Main Forum > General Computer Support

can the router settings be changed by virus? If it is secured by ISP

<< < (9/18) > >>

Samson:

--- Quote from: jraju on January 18, 2016, 04:59:06 am ---Now, if that vulnerablity is touched, who knows.

--- End quote ---

"This vulnerability allows an attacker to easily gain control of the router and therefore your Internet connection. The attacker can use a specially crafted HTTP request to download all important and secret data stored in your router -- your router login/password combination, your Wi-Fi password and your configuration data."

"There is a severe vulnerability in a lot of routers of various brands, models and software versions. The bug allows unauthenticated anonymous HTTP requesters from outside network (from WAN interface) to download configuration file from the router including its passwords to configuration web interface. Attackers massively abuse this vulnerability to gain access and change DNS servers that are used by the router as well as the computers behind it and they redirect high-profile and generally trusted web pages to malware or phishing sites."

You can get a second opinion on Avast's findings here.
http://rom-0.cz/

It is circumstantial and speculative, however you seem to have suffered the symptoms of the vulnerability to which you are exposed. Specifically the inability to be able to login to your router interface could have resulted from the admin password being changed by a malicious source. Coincidence?

Boggin:
Is there a setting in the router for remote access that you can disable ?

This is what ISP techs use to access the router but I suppose could also allow an attacker the same access.

See what Netalyzr makes of your WiFi - this requires Java.

http://netalyzr.icsi.berkeley.edu/

Can you let us know the make & model of the router - this can be viewed by going Start - click on Computer and in the left pane, click on Network.

Let's see if we can find some info on its settings.

jraju:
My network icon on the left if opens show only my printer hp 1300.
I will give the modem name It is teracom modem,TDSL 300 w2 type 2 adsl2+wireless router
The adapter is RealtekRTL8139/810x family fast ethernet NIC.
I ran the netlyzer, but test complete and waiting for results. How to go about getting the results

jraju:
Hi, Boggins.
                 there was a feed back session and I sent. I stored the results in png form. The results are some major and minor aberrations. to put it simple.
                 I will give some results in the next post.
                 Meanwhile, if it is dynamic ips on every login, how the results could be gauged. If suppose, I quit the browser and then log in , I will be given a different log in by the ISP, as natural and how it is to be analysed. I appreciate the task it took to give those results. Would it be applicable to dynamic ips log ins.
                   I will analyse the results and if possible, I would like to pm. how to do I do not know

Boggin:
This is mine which I just used the normal right click on the URL then selected Create shortcut and pasted it into the reply box.

Link removed.

At one time, it used to warn of a vulnerability in the router but I cannot see it this time.

I'll do a search later to see what info I can find on your router.

To check if you are getting a different IP address every time you log in, run this program before and then again after a new log in to see if it changes.

http://whatismyipaddress.com/

EDIT - It looks like not being able to log into this router is a known issue and the only workaround of a factory reset has already been suggested.

http://www.netvuze.com/2013/04/dsl-broadband-modem-configuration.html

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version