Someone hacked my netgear router

neo468
Topic Author
Offline
New Member

18 years 6 months ago #11067 by neo468

Someone hacked my netgear router was created by neo468

How does someone hack into a router? I am using a wireless netgear router at home, I had 2 forward ports to my web server, 80 and 25 and 110. The next day I checked and my router was flashing with all kind of activity. I checked my server and all this traffic was coming in. I logged back into my router and the forward ports had been changed to 1100 something (same ports used by gnuella networks). I just would like to know how someone can hack into a router and reconfigure it. the wireless is turned off. thanks :shock:

RedRanger
Offline
Senior Member
Be Awesome

18 years 6 months ago #11076 by RedRanger

Replied by RedRanger on topic Re: Someone hacked my netgear router

Ah. The old netgear wireless router. I have one at home. Alot of my house is wireless because we are too lazy to run cables . My network is unsecure because I constantly have people coming over and getting on the internet. You most likely didn't turn off all wireless capabilities. You may have denied outside users the right to the internet, but not from accessing your router. I could pull up in front of your house and access your router right now if I wanted to. You must make your router a secure network. Everyone knows the factory default security passwords. Change the username and password up a little and make sure no one can bypass it. I hate netgear, thats why I love using cisco routers in the academy.

Red Ranger

RedRanger

"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."

Be Awesome

DaLight
Offline
Platinum Member

18 years 6 months ago #11078 by DaLight

Replied by DaLight on topic Re: Someone hacked my netgear router

There are a few ways this could have happened:

1. You've noted that the wireless option was turned off. But as RedRanger has noted, you may want confirm this. If the wireless was not disabled, operating without any security such as WEP or WPA could also leave you open. In fact WEP can be easily defeated as can WPA when a pre-shared key is used for authentication rather than a RADIUS server.

2. Secondly, even if your wireless was indeed turned off or fully secured, if your router had any known vulnerabilities, they may have been utilised by attackers (coming in from the internet/WAN side). You can find a list of vulnerabilites for software and firewalls at www.securityfocus.com/ .

3. The software running on the machines which you forwarded ports to may have had vulnerabilities e.g. webserver, email server, etc. Theses machines may have then been compromised and then used to access your router from within your network.

RedRanger
Offline
Senior Member
Be Awesome

18 years 6 months ago #11080 by RedRanger

Replied by RedRanger on topic Re: Someone hacked my netgear router

Word to yo motha.

RedRanger

"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."

Be Awesome

jwj
Offline
Premium Member

18 years 6 months ago #11101 by jwj

Replied by jwj on topic Re: Someone hacked my netgear router

You crack me up, RedRanger... :lol:

-Jeremy-

sahirh
Offline
Platinum Member

18 years 6 months ago #11147 by sahirh

Replied by sahirh on topic Re: Someone hacked my netgear router

Yep sounds like someone wardriving found your default configuration access point and decided to have some fun with it.

Tell me, did you change the SSID from 'linksys'... did you enable WPA, and did you change the password for the web administration.

Cuz even if you did all three -- it's probably not enough hehe

You might wanna run a sniffer and if you see another IP pop up, run around your house with a shotgun looking for someone in a car with a laptop. Oh -- it could be your neighbour too