaw:If anything can go wrong, it will - O'Toole's Corollary:Murphy was an optimist |
|
| Back to top |
|
|
Amity88
Apprentice
Joined: 03 Jul 2010
Posts: 265
Location: Third planet from the Sun
|
| Posted: Thu Apr 14, 2011 4:23 pm Post subject: |
|
|
That's what I'm most concerned about... a backdoor.... I've read a bit about the PsyB0t worm, but my ports (except ssh) were open to the internal network..... any chance I could tweak the settings of router in solve the problem?
_________________
| Ant P. wrote: | | The enterprise distros sell their binaries. Canonical sells their users. |
Also... Be ignorant... Be happy! |
|
| Back to top |
|
|
|
Networking & Security
