What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Block all connections from outside US

X

xtaski

New Around Here
Hi everyone, I have the latest stable 380.59 firmware running on an AC3200. I installed Merlin b/c I woke up to find 4 clients from Russia somehow connected on my 2.4Ghz radio... which is impossible because Russia is a few thousand miles away. However, it's obvious someone found an exploit so I installed Merlin.

My question is does anyone know of a way to block all IP addresses outside the US? Has anyone built a utility for this?

Thanks in advance for any help you can provide.
 
How did you determine they were Russian clients?
 
Well... these showed up overnight w/in 48hrs of turning on DDNS. Those internal IP addresses and MAC addresses did not correspond to anything I own that was connected to the network.

lywwnuo41
 
These showed up in my connected clients overnight, within 48hrs of putting my cable modem into bridge mode and turning on DDNS. They do not correspond to any device on my network. There is no one nearby who could have spoofed them either (in the country, no neighbors near).

Screenshot attached.
 

Attachments

  • Screen Shot 2016-05-16 at 8.58.54 AM.png
    Screen Shot 2016-05-16 at 8.58.54 AM.png
    253.2 KB · Views: 370
I think in pre-380.58, if you had the firewall off, the router could be accessed over WAN despite the setting. Did you also make sure to disable WAN access from SSH and network?
 
Russian text does not equal Russian clients, I think?

I would recommend a full a proper reset to factory defaults followed by a minimal and manual configuration to secure your router and connect to your ISP.

http://www.snbforums.com/threads/no...l-and-manual-configuration.27115/#post-205573


I would further suggest you use new router passwords (any and all of them). Including new ssid's and new passwords for these too (and ones that can't be easily guessed either).

Turn off WAN access from ssh as jeff288 suggested and also disable WPS and WDS too.

Finally, make sure you are not giving your main ssid passwords to anyone you do not trust (immediate (adults) family), for the children in household, the guest network password is good enough.
 
You must log in or register to reply here.

Similar threads

A
RT-AX86U - Block all but a specific site from a device?
Replies
2
Views
1K
drinkingbird
drinkingbird
eibgrad
Tutorial How to monitor DNS traffic in real-time
10 11 12
Replies
238
Views
47K
Viktor Jaep
Viktor Jaep
Viktor Jaep
VPNMON [RELEASE] VPNON v1.2 - Script discontinued - please use VPNMON-R2 from here forward...
Replies
10
Views
5K
Viktor Jaep
Viktor Jaep
Shaun4BigBlocks
/29 Block setup with AT&T BGW-210 Gateway
Replies
1
Views
2K
coxhaus
C
J
RT-AC88U wifi traffic throttle problem
Replies
4
Views
2K
jtara
J
Similar threads
Thread starter Title Forum Replies Date
V Does DNS director block port 53 and/or 853 outgoing? Asuswrt-Merlin 3
K Solved "Block internet access" does nothing Asuswrt-Merlin 7
R Addition of Block Internet Access Asuswrt-Merlin 5
K How to block LAN access for a wired device on ASUS Merlin (Firmware 3004.388.8_2)? Asuswrt-Merlin 12
M URL block List Asuswrt-Merlin 5
N IPv6 6RD tunnel block/allow by mac/IP Asuswrt-Merlin 3
elrengo RT-AX88U Pro - Block YouTube on Smart TV Asuswrt-Merlin 13
L "Block internet access" toggle in Client Status GUI doesn't stick Asuswrt-Merlin 3
C Is there any easy solution in Merlin for a VPN server that is hard to block/detect? Asuswrt-Merlin 15
C isp block dns over tls and poison any unencrypted dns resolution Asuswrt-Merlin 14

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 545 (members: 24, guests: 521)
Back
Top