Security issue!

mato

mato

mato

Associate
Joined
25 Jun 2011
Posts
140
Location
Herts, UK
Hi all - we noticed this morning that the iPad was redirecting to ad sites no matter what site you visited.

After much messing around with the iPad and testing with other devices, I discovered that the DNS settings in my MODEM had changed...and I did not change them.

The DNS is normally set to "Use Auto Discovered DNS Server Only" which defaults to Sky, but when I checked, it was set to "Use User Discovered DNS Server Only" with the following IP:

188.166.150.116

So anyhow, I changed it back, and it defaulted to the Sky DNS address. All was ok and resolved for about 10 mins and then it changed back (!).

I have now disconnected & reconnected the modem to get a new IP, removed all inbound access rules and changed the admin password. All has been OK for the last 10 mins since i've done this.

I'm wondering if this was a problem with the Auto Discover feature or a security breach. I've never had something like this happen before...if the problem re-occurs, what options do I have, flash the modem and start from scratch??
 
What modem is this?

Checked to see if DDNS is set up in it? If it is, then that means a hostname is linked to your router, no matter what your IP is.

Tried manually setting the DNS to 8.8.8.8 (Google's DNS) and see if it sticks to that?
 
Yes I also turned off DDNS along with the rest of the stuff I disabled below.

It seems to be stable on the Auto Discover feature now, has been up for about 45mins and hasn't changed.
 
Yes remote access was switched on port 8080

Whilst the admin password was non-default, in hindsight it was weak.
 
Better off keeping remote access disabled and instead set up a VPN.

As always, use a strong password.
 
You must log in or register to reply here.
Back
Top Bottom