Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet / LAN security


  • Please log in to reply
8 replies to this topic

#1 Bellzemos

Bellzemos

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 25 December 2012 - 02:04 PM

Hi!

I recently found out about router security (NAT) and found out that a computer was connected directly to the modem and wasn't behind NAT. I then put a router in between the modem and the PC and now it's behind NAT (as seen with the ipconfig command). Was that computer in a great danger before? How can I see if something infiltrated it?

Other thing I saw was that the router's password was set as default (factory) one and I changed it now. How dangerous was having the default password and how can I see if someone broke in and chnaged the router settings?

Thank you!

BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 PM

Posted 25 December 2012 - 03:16 PM

Was that computer in a great danger before?

Not if it had a firewall.

how can I see if someone broke in and chnaged the router settings?

Check the DNS settings.

Is the administrative interface of your router accessible via the WAN interface?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 25 December 2012 - 03:56 PM


Was that computer in a great danger before?

Not if it had a firewall.

how can I see if someone broke in and chnaged the router settings?

Check the DNS settings.

Is the administrative interface of your router accessible via the WAN interface?


You mean software firewall? It had (and still has) only the Windows 7 default firewall set (so inbound only).

How and what do I check about the DNS settings? I don't know what is WAN inferface but if you mean if I can "log-in" and change my router settings - yes, I am able to. It's how I changed the user name and password.

Thanx!

Edited by Bellzemos, 25 December 2012 - 03:58 PM.


#4 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 26 December 2012 - 10:20 AM

Anyone, please? :)

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 PM

Posted 26 December 2012 - 02:17 PM

How and what do I check about the DNS settings?

You know what DNS is?

I don't know what is WAN inferface but if you mean if I can "log-in" and change my router settings - yes, I am able to. It's how I changed the user name and password.

What is the name of the port you connected to the modem?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 26 December 2012 - 02:39 PM

It's Domain Name Server and I don't know much about networking at all. I don't know the name of the port I connected to the modem, help me please.

#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 PM

Posted 26 December 2012 - 02:55 PM

I don't know the name of the port I connected to the modem, help me please.

How did you know which port to connect to your modem? What model is your router?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 Bellzemos

Bellzemos
  • Topic Starter

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Local time:12:50 PM

Posted 27 December 2012 - 09:00 AM


I don't know the name of the port I connected to the modem, help me please.

How did you know which port to connect to your modem? What model is your router?


I connected the "input" port of the Router to one of the "output" ports on the modem.

My Router is TP-LINK Wireless Lite N Router TL-WR741ND:
Posted Image

#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:50 PM

Posted 27 December 2012 - 09:10 AM

I'm not familiar with TP-Link products, maybe someone else is.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users