RE: Unable to connect to certain sites... (Full Version)

All Forums >> [Fun] >> Computers & Technology



Message

Kat_D -> RE: Unable to connect to certain sites... (7/17/2008 9:02:30 PM)

Are you still there MWD???



MWD -> RE: Unable to connect to certain sites... (7/17/2008 9:08:37 PM)

Your router is the problem, then. Probably misconfigured from the start, or broken into and maliciously reconfigured, or both.

You really need to get that thing set up right, with a view toward security. Bring someone in who knows what he's doing. Geek Squad or some other outfit like that. Admin password should be changed to something absurd/unguessable, wireless access should be nailed down tight (severely restricted), etc, etc, etc. Factory settings are extremely dangerous, asking for real trouble. I could do it for you free as a courtesy if you want to ship it to me, but that sounds like overkill, borderline absurd. There should be people near you who know this stuff. But the offer is there if you want.

Make sure whatever PC is connected to the modem has its firewall enabled! Open a command window, type "control <ENTER>", then click "Security Center." That's XP; Vista may be slightly different.

Let me know on the router config.



Kat_D -> RE: Unable to connect to certain sites... (7/17/2008 9:16:34 PM)

The firewall is on.

How do I get the router config?



Kat_D -> RE: Unable to connect to certain sites... (7/17/2008 9:20:15 PM)

I will get someone to come in and re-set up the router. Is it safe to hook back up to it in the meantime?



MWD -> RE: Unable to connect to certain sites... (7/17/2008 9:22:53 PM)

No, I mean let me know whether you want to ship the router out here & have me do it. But like I said, there must be competent/security-aware tech help in your area. Maybe a friend of a friend? Someone who knows how to set up a home router, someone who is competent & experienced, especially when it comes to security/lockdown.



Kat_D -> RE: Unable to connect to certain sites... (7/17/2008 9:30:25 PM)

Oh, I think I can get my head IT guy at work to do it, and if not, we'll get the Geek Squad, but thaks so much for the offer.

Do you think I should I should hook back up to the router now or wait until we get that done?



MWD -> RE: Unable to connect to certain sites... (7/17/2008 9:33:56 PM)

No, it is not safe. Connect directly to the modem. If you swap PCs, you will have to:

1. Command window: "ipconfig/release" on the 1st PC

2. Disconnect 1st PC

3. Power down modem.

4. Wait 30 seconds.

5. Power modem back up.

6. Wait about a minute for the modem to sync with the central office.

7. Connect PC#2.

ALWAYS ALWAYS ALWAYS type "ipconfig /release" on a PC you are about to DISconnect from the modem. It will clear the network on the PC so the next time you connect it to something it will automatically ask for an IP address. Though you may have to do an "ipconfig/release" and an "ipconfig/renew" when you connect it. Depends on Vista (yuck) and on exactly how the DHCP server in the modem works, and I have zero knowledge in those areas. Sometimes rebooting is easier. Your choice one way or the other.



Kat_D -> RE: Unable to connect to certain sites... (7/17/2008 9:37:33 PM)

Okay. I just want to thank you for all your help. I will stay off my lap top until we get it refigured. Again,thanks so much. Have a blessed evening.



MWD -> RE: Unable to connect to certain sites... (7/17/2008 9:40:08 PM)

Reasons why you should not use your router:

1. It wasn't set up right to begin with. Big security risks.

2. It was probably hacked by someone in some "stan" country. At the very minimum, it is easily hackable. Even bigger security risks. Trust me, you do NOT want to go there.



MWD -> RE: Unable to connect to certain sites... (7/17/2008 9:41:30 PM)

No problem.



Kath -> RE: Unable to connect to certain sites... (7/21/2008 1:48:02 AM)

Well, I have no idea whatcha'll were talking about but it was fascinating anyway.

quote:

2. It was probably hacked by someone in some "stan" country. At the very minimum, it is easily hackable. Even bigger security risks. Trust me, you do NOT want to go there.


can that happen even with a firewall? I use trendmicro and have it installed on the laptops too.



MWD -> RE: Unable to connect to certain sites... (7/21/2008 7:34:47 AM)

Yes, it can happen with a firewall, because it has nothing to do with firewall functionality. It has to do with malicious scripts silently logging into your router and changing its settings.

Your best defense is to change your router's password to something fantastic, such as 34eja901wlr. Most scripts I've seen try only a few times, and then give up.

AFTER you've changed the password, check your router's log for evidence of break-ins. Best way to do this is to clear the log, then go visit ALL your usual sites, then come back and look at the log.

Here is a sample log from one of my customers' routers. This quick salvo of break-in attempts was from a laptop visiting LEGITIMATE sites. Note the time stamps vs. the number of break-in attempts. If you have multiple systems on your network, the log will help you identify the culprit because it identifies via IP address the system running the malicious script. Or ought to, anyway.

Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:47 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:48 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]

Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]
Wed, 2008-01-09 11:55:49 - [admin login fail. Password error - IP :
172.16.1.150]

We did not sweat this because the router has an unguessable password.

Several weeks later, the web site found the malicious script and removed it from their servers. We are no longer getting these router-log entries.

EDIT: Fix typo. MWD
EDIT_2: Paragraph 4 unclear



Kath -> RE: Unable to connect to certain sites... (7/21/2008 12:18:19 PM)

quote:

Your best defense is to change your router's password to something fantastic,


I wouldn't even know how to do that. [&:]



MWD -> RE: Unable to connect to certain sites... (7/21/2008 5:14:46 PM)

Your router documentation has what you need. Should be on the CD that came with it. If you've lost the CD, go to the manufacturer's web site and pull down the docs for your specific model.

No one should run with a default router password these days. Way too much at risk. Five years ago that wasn't the case but today things are different/nasty.

If you've been running with a default password, you (or someone else locally) should probably go in and check to make sure your router hasn't already been script-reconfigured to point your requests to illegitimate web sites. But do that AFTER the password is changed.

If you are running a standard home configuration with no special requirements, sometimes the easiest thing to do is pin-reset the router to factory defaults and then immediately go in and change the admin password. The problem with this, however, is that most factory configurations leave the wireless wide open to anyone to use. But if you're using a router with no wireless capabilities, it's a viable option.

Contact me offline if you want.



Kath -> RE: Unable to connect to certain sites... (7/21/2008 6:01:40 PM)

Thanks!



Page: <<   < prev  1 2 3 4 [5]



Forum Software © ASPPlayground.NET Advanced Edition 2.5 ANSI