Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Someone hacked my netgear router

Someone hacked my netgear router 11 years 1 month ago #11067

  • neo468
  • neo468's Avatar
  • Offline
  • New Member
  • Posts: 9
  • Karma: 0
How does someone hack into a router? I am using a wireless netgear router at home, I had 2 forward ports to my web server, 80 and 25 and 110. The next day I checked and my router was flashing with all kind of activity. I checked my server and all this traffic was coming in. I logged back into my router and the forward ports had been changed to 1100 something (same ports used by gnuella networks). I just would like to know how someone can hack into a router and reconfigure it. the wireless is turned off. thanks :shock:
The administrator has disabled public write access.

Re: Someone hacked my netgear router 11 years 1 month ago #11076

  • RedRanger
  • RedRanger's Avatar
  • Offline
  • Distinguished Member
  • Be Awesome
  • Posts: 136
  • Karma: 0
Ah. The old netgear wireless router. I have one at home. Alot of my house is wireless because we are too lazy to run cables :D . My network is unsecure because I constantly have people coming over and getting on the internet. You most likely didn't turn off all wireless capabilities. You may have denied outside users the right to the internet, but not from accessing your router. I could pull up in front of your house and access your router right now if I wanted to. You must make your router a secure network. Everyone knows the factory default security passwords. Change the username and password up a little and make sure no one can bypass it. I hate netgear, thats why I love using cisco routers in the academy.

Red Ranger
RedRanger

"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."

Be Awesome
The administrator has disabled public write access.

Re: Someone hacked my netgear router 11 years 1 month ago #11078

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
There are a few ways this could have happened:

1. You've noted that the wireless option was turned off. But as RedRanger has noted, you may want confirm this. If the wireless was not disabled, operating without any security such as WEP or WPA could also leave you open. In fact WEP can be easily defeated as can WPA when a pre-shared key is used for authentication rather than a RADIUS server.

2. Secondly, even if your wireless was indeed turned off or fully secured, if your router had any known vulnerabilities, they may have been utilised by attackers (coming in from the internet/WAN side). You can find a list of vulnerabilites for software and firewalls at http://www.securityfocus.com/.

3. The software running on the machines which you forwarded ports to may have had vulnerabilities e.g. webserver, email server, etc. Theses machines may have then been compromised and then used to access your router from within your network.
The administrator has disabled public write access.

Re: Someone hacked my netgear router 11 years 1 month ago #11080

  • RedRanger
  • RedRanger's Avatar
  • Offline
  • Distinguished Member
  • Be Awesome
  • Posts: 136
  • Karma: 0
Word to yo motha.
RedRanger

"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."

Be Awesome
The administrator has disabled public write access.

Re: Someone hacked my netgear router 11 years 1 month ago #11101

  • jwj
  • jwj's Avatar
  • Offline
  • Senior Member
  • Posts: 350
  • Karma: 0
You crack me up, RedRanger... :lol:
-Jeremy-
The administrator has disabled public write access.

Re: Someone hacked my netgear router 11 years 1 month ago #11147

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Yep sounds like someone wardriving found your default configuration access point and decided to have some fun with it.

Tell me, did you change the SSID from 'linksys'... did you enable WPA, and did you change the password for the web administration.

Cuz even if you did all three -- it's probably not enough hehe ;)

You might wanna run a sniffer and if you see another IP pop up, run around your house with a shotgun looking for someone in a car with a laptop. Oh -- it could be your neighbour too :)

Cheers,
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
Time to create page: 0.090 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup