Home |
Search |
Today's Posts |
|
UK diy (uk.d-i-y) For the discussion of all topics related to diy (do-it-yourself) in the UK. All levels of experience and proficency are welcome to join in to ask questions or offer solutions. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#1
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
A friend could not access the inet but could get emails. Whenever he
tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? |
#2
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On Fri, 06 Jun 2014 20:17:37 +0100, Lawrence
wrote: Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? There was an article out yesterday that said nearly all routers are very easy to get into. Bugs in the firmware, to using exploits to crash and cause a reboot to access the details. Get the PSW and come back at leisure to do what you will. |
#3
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On 06/06/14 20:17, Lawrence wrote:
A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside yes or could a virus in a networked machine gain access to a router to reconfigure it? yes -- Ineptocracy (in-ep-toc-ra-cy) €“ a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers. |
#4
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On 06/06/2014 20:17, Lawrence wrote:
A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? Yup, there are millions of vulnerable (typically linux based[1]) routers out there that never (or rarely) get patched, and are wide open to attack. DNS hijack attacks are one of the easiest ways of using them to attack networks. https://www.schneier.com/blog/archiv...y_risks_9.html http://www.pcworld.com/article/20985...uter-worm.html http://securityevaluators.com/knowle...uter_hacks.php http://news.techworld.com/security/3...k-study-finds/ [1] Keep this in mind everytime you see some muppet spout about how its only windows that gets exploited! -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#5
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On 06/06/14 21:07, EricP wrote:
On Fri, 06 Jun 2014 20:17:37 +0100, Lawrence wrote: Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? There was an article out yesterday that said nearly all routers are very easy to get into. Bugs in the firmware, to using exploits to crash and cause a reboot to access the details. Get the PSW and come back at leisure to do what you will. And noone patches their routers... |
#6
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
"Lawrence" wrote in message et... A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside Yes, you can with some routers. or could a virus in a networked machine gain access to a router to reconfigure it? In theory, but that's less easy because not all the routers reconfigure the same way. Or even large numbers of them the same way. Its much more likely that router just had a massive brain fade and the factory reset fixed that. |
#7
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
Tim Watts wrote
EricP wrote Lawrence wrote Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? There was an article out yesterday that said nearly all routers are very easy to get into. Bugs in the firmware, to using exploits to crash and cause a reboot to access the details. Get the PSW and come back at leisure to do what you will. And noone patches their routers... I do if its known to have that sort of problem. |
#8
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
Rod Speed wrote:
"Lawrence" wrote in message et... A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside Yes, you can with some routers. or could a virus in a networked machine gain access to a router to reconfigure it? In theory, but that's less easy because not all the routers reconfigure the same way. Or even large numbers of them the same way. Its much more likely that router just had a massive brain fade and the factory reset fixed that. Or maybe the ISP decided to update the router firmware? |
#9
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
In message , John
Rumm writes On 06/06/2014 20:17, Lawrence wrote: A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? Yup, there are millions of vulnerable (typically linux based[1]) routers out there that never (or rarely) get patched, and are wide open to attack. DNS hijack attacks are one of the easiest ways of using them to attack networks. https://www.schneier.com/blog/archiv...y_risks_9.html http://www.pcworld.com/article/20985...r-vulnerabilit y-targeted-by-linksys-router-worm.html http://securityevaluators.com/knowle...rs/soho_router _hacks.php http://news.techworld.com/security/3...me-wireless-ro uters-wide-open-to-attack-study-finds/ [1] Keep this in mind everytime you see some muppet spout about how its only windows that gets exploited! Anything suspicious about that 4th. url? While I was reading something downloaded to the hard drive and temporarily overrode Firefox. Nervous user! -- Tim Lamb |
#10
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
Capitol wrote
Rod Speed wrote Lawrence wrote A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside Yes, you can with some routers. or could a virus in a networked machine gain access to a router to reconfigure it? In theory, but that's less easy because not all the routers reconfigure the same way. Or even large numbers of them the same way. Its much more likely that router just had a massive brain fade and the factory reset fixed that. Or maybe the ISP decided to update the router firmware? I wouldn't expect to get the result he got if the ISP had done that. |
#11
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
My modem, which is a router with the router turned off suggests you do not
allow the remote option in the menu unless you are asked to by the isp tech troubleshooting the problems. Brian -- From the Sofa of Brian Gaff Reply address is active "EricP" wrote in message ... On Fri, 06 Jun 2014 20:17:37 +0100, Lawrence wrote: Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? There was an article out yesterday that said nearly all routers are very easy to get into. Bugs in the firmware, to using exploits to crash and cause a reboot to access the details. Get the PSW and come back at leisure to do what you will. |
#12
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On 07/06/2014 10:01, Tim Lamb wrote:
In message , John Rumm writes On 06/06/2014 20:17, Lawrence wrote: A friend could not access the inet but could get emails. Whenever he tried a search engine, Google or Yahoo, he was told Internet Explorer was out of date and needed upgrading. Needless to say he didn't click on the link offered. He asked me to check his machines out because he thought he must have a virus despite running all manner of checkers. I checked all his machines out and they all showed the same problems. I logged an android tablet on to his network and this too had exactly the same message. I concluded that there was a DNS problem but the router (TP link) wouldn't let me in. Windows showed a DNS address like nothing I'd ever seen. I did a factory reset. I got in and set it up again. All is now well. Now the question. Can someone get into a router from outside or could a virus in a networked machine gain access to a router to reconfigure it? Yup, there are millions of vulnerable (typically linux based[1]) routers out there that never (or rarely) get patched, and are wide open to attack. DNS hijack attacks are one of the easiest ways of using them to attack networks. https://www.schneier.com/blog/archiv...y_risks_9.html http://www.pcworld.com/article/20985...r-vulnerabilit y-targeted-by-linksys-router-worm.html http://securityevaluators.com/knowle...rs/soho_router _hacks.php http://news.techworld.com/security/3...me-wireless-ro uters-wide-open-to-attack-study-finds/ [1] Keep this in mind everytime you see some muppet spout about how its only windows that gets exploited! Anything suspicious about that 4th. url? Not that I was aware of (although I run adblock - so that does prevent some ad based compromises) While I was reading something downloaded to the hard drive and temporarily overrode Firefox. Overrode in what sense? -- Cheers, John. /================================================== ===============\ | Internode Ltd - http://www.internode.co.uk | |-----------------------------------------------------------------| | John Rumm - john(at)internode(dot)co(dot)uk | \================================================= ================/ |
#13
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
In message , John
Rumm writes Anything suspicious about that 4th. url? Not that I was aware of (although I run adblock - so that does prevent some ad based compromises) While I was reading something downloaded to the hard drive and temporarily overrode Firefox. Overrode in what sense? Screen went blank for a few seconds while something went in or out of the hard drive. -- Tim Lamb |
#14
Posted to uk.d-i-y
|
|||
|
|||
DNSProblem
On 06/06/2014 23:42, Tim Watts wrote:
And noone patches their routers... I do! -- Rod |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|