So the Telnet exploit is not patched on the gateway I get from my ISP. Somebody knows this and will use my gateway to attack a server. When that happens I assume the thing gets so overloaded it reboots. After reboot the infection is gone, but from what I know the hacker with me in his/her botnet probably lists my IP and auto scans for my IP and just auto injects the code to get me back online in the botnet.
I am not skilled in security but would like to be. I figured, since comcast techs cant even help me and say I can just get a new gateway...I want to basically patch this myself. I'll do this by compiling Mirai (not cheating and using the auto installer) on CentOS and infecting the gateway myself to "patch" it.
I just wonder how well it'll work. I can unfortunately not block or close the open port which is why this exploit can happen. Comcast gives those who rent equipment zero control over any admin settings. I only portforwarded the port thats open to a machine that doesn't exist on the network. Still, this didn't seem to work.
The attacker has evolved more balls and has actually been trying to brute force my routers password. When I try to login it tells me I'm locked out because of 3 wrong attempts. I am almost sure this means a device on the network has been infected, or else how does somebody get access to 10.0.0.1