Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. E

    Was my router's username and password hacked?

    Bug or was it consciously altered?
  2. E

    Was my router's username and password hacked?

    I'll create the collection now...
  3. E

    Was my router's username and password hacked?

    Yep... and it's open :-( Port Status Protocol and Application 16161 OPEN! Unknown Protocol for this port Unknown Application for this port
  4. E

    Was my router's username and password hacked?

    Yep, noticed that one also. Not a Linux guy though...can't find the location through SSH
  5. E

    Was my router's username and password hacked?

    I know how to resolve it, thanks though. I want to keep the router as-is for now...It might help in assessing the exploit/vulnerability/infection. Will refrain from online banking now, though... Have done a thorough check of devices in the LAN, nothing came up so far...
  6. E

    Was my router's username and password hacked?

    Of course I've read the disclaimers. So? Does that mean he could care less about it? I know he doesn't. And about the amateur thing, I guess most of the guys hanging around are in IT. Asus has been notified in their 'Official forum'. Although I think with the support the devs are getting they...
  7. E

    Was my router's username and password hacked?

    /jffs/configs$ ps w | grep dropbear 10849 adminXXX 1136 S dropbear -p 192.168.1.1:22 -a -j -k 10894 adminXXX 1380 D grep dropbear 27387 adminXXX 1068 S dropbear -p 192.168.1.1:22 -a -j -k 27410 adminXXX 1136 S dropbear -p 192.168.1.1:22 -a -j -k 28252 adminXXX 460 S...
  8. E

    Was my router's username and password hacked?

    Before Jan 4 everything was switched off (everything to the WAN was already off, only web access had been enabled before Jan 4)
  9. E

    Was my router's username and password hacked?

    The board doesn't allow code to be posted :) Full log: http://pastebin.com/FvrJZzxw @Wutikorn
  10. E

    Was my router's username and password hacked?

    Yes, WAN webaccess. They paid a visit again last night, three times from different IP's. All outside access was now off... No SSH/Telnet/Web access/AiCloud off/uPnP off... Jan 4 04:10:33 dropbear[18525]: Password auth succeeded for 'adminxxxxxx' from 46.43.113.225:42479 Jan 4 04:17:21...
  11. E

    Was my router's username and password hacked?

    They could have purged the logs as well when inside. But why wouldn't they have purged them fully. I think this is not directly related to the reported entries...
  12. E

    Was my router's username and password hacked?

    I did not even have SSH or Telnet enabled. Not even on LAN side (!). And do not disregard the multiple reports saying 'you should have traces and logs'. I have logs, but I use the router as an 'enabler' and not as a toy and do not run traces to whomever just for fun. And if only asking the...
  13. E

    Unexplained 'hacks' into Asus routers

    Also see for details and discussion: http://www.snbforums.com/threads/was-my-routers-username-and-password-hacked.36602/page-3 Number of independent users reporting identical hacks: 4 Issue: Unexplained access to Asus routers, AC68/AC87 Traces: SSH ports changed from 22 to 2222, log entries on...
  14. E

    Was my router's username and password hacked?

    Why? The problem is here. It's real. Question here is: Are the Merlin changes the catalyst for the hacks or not. And you're waiting for non-Merlin users to provide you with an answer to that... I think Merlin should do some code analysis/investigations together with Asus. If it turns out to be...
  15. E

    Was my router's username and password hacked?

    Nice :-( Haven't got logs from earlier this year (that's what happens when you go along with new firmwares) Where would one search for other traces? My RT-AC68U has Merlin's 380.64 running. Hardware revision A1/A2 (board revision is 0x1100, hardware version 170) Processor : ARMv7...
  16. E

    Was my router's username and password hacked?

    From an overall security perspective that is a sound advice. Something like "don't have a door in your house: Burglars might come through". Something is bothering me about this: the absence of any failed login attemtps on the 'door'. In all cases the password was 'guessed' right in one go. And...
  17. E

    Was my router's username and password hacked?

    So you're the one here to address then... :D
  18. E

    Was my router's username and password hacked?

    Has someone already reported this issue to Asus?
  19. E

    Was my router's username and password hacked?

    No, all shown logins are accounted for. Although they could have altered the logs as well. Update: First 'entry' was on Dec 31, same time, 03.00 at night. Second on Jan 1. Earlier in December the router had apparently suffered some crashes with below latest error/reboot log. No idea if it is...
  20. E

    Was my router's username and password hacked?

    I did not have SSH enabled at all and still they could connect and change port to 2222...So WTF is happening here?
Top