Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Insight

    VPNFilter Malware

    Had not seen that report yet, very nice share!
  2. Insight

    VPNFilter Malware

    It makes me wonder, when did it start, how accurate is the assessment of 500,000 devices and what was the intent? Were we going to wake up one morning and the internet was down due to a DDoS on the DNS root servers? Were they going to hit another nation?
  3. Insight

    VPNFilter Malware

    Wow had no idea that was a thing. Had to look at it and as soon as I saw DNS it clicked. Also agree that the router (firewall) is way better than nothing. I don't think the intent with the VPN malware is for harvesting but DDoS (guessing). Having over 500,000 device pointed at a handful of...
  4. Insight

    Trend Micro Two Way IPS Hits

    Lol, I didn't notice there was a legend. I think all their home use stuff is set to high. Is your device NAT'ed and not facing a publicly accessible IP? Also last nights alerts: https://www.abuseipdb.com/check/209.141.42.3 all three attempts within 3 hours of the previous
  5. Insight

    How often should you power cycle?

    There's a handful of threads on VPNfilter already. While on this topic, would the malware require a reboot? If the persistence stays after a reboot, it makes me think yes. Rebooting a router daily would then stop one possible sign of infection.
  6. Insight

    Trend Micro Two Way IPS Hits

    Hm, saw a lot of noise from 142.0.37.221 last night. Pretty cool feature on these routers, although I wish it had some documentation to go along with it... https://www.abuseipdb.com/check/142.0.37.221
  7. Insight

    Possibly been hacked. Need assistant from senior users.

    Oh don't disagree that is unlikely. But the Asus app would force Asus' DDNS (not third party) and WAN access enabled without any consent. The routers DDNS can be identified here (http://iplookup.asus.com/nslookup.php). Why scan the whole internet if I can get whats needed from one source? The...
  8. Insight

    Possibly been hacked. Need assistant from senior users.

    Agree with this. The only thing to add is that DDNS is not an attack vector but an intel piece. How secure is that web front in that does the name resolution? How well is it protected and how hard is it from someone to get it to spill its guts and get everyone's WAN IP? If an attacker knew the...
  9. Insight

    Possibly been hacked. Need assistant from senior users.

    Why knock when the doors wide open :cool:
  10. Insight

    How often should you power cycle?

    Just keep waiting and rebooting. You'll never know the difference
  11. Insight

    How often should you power cycle?

    Surprise- https://www.bleepingcomputer.com/news/security/the-vpnfilter-botnet-is-attempting-a-comeback/
  12. Insight

    How often should you power cycle?

    Haaaaaaa A reboot isn't gonna save you. This countermeasure is only effective for stopping the known C2 domain after the FBI seized control. The malware is still persistent just cant talk. Roll the bot herder to new domains and you're back the same boat See Brief technical breakdown @...
  13. Insight

    CPU Temperature

    Could make a better title for this? There's already tons of threads about temperature and various solutions for different setups. I can understand why ASUS went with passive cooling. It saves them money, give them less warranty claims, and a silent device is always ideal. But seriously add a...
  14. Insight

    Possibly been hacked. Need assistant from senior users.

    Are you sure you're still not compromised?
  15. Insight

    How often should you power cycle?

    It's unnecessary. Better?
  16. Insight

    Possibly been hacked. Need assistant from senior users.

    If no WAN access to enabled, it doesn't matter which vulnerabilities you have....outside communication can contact the router. The router is not accessible to anyone except lan side clients. DDNS/WAN access open this up for the public internet, not just for your app. So someone on your LAN side...
  17. Insight

    How often should you power cycle?

    Came here to say this. Rebooting should only be needed for security patching. Having an up time over 90 days,180 days, 2 years, etc is asking to be compromised. Rebooting daily is a waste or says to me something is unstable.
  18. Insight

    Possibly been hacked. Need assistant from senior users.

    I think the first comment regarding WAN access is highly to be incorrect. If WAN access is indeed disabled, meaning the app did not open up access without people knowing- whats the attack vector? A local client was popped and then they wanted router VPN tunneling too? I think we'd see this more...
  19. Insight

    Asus Router app and "unintentional" activation of remote access to router

    Yikes. That's likely coming from someone who doesn't understand the risk. Glad you sent them notice on it though.... Wait what, is doesn't work from LAN? Mine works fine on LAN and I did get a prompt to enable remote access.... Android ver 1.0.0.3.32 Turn off the DDNS and WAN access and...
  20. Insight

    Possibly been hacked. Need assistant from senior users.

    Glad to hear. My time frame was >6 weeks ago.
Top