Ignoramus9959 wrote:
> On 2008-07-28, larrys707 wrote:
>
>> Ignoramus9959 wrote:
>>
>>> How have you isolated the problem pointint it to the router?
>>>
>> We had a power glitch about a week ago that wiped the router settings
>> and went to default, leaving my wireless access point wide open. I use
>> Windows for some things, and have 2 totally separate Ubuntu Hardy
>> installations on two different drives.
>>
>
> So, the router was left wide open, and that possibly opened access to
> from the Internet to the servers that were inside, and they got hacked
> and were used for spamming. Is that Right?
>
That seems to be what happened. I have it partially locked down again,
but she is off to class so I can't get her MAC put back in or change the
router base from 1.101 to 8.101 as I had it. I don't run any servers
since her machine and mine are isolated (my choice), and I turn
everything but the router off when I am not using the computer. Spinning
1.75 TB all the time is kind of power hungry.
> Or, are you saying that wireless settings were made wide open and your
> neighbors could connect?
>
> Cound it be that your neighbors were spamming?
>
The only neighbor with half a clue is my 16 year old grandson and he
tried with his Play station so I locked him out a long time ago. The
other neighbors are clueless red necks, since I gave up on living in
Silicon valley years ago.
>
>>> Are you
>>> sure that it is your router that is spamming? This sounds somewhat
>>> improbable, so some clarification would be warranted.
>>>
>>> What is your home network topology, and where could spam possibly
>>> originate?
>>>
>>> Do you have any windows computers on the network?
>>>
>>>
>> The router is set up as the gateway to the Internet DSl, and my computer
>> is the 'Admin' on port 1 of the 10/100 Ethernet, with my daughter's XP
>> laptop on the 802.11G (locked mode). She is totally a win-droid, to
>> quote some one else, but I use a variety of systems, from DOS, to Sun,
>> Suse, Ubuntu, and, yes, XP, but never IE or Outlook.
>> Normally I have it set to channel 11, not the default, use WPA-TKIP,
>> lock it to her MAC address, and every other possible precaution,
>> including no DMZ or gaming holes to exploit. The computer is off when
>> not in use, since I am actually trying to conserve energy, so when the
>> router wireless is blinking I just assume it is her doing school work
>> for her two degrees, English and Psych, but nothing technical. I doubt
>> that I could have my Windows XP infected since I have levels of
>> protection, including a server type 3COM 3CR990 Ethernet card, and
>> Zonealarm, AVG, Avira, Adaware, and Spybot S&D. I also changed the
>> router default from 1.101 etc. to 8.101 as the base, so that normally
>> would be pretty hard for someone to guess. The next step might be to
>> enable port forwarding to Comcast and to tell them to *only* allow those
>> 2 to be recognized, but that could, maybe, kill some of my bit torrent
>> downloads for program updates or new distributions.
>> That leaves me wondering if SHE did get infected on her laptop???, or if
>> there is someone in my hick town that actually knows how to 'war-drive',
>> since I live in mostly red neck territory.
>>
>
> Could be anything, but you can find out with some persistence. If your
> router has some advanced settings, you can block ports by IP.
I do and did until the power glitch. I only allow her IP and MAC
address, unless the router resets and doesn't tell me.
>
>
>
>> The last, and only infection I ever got was ten years ago when somebody
>> found a port 445 hole in my windows NT.
>> I hate windows, but the truth is I have to have it for work projects for
>> my clients now that I don't work a 40 week as a captive employee any more.
>> Even Comcast legal can't tell me what happened, except that they sent me
>> an email that I never got and blocked me as a spammer.
>> The reason the router reset got by me is that both her system and mine
>> just looked for the router and went back to default without giving me a
>> flag of any kind.
>> Kind of a bum deal.
>> Bill Baka
>>
>
> Sounds bad. I would try to isolate who is spamming.
I do, hence my war on porn spamming the group, that started so much
****. The router has an in/out log I examine from time to time, but the
reset default is no log, and Comcast legal could not even tell me what
incident caused them to block me.
>
>
> i
>
>
>>> i
>>>
>>> On 2008-07-28, larrys707 wrote:
>>>
>>>
>>>> This is a semi-Ubuntu question concerning Linksys routers. Comcast
>>>> killed my port 25 outgoing e-mail claiming I was spamming and I have a
>>>> WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
>>>> compromised like this? It was in 'open' unprotected mode for a while
>>>> after a power glitch last week and apparently a war driver got into it
>>>> before I found out. The wireless 802.11G is for my daughter's college
>>>> work on her laptop and I haven't been able to catch her to get her MAC
>>>> again, and lock out all others.
>>>> The question is mainly if anyone has used the GL and or DD-WRT and how
>>>> straightforward it is to work with.
>>>> Dan C need not answer this, since it is not play time for me right now.
>>>> There is the possibility that someone could have spoofed my email but
>>>> that seems a bit more unlikely.
>>>> Moog? Anyone?
>>>> Bill Baka
>>>>
>>>> After a really pissy hour on the phone to Comcast legal.
>>>>
>>>>
>>>
>>>
>
>
Sigh.
Bill Baka