Solved Router Got hacked !!!

[ranget]

yes my router got hacked a while ago i posted in other forums about ports being opened

now no ports are open but comodo is reporting inbound attacks

what shall i do Now ?

Restting / Refirming did nothing

Edit :
https://forums.comodo.com/firewall-help-cis/comodo-blocked-an-incoming-ip-currently-under-attack-t85455.0.html

 

[ranget]

-Well DHCP state displayed nothing other than my computer
-Comodo Secure DNS changed to ISP DNS :S

@lovefanboy

the router = modem = DSL router = HW firewall

i don't use a router behin a modem
i use DSL router // i plug the phone Line in the router //
so i don't know how to brdige network or to dial stuff from desktop
you have to be more specific plz

But if you suspect that there is malware in the router (i.e. that the router firmware has been altered to add malicious code), then there is no 100% guarantee that you will ever be able to remove this malicious code. Although resetting is a hardware signal, the reset to factory default is also done by code in the firmware, which can be altered too to circumvent this and allow the malicious code to persist.
Even upgrading is done by code in the firmware, which again, can be altered to circumvent this and allow the malicious code to persist.
The only way to fix this requires hardware intervention, which is beyond our scope.

Now if you suspect that there is a malicious configuration in the router (e.g. the DNS setting points to a malicious DNS server) but that the code itself (firmware) remains unaltered, then resetting will indeed remove these malicious configuration entries. But this is something that can be done with a careful review of all settings too.

"""""" by diderstevens

so i pretty much malwared xD
""""

thanks for help

 

[pcjunklist]

Didn't we speak a while back when you thought your computer was hacked? Did you ever follow through and get a new IP from you service provider?

 

[ranget]

talked to ISP when the ports were open and i just gave up on them ,
the basically told me to disable the HW firewall !!!!!! i quote what he said to me " you don't have to use the firewall disable it "
also when i took the Routers to the D-Link repair center " he didn't know what is an open port "

anyway i don't have a static IP

Didn't we speak a while back when you thought your computer was hacked?

yeah and i reinstall OS on all of my machine building a more rough security setups and very paranoid common sense

anyway I stopped using my DSL till further investigations
I tried another router form the same brand those the same i talked about in DSLreport forum
but till today i cant fix them ....
temporally i stopped most of the important Internet activity i have " collage and everything else if you know what i mean " they both show the same symptoms


so what shall i do now ?
Reset the Router already been done !
Refirm the router ! done
strengthen the setup by password etc ! done
re install windows ! Done
seek help on forum " a while back " ! done
kill my self ! not yet

anyway i was thinking about a way on combating this problem " by buying a new router and modifying the Firmware Rom to install a lock switch on it "
but it's highly unlikely to work without knowing the HW detail of the router + it will void the warranty

anyway thanks for help ....

 

[McLovin]

If you have a spare one around the house that you could use, try that and if you are still having the problems, then it might be your ISP.

 

[Ink]

Some people use a Linux firewall on a spare PC, but I don't have any knowledge on that, you could research into it.

Doesn't your ISP provide you with a router?

We're with BT and we got a 2Wire router.

 

[Plexx]

Earth, dont you get the HUB while on BT?

I keep seeing advertised the HUB every single BT commercial.

Some routers do have an active protection built in (well mine does) but then again I have specific settings tweaked. also sometimes the latest version of the firmware is not the solution and on some cases, you cant reverse the firmware, like in my Belkin for example.

Nevertheless it doesnt really seems like you have been hacked. But also something aint fully right either. How many systems you got connected to your internet? i.e another laptop, a neighbour connecting at hours you would be sleepin etc?

Actually sometimes I look at the connection signals and theres this unprotected network on the max speed available for GIB, basically calling for it to be used. Yet I have not even attempted since a: is immoral, b: something is rather dodgy. No one in the right mind would do it. It turns out that one of my neighbours decided to use and well, you can imagine what happened next...

 

[Ink]

We're slightly on a different contract so it's not the Hub (as such) as advertised on the TV, but we still have the protection such as the firewall, access control with time scheduling, content screening, MAC filtering, attack alerts with email notifications, private network, NAT and address allocation and some other features such as VoIP, WiFi AND all that other good stuff.

 

[Plexx]

We're slightly on a different contract so it's not the Hub (as such) as advertised on the TV, but we still have the protection such as the firewall, access control with time scheduling, content screening, MAC filtering, attack alerts with email notifications, private network, NAT and address allocation and some other features such as VoIP, WiFi AND all that other good stuff.

Got room for 3 more? only 2 adults and a nearly 3 year old that knows how to navigate through youtube.

 

[ranget]

How many systems you got connected to your internet?

only one computer

also i tried looking for firmware replacement but i found non
anyway it seem it's time for a new router or time to get offline