Router being hacked

[Roland0]

so ? ? ?

 

[Zarf]

Does he have unencrypted powerline connectors in his house? That's the only way I can think someone might be able to gain access when he disabled the wireless (apart from if he managed to infect one of the pc's with a clever piece of malware to brute force the router password and re-enable wireless, which seems a bit beyond the usual script kiddie level)

Can always block the wifi signal manually too, remove the antenna and wrap the router up in aluminium-foil.

 

[mothermachine]

i'm subscribing to this. v interesting! hope he gets it sorted and finds out what was going on.

 

[dfour]

me to. He must be being key logged soemewhere for the hacker to be able to get access so easily. How about turnign wireless off, changing passwords and then physically disconnecting his pc from the router and see if it still happens.

 

[stockhausen]

Most modern ADSL Modem / Routers in my experience have an activity log (usually turned off by default); have you had a look at this?

You sometimes have to telnet into the router and use a CLI to access the log but you may find something of interest in it.


Interesting thread though . . .

 

[JamesTuc]

I would disconnect all pc's, unlpug the router completely and then connect only the power. Then use a clean laptop to plug into the ethernet, switch off wireless and set a new pw. Connect the router to the net and leave wireless off and disconnect all pc's. Leave it for a day or so and see if the router has been changed.

Then try the same thing but have his pc connected and the internet unplugged.

You should be able to find out whether it's malware, a remote attack or a wireless attack by doing this.