Router hacked. - Ubuntu

This is a discussion on Router hacked. - Ubuntu ; This is a semi-Ubuntu question concerning Linksys routers. Comcast killed my port 25 outgoing e-mail claiming I was spamming and I have a WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless compromised like this? It ...

+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast
Results 1 to 20 of 68

Thread: Router hacked.

  1. Router hacked.

    This is a semi-Ubuntu question concerning Linksys routers. Comcast
    killed my port 25 outgoing e-mail claiming I was spamming and I have a
    WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    compromised like this? It was in 'open' unprotected mode for a while
    after a power glitch last week and apparently a war driver got into it
    before I found out. The wireless 802.11G is for my daughter's college
    work on her laptop and I haven't been able to catch her to get her MAC
    again, and lock out all others.
    The question is mainly if anyone has used the GL and or DD-WRT and how
    straightforward it is to work with.
    Dan C need not answer this, since it is not play time for me right now.
    There is the possibility that someone could have spoofed my email but
    that seems a bit more unlikely.
    Moog? Anyone?
    Bill Baka

    After a really pissy hour on the phone to Comcast legal.

  2. Re: Router hacked.

    How have you isolated the problem pointint it to the router? Are you
    sure that it is your router that is spamming? This sounds somewhat
    improbable, so some clarification would be warranted.

    What is your home network topology, and where could spam possibly
    originate?

    Do you have any windows computers on the network?

    i

    On 2008-07-28, larrys707 wrote:
    > This is a semi-Ubuntu question concerning Linksys routers. Comcast
    > killed my port 25 outgoing e-mail claiming I was spamming and I have a
    > WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    > compromised like this? It was in 'open' unprotected mode for a while
    > after a power glitch last week and apparently a war driver got into it
    > before I found out. The wireless 802.11G is for my daughter's college
    > work on her laptop and I haven't been able to catch her to get her MAC
    > again, and lock out all others.
    > The question is mainly if anyone has used the GL and or DD-WRT and how
    > straightforward it is to work with.
    > Dan C need not answer this, since it is not play time for me right now.
    > There is the possibility that someone could have spoofed my email but
    > that seems a bit more unlikely.
    > Moog? Anyone?
    > Bill Baka
    >
    > After a really pissy hour on the phone to Comcast legal.


    --
    Due to extreme spam originating from Google Groups, and their inattention
    to spammers, I and many others block all articles originating
    from Google Groups. If you want your postings to be seen by
    more readers you will need to find a different means of
    posting on Usenet.
    http://improve-usenet.org/

  3. Re: Router hacked.

    Ignoramus9959 wrote:
    > How have you isolated the problem pointint it to the router?

    We had a power glitch about a week ago that wiped the router settings
    and went to default, leaving my wireless access point wide open. I use
    Windows for some things, and have 2 totally separate Ubuntu Hardy
    installations on two different drives.
    > Are you
    > sure that it is your router that is spamming? This sounds somewhat
    > improbable, so some clarification would be warranted.
    >
    > What is your home network topology, and where could spam possibly
    > originate?
    >
    > Do you have any windows computers on the network?
    >

    The router is set up as the gateway to the Internet DSl, and my computer
    is the 'Admin' on port 1 of the 10/100 Ethernet, with my daughter's XP
    laptop on the 802.11G (locked mode). She is totally a win-droid, to
    quote some one else, but I use a variety of systems, from DOS, to Sun,
    Suse, Ubuntu, and, yes, XP, but never IE or Outlook.
    Normally I have it set to channel 11, not the default, use WPA-TKIP,
    lock it to her MAC address, and every other possible precaution,
    including no DMZ or gaming holes to exploit. The computer is off when
    not in use, since I am actually trying to conserve energy, so when the
    router wireless is blinking I just assume it is her doing school work
    for her two degrees, English and Psych, but nothing technical. I doubt
    that I could have my Windows XP infected since I have levels of
    protection, including a server type 3COM 3CR990 Ethernet card, and
    Zonealarm, AVG, Avira, Adaware, and Spybot S&D. I also changed the
    router default from 1.101 etc. to 8.101 as the base, so that normally
    would be pretty hard for someone to guess. The next step might be to
    enable port forwarding to Comcast and to tell them to *only* allow those
    2 to be recognized, but that could, maybe, kill some of my bit torrent
    downloads for program updates or new distributions.
    That leaves me wondering if SHE did get infected on her laptop???, or if
    there is someone in my hick town that actually knows how to 'war-drive',
    since I live in mostly red neck territory.
    The last, and only infection I ever got was ten years ago when somebody
    found a port 445 hole in my windows NT.
    I hate windows, but the truth is I have to have it for work projects for
    my clients now that I don't work a 40 week as a captive employee any more.
    Even Comcast legal can't tell me what happened, except that they sent me
    an email that I never got and blocked me as a spammer.
    The reason the router reset got by me is that both her system and mine
    just looked for the router and went back to default without giving me a
    flag of any kind.
    Kind of a bum deal.
    Bill Baka
    > i
    >
    > On 2008-07-28, larrys707 wrote:
    >
    >> This is a semi-Ubuntu question concerning Linksys routers. Comcast
    >> killed my port 25 outgoing e-mail claiming I was spamming and I have a
    >> WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    >> compromised like this? It was in 'open' unprotected mode for a while
    >> after a power glitch last week and apparently a war driver got into it
    >> before I found out. The wireless 802.11G is for my daughter's college
    >> work on her laptop and I haven't been able to catch her to get her MAC
    >> again, and lock out all others.
    >> The question is mainly if anyone has used the GL and or DD-WRT and how
    >> straightforward it is to work with.
    >> Dan C need not answer this, since it is not play time for me right now.
    >> There is the possibility that someone could have spoofed my email but
    >> that seems a bit more unlikely.
    >> Moog? Anyone?
    >> Bill Baka
    >>
    >> After a really pissy hour on the phone to Comcast legal.
    >>

    >
    >


  4. Re: Router hacked.

    On 2008-07-28, larrys707 wrote:
    > This is a semi-Ubuntu question concerning Linksys routers. Comcast
    > killed my port 25 outgoing e-mail claiming I was spamming and I have a
    > WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    > compromised like this? It was in 'open' unprotected mode for a while
    > after a power glitch last week and apparently a war driver got into it
    > before I found out. The wireless 802.11G is for my daughter's college
    > work on her laptop and I haven't been able to catch her to get her MAC
    > again, and lock out all others.
    > The question is mainly if anyone has used the GL and or DD-WRT and how
    > straightforward it is to work with.
    > Dan C need not answer this, since it is not play time for me right now.
    > There is the possibility that someone could have spoofed my email but
    > that seems a bit more unlikely.
    > Moog? Anyone?
    > Bill Baka
    >
    > After a really pissy hour on the phone to Comcast legal.


    Are you running a mail server on any machine? Sendmail or some other
    such software? Perhaps you have a win machine with a bot installed
    accidentally?

    Your router cannot send spam. Your router has not been compromised.
    You simply need to close port 25, if you are not using it for a Mail
    agent. If you are, you need to secure the agent. If whichever
    software you are using is allowing an open relay, you will transmit
    spam.


    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  5. Re: Router hacked.

    On Mon, 28 Jul 2008 11:39:33 -0700, larrys707 wrote:

    > Dan C need not answer this, since it is not play time for me right now


    Hahahahah why not just paint a bulls-eye on your forehead?
    --
    #1 Offishul Ruiner of Usenet, March 2007
    #1 Usenet Asshole, March 2007
    #10 Most hated Usenetizen of all time
    Pierre Salinger Memorial Hook, Line & Sinker, June 2004
    Pierre Salinger Memorial Hook, Line & Sinker, May 2008
    COOSN-266-06-25794



  6. Re: Router hacked.

    On 2008-07-28, larrys707 wrote:
    > Ignoramus9959 wrote:
    >> How have you isolated the problem pointint it to the router?

    > We had a power glitch about a week ago that wiped the router settings
    > and went to default, leaving my wireless access point wide open. I use
    > Windows for some things, and have 2 totally separate Ubuntu Hardy
    > installations on two different drives.


    So, the router was left wide open, and that possibly opened access to
    from the Internet to the servers that were inside, and they got hacked
    and were used for spamming. Is that Right?

    Or, are you saying that wireless settings were made wide open and your
    neighbors could connect?

    Cound it be that your neighbors were spamming?

    >> Are you
    >> sure that it is your router that is spamming? This sounds somewhat
    >> improbable, so some clarification would be warranted.
    >>
    >> What is your home network topology, and where could spam possibly
    >> originate?
    >>
    >> Do you have any windows computers on the network?
    >>

    > The router is set up as the gateway to the Internet DSl, and my computer
    > is the 'Admin' on port 1 of the 10/100 Ethernet, with my daughter's XP
    > laptop on the 802.11G (locked mode). She is totally a win-droid, to
    > quote some one else, but I use a variety of systems, from DOS, to Sun,
    > Suse, Ubuntu, and, yes, XP, but never IE or Outlook.
    > Normally I have it set to channel 11, not the default, use WPA-TKIP,
    > lock it to her MAC address, and every other possible precaution,
    > including no DMZ or gaming holes to exploit. The computer is off when
    > not in use, since I am actually trying to conserve energy, so when the
    > router wireless is blinking I just assume it is her doing school work
    > for her two degrees, English and Psych, but nothing technical. I doubt
    > that I could have my Windows XP infected since I have levels of
    > protection, including a server type 3COM 3CR990 Ethernet card, and
    > Zonealarm, AVG, Avira, Adaware, and Spybot S&D. I also changed the
    > router default from 1.101 etc. to 8.101 as the base, so that normally
    > would be pretty hard for someone to guess. The next step might be to
    > enable port forwarding to Comcast and to tell them to *only* allow those
    > 2 to be recognized, but that could, maybe, kill some of my bit torrent
    > downloads for program updates or new distributions.
    > That leaves me wondering if SHE did get infected on her laptop???, or if
    > there is someone in my hick town that actually knows how to 'war-drive',
    > since I live in mostly red neck territory.


    Could be anything, but you can find out with some persistence. If your
    router has some advanced settings, you can block ports by IP.

    > The last, and only infection I ever got was ten years ago when somebody
    > found a port 445 hole in my windows NT.
    > I hate windows, but the truth is I have to have it for work projects for
    > my clients now that I don't work a 40 week as a captive employee any more.
    > Even Comcast legal can't tell me what happened, except that they sent me
    > an email that I never got and blocked me as a spammer.
    > The reason the router reset got by me is that both her system and mine
    > just looked for the router and went back to default without giving me a
    > flag of any kind.
    > Kind of a bum deal.
    > Bill Baka


    Sounds bad. I would try to isolate who is spamming.

    i

    >> i
    >>
    >> On 2008-07-28, larrys707 wrote:
    >>
    >>> This is a semi-Ubuntu question concerning Linksys routers. Comcast
    >>> killed my port 25 outgoing e-mail claiming I was spamming and I have a
    >>> WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    >>> compromised like this? It was in 'open' unprotected mode for a while
    >>> after a power glitch last week and apparently a war driver got into it
    >>> before I found out. The wireless 802.11G is for my daughter's college
    >>> work on her laptop and I haven't been able to catch her to get her MAC
    >>> again, and lock out all others.
    >>> The question is mainly if anyone has used the GL and or DD-WRT and how
    >>> straightforward it is to work with.
    >>> Dan C need not answer this, since it is not play time for me right now.
    >>> There is the possibility that someone could have spoofed my email but
    >>> that seems a bit more unlikely.
    >>> Moog? Anyone?
    >>> Bill Baka
    >>>
    >>> After a really pissy hour on the phone to Comcast legal.
    >>>

    >>
    >>


    --
    Due to extreme spam originating from Google Groups, and their inattention
    to spammers, I and many others block all articles originating
    from Google Groups. If you want your postings to be seen by
    more readers you will need to find a different means of
    posting on Usenet.
    http://improve-usenet.org/

  7. Re: Router hacked.

    Joe wrote:
    > On 2008-07-28, larrys707 wrote:
    >
    >> This is a semi-Ubuntu question concerning Linksys routers. Comcast
    >> killed my port 25 outgoing e-mail claiming I was spamming and I have a
    >> WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    >> compromised like this? It was in 'open' unprotected mode for a while
    >> after a power glitch last week and apparently a war driver got into it
    >> before I found out. The wireless 802.11G is for my daughter's college
    >> work on her laptop and I haven't been able to catch her to get her MAC
    >> again, and lock out all others.
    >> The question is mainly if anyone has used the GL and or DD-WRT and how
    >> straightforward it is to work with.
    >> Dan C need not answer this, since it is not play time for me right now.
    >> There is the possibility that someone could have spoofed my email but
    >> that seems a bit more unlikely.
    >> Moog? Anyone?
    >> Bill Baka
    >>
    >> After a really pissy hour on the phone to Comcast legal.
    >>

    >
    > Are you running a mail server on any machine? Sendmail or some other
    > such software? Perhaps you have a win machine with a bot installed
    > accidentally?
    >

    No server here since I turn off my machine when not in use and my
    daughter's laptop is a battery eater. My win, when I am in it, has so
    many protection programs that they are a maintenance problem on their
    own, but my daughter insists on remaining ignorant of that stuff and
    stubbornly refuses to use anything but XP, IE, and Outlook, with very
    little protection. I snuck in Adaware and Spybot, and put AVG on over
    her complaints so it is at least a possibility that her computer was the
    source of the problem.
    > Your router cannot send spam.

    That much I know.
    > Your router has not been compromised.

    I didn't say that. It was wide open for a few days and someone could
    have hooked into my wireless from down the street and it would show up
    as my IP address to Comcast.
    >
    > You simply need to close port 25, if you are not using it for a Mail
    > agent.

    So far, I have been, but may turn paranoid and switch to port 587, as
    Comcast wanted, but then I would have to mess with her computer and she
    uses port 25 sometimes at a hot spot at Cal-State, causing me more home
    problems.
    She is an English and Psych double major and hates math and thinking
    about computer details, a perfect example of a win-droid.
    > If you are, you need to secure the agent. If whichever
    > software you are using is allowing an open relay, you will transmit
    > spam.
    >
    >
    >

    Pretty much FF and T-bird for me, Linux and XP, and IE and Outlook for
    her, the stubborn daughter. Try telling a 4.0GPA double major, high IQ
    daughter anything, and see what happens.....
    She tells me "Everybody else uses Windows, why do you use weird
    systems?", with a totally straight face.
    Frustration, to an exponential level.
    Bill Baka

  8. Re: Router hacked.

    Meat Plow wrote:
    > On Mon, 28 Jul 2008 11:39:33 -0700, larrys707 wrote:
    >
    >
    >> Dan C need not answer this, since it is not play time for me right now
    >>

    >
    > Hahahahah why not just paint a bulls-eye on your forehead?
    >

    I couldn't resist.
    Bill

  9. Re: Router hacked.

    Try installing Nessus and scanning the entire network. You can find
    out if there are any other machines connected to your router, as well
    as finding out which machines have port 25 open. If they are your
    machines, lock down the mail agent on the offending machine.

    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  10. Re: Router hacked.

    On 2008-07-28, Bill Baka wrote:
    > I didn't say that. It was wide open for a few days and someone could
    > have hooked into my wireless from down the street and it would show up
    > as my IP address to Comcast.


    Yup, but fairly easy to correct and detect. Look at your router's
    wireless MAC page, and check the connected clients. In your case,
    there should only be one...

    >>
    >> You simply need to close port 25, if you are not using it for a Mail
    >> agent.

    > So far, I have been, but may turn paranoid and switch to port 587, as
    > Comcast wanted, but then I would have to mess with her computer and she
    > uses port 25 sometimes at a hot spot at Cal-State, causing me more home
    > problems.


    What is she using it for? With port 25 closed on the router, you can
    still connect out to a mail server. The router doesn't block outgoing
    connections.


    --
    Joe - Linux User #449481/Ubuntu User #19733
    joe at hits - buffalo dot com
    "Hate is baggage, life is too short to go around pissed off all the
    time..." - Danny, American History X

  11. Re: Router hacked.

    Ignoramus9959 wrote:
    > On 2008-07-28, larrys707 wrote:
    >
    >> Ignoramus9959 wrote:
    >>
    >>> How have you isolated the problem pointint it to the router?
    >>>

    >> We had a power glitch about a week ago that wiped the router settings
    >> and went to default, leaving my wireless access point wide open. I use
    >> Windows for some things, and have 2 totally separate Ubuntu Hardy
    >> installations on two different drives.
    >>

    >
    > So, the router was left wide open, and that possibly opened access to
    > from the Internet to the servers that were inside, and they got hacked
    > and were used for spamming. Is that Right?
    >

    That seems to be what happened. I have it partially locked down again,
    but she is off to class so I can't get her MAC put back in or change the
    router base from 1.101 to 8.101 as I had it. I don't run any servers
    since her machine and mine are isolated (my choice), and I turn
    everything but the router off when I am not using the computer. Spinning
    1.75 TB all the time is kind of power hungry.
    > Or, are you saying that wireless settings were made wide open and your
    > neighbors could connect?
    >
    > Cound it be that your neighbors were spamming?
    >

    The only neighbor with half a clue is my 16 year old grandson and he
    tried with his Play station so I locked him out a long time ago. The
    other neighbors are clueless red necks, since I gave up on living in
    Silicon valley years ago.
    >
    >>> Are you
    >>> sure that it is your router that is spamming? This sounds somewhat
    >>> improbable, so some clarification would be warranted.
    >>>
    >>> What is your home network topology, and where could spam possibly
    >>> originate?
    >>>
    >>> Do you have any windows computers on the network?
    >>>
    >>>

    >> The router is set up as the gateway to the Internet DSl, and my computer
    >> is the 'Admin' on port 1 of the 10/100 Ethernet, with my daughter's XP
    >> laptop on the 802.11G (locked mode). She is totally a win-droid, to
    >> quote some one else, but I use a variety of systems, from DOS, to Sun,
    >> Suse, Ubuntu, and, yes, XP, but never IE or Outlook.
    >> Normally I have it set to channel 11, not the default, use WPA-TKIP,
    >> lock it to her MAC address, and every other possible precaution,
    >> including no DMZ or gaming holes to exploit. The computer is off when
    >> not in use, since I am actually trying to conserve energy, so when the
    >> router wireless is blinking I just assume it is her doing school work
    >> for her two degrees, English and Psych, but nothing technical. I doubt
    >> that I could have my Windows XP infected since I have levels of
    >> protection, including a server type 3COM 3CR990 Ethernet card, and
    >> Zonealarm, AVG, Avira, Adaware, and Spybot S&D. I also changed the
    >> router default from 1.101 etc. to 8.101 as the base, so that normally
    >> would be pretty hard for someone to guess. The next step might be to
    >> enable port forwarding to Comcast and to tell them to *only* allow those
    >> 2 to be recognized, but that could, maybe, kill some of my bit torrent
    >> downloads for program updates or new distributions.
    >> That leaves me wondering if SHE did get infected on her laptop???, or if
    >> there is someone in my hick town that actually knows how to 'war-drive',
    >> since I live in mostly red neck territory.
    >>

    >
    > Could be anything, but you can find out with some persistence. If your
    > router has some advanced settings, you can block ports by IP.

    I do and did until the power glitch. I only allow her IP and MAC
    address, unless the router resets and doesn't tell me.
    >
    >
    >
    >> The last, and only infection I ever got was ten years ago when somebody
    >> found a port 445 hole in my windows NT.
    >> I hate windows, but the truth is I have to have it for work projects for
    >> my clients now that I don't work a 40 week as a captive employee any more.
    >> Even Comcast legal can't tell me what happened, except that they sent me
    >> an email that I never got and blocked me as a spammer.
    >> The reason the router reset got by me is that both her system and mine
    >> just looked for the router and went back to default without giving me a
    >> flag of any kind.
    >> Kind of a bum deal.
    >> Bill Baka
    >>

    >
    > Sounds bad. I would try to isolate who is spamming.

    I do, hence my war on porn spamming the group, that started so much
    ****. The router has an in/out log I examine from time to time, but the
    reset default is no log, and Comcast legal could not even tell me what
    incident caused them to block me.
    >
    >
    > i
    >
    >
    >>> i
    >>>
    >>> On 2008-07-28, larrys707 wrote:
    >>>
    >>>
    >>>> This is a semi-Ubuntu question concerning Linksys routers. Comcast
    >>>> killed my port 25 outgoing e-mail claiming I was spamming and I have a
    >>>> WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    >>>> compromised like this? It was in 'open' unprotected mode for a while
    >>>> after a power glitch last week and apparently a war driver got into it
    >>>> before I found out. The wireless 802.11G is for my daughter's college
    >>>> work on her laptop and I haven't been able to catch her to get her MAC
    >>>> again, and lock out all others.
    >>>> The question is mainly if anyone has used the GL and or DD-WRT and how
    >>>> straightforward it is to work with.
    >>>> Dan C need not answer this, since it is not play time for me right now.
    >>>> There is the possibility that someone could have spoofed my email but
    >>>> that seems a bit more unlikely.
    >>>> Moog? Anyone?
    >>>> Bill Baka
    >>>>
    >>>> After a really pissy hour on the phone to Comcast legal.
    >>>>
    >>>>
    >>>
    >>>

    >
    >

    Sigh.
    Bill Baka

  12. Re: Router hacked.

    Joe wrote:
    > Try installing Nessus and scanning the entire network. You can find
    > out if there are any other machines connected to your router, as well
    > as finding out which machines have port 25 open. If they are your
    > machines, lock down the mail agent on the offending machine.
    >
    >

    Sounds reasonable, but I should only have mine and my 'not so little
    girl's' computer on it. Worth a shot though.
    Bill Baka

  13. Re: Router hacked.

    Joe wrote:
    > On 2008-07-28, Bill Baka wrote:
    >
    >> I didn't say that. It was wide open for a few days and someone could
    >> have hooked into my wireless from down the street and it would show up
    >> as my IP address to Comcast.
    >>

    >
    > Yup, but fairly easy to correct and detect. Look at your router's
    > wireless MAC page, and check the connected clients. In your case,
    > there should only be one...
    >

    Been there, done that, had it locked to only her MAC, and will as soon
    as I can get my hands on her laptop.
    Major PMS right now, so not safe.
    >
    >>>
    >>> You simply need to close port 25, if you are not using it for a Mail
    >>> agent.
    >>>

    >> So far, I have been, but may turn paranoid and switch to port 587, as
    >> Comcast wanted, but then I would have to mess with her computer and she
    >> uses port 25 sometimes at a hot spot at Cal-State, causing me more home
    >> problems.
    >>

    >
    > What is she using it for? With port 25 closed on the router, you can
    > still connect out to a mail server. The router doesn't block outgoing
    > connections.
    >
    >
    >

    You may send me back to the books on that one. I was under the
    impression that SMTP wanted port 25, just as news wants 119, etc.
    Bill Baka

  14. Re: Router hacked.

    * Bill Baka wrote in alt.os.linux.ubuntu:

    [...]

    >>

    > You may send me back to the books on that one. I was under the
    > impression that SMTP wanted port 25, just as news wants 119, etc.
    > Bill Baka
    >


    News wants to CONNECT to SERVER with 119 open just as SMTP wants to connect
    to a server with 25 open. You can close every port on the client box and
    still get mail and read news. Those ports are SERVER ports.

    --
    David

  15. Re: Router hacked.

    * larrys707 peremptorily fired off this memo:

    > We had a power glitch about a week ago that wiped the router settings
    > and went to default, leaving my wireless access point wide open. I use
    > Windows for some things, and have 2 totally separate Ubuntu Hardy
    > installations on two different drives.


    Yeah, I'd keep your router on the UPS, too.

    > I hate windows, but the truth is I have to have it for work projects for
    > my clients now that I don't work a 40 week as a captive employee any more.


    Still captive, here.

    --
    I was the best I ever had.
    -- Woody Allen

  16. Re: Router hacked.

    SINNER wrote:
    > * Bill Baka wrote in alt.os.linux.ubuntu:
    >
    > [...]
    >
    >
    >>>
    >>>

    >> You may send me back to the books on that one. I was under the
    >> impression that SMTP wanted port 25, just as news wants 119, etc.
    >> Bill Baka
    >>
    >>

    >
    > News wants to CONNECT to SERVER with 119 open just as SMTP wants to connect
    > to a server with 25 open. You can close every port on the client box and
    > still get mail and read news. Those ports are SERVER ports.
    >
    >

    Makes sense.
    Thanks,
    Bill

  17. Re: Router hacked.

    Linonut wrote:
    > * larrys707 peremptorily fired off this memo:
    >
    >
    >> We had a power glitch about a week ago that wiped the router settings
    >> and went to default, leaving my wireless access point wide open. I use
    >> Windows for some things, and have 2 totally separate Ubuntu Hardy
    >> installations on two different drives.
    >>

    >
    > Yeah, I'd keep your router on the UPS, too.
    >
    >
    >> I hate windows, but the truth is I have to have it for work projects for
    >> my clients now that I don't work a 40 week as a captive employee any more.
    >>

    >
    > Still captive, here.
    >
    >

    Yeah, They don't pay me to preach Linux.
    Bill

  18. Re: Router hacked.


    "larrys707" wrote in message
    news:Gnojk.19289$N87.540@nlpi068.nbdc.sbc.com...

    > The question is mainly if anyone has used the GL and or DD-WRT and
    > how
    > straightforward it is to work with.


    Back to your original question...

    I've been using DD-WRT on the same router as yours for a 2-3 years for
    now. The use of it is quite strait forward, since it have a very good
    GUI and provides you with integrated help.

    I would advise you for the begining to mostly accept all defaults but
    enabling desired wireless security, firewall, desabling web access to
    the router, may be desabling remote ssh access (unless you need it),
    and setting up a strong password.

    I would not expect you having any difficulty in using it. The only
    possible pitfall is actually in burning in the DD-WRT firmware, since
    by not doing it right you can easily brick your router.

    So, I advise to you to read available and related documentation here
    http://www.dd-wrt.com/wiki/index.php/Main_Page before you attempt
    burning your new firmware.

    It's pretty straight forward procedure but should be done carefully.
    I was doing it at least 3 times with always success while upgrading
    from version to version. But you should be aware that posibility to
    brick your router theoretically does exist.

    Though the benefit of using DD-WRT way outweighs the risk. It is
    really good. The pathetic proprietary Linksys firmware is in no
    comparison with it.

    And it never left me open after power failures. :-)



  19. Re: Router hacked.


    "larrys707" wrote in message
    news:Gnojk.19289$N87.540@nlpi068.nbdc.sbc.com...
    > This is a semi-Ubuntu question concerning Linksys routers. Comcast
    > killed my port 25 outgoing e-mail claiming I was spamming and I have a
    > WRT54G, but considering a GL and DD-WRT. Has anyone else had a wireless
    > compromised like this? It was in 'open' unprotected mode for a while
    > after a power glitch last week and apparently a war driver got into it
    > before I found out.


    If you have verified that the router actually forgot to be in WPA mode,
    that's awfully naughty of it, power glitch or no. You might want to give a
    shout in some Cisco newsgroups (Linksys is owned by Cisco). However, it's
    also possible that through a hack of a (most likely) Windows machine, a
    command got sent to the router at its normal default IP address to TELL it
    to go into unprotected mode. Such a hack can happen through a virus or
    through visiting an engineered or compromised web page with Javascript or
    buffer overflow, etc. exploits in it. You might also want to consider a
    different wireless router (Belkin/My Essentials is one of many) that lets
    you set an administrative password on it, then set a nontrivial
    administrative password as well as changing the IP address of its LAN to
    something other than the default 192.168.2.X or whatever it may be.



  20. Re: Router hacked.

    Vitorio Okio wrote:
    > "larrys707" wrote in message
    > news:Gnojk.19289$N87.540@nlpi068.nbdc.sbc.com...
    >
    >
    >> The question is mainly if anyone has used the GL and or DD-WRT and
    >> how
    >> straightforward it is to work with.
    >>

    >
    > Back to your original question...
    >
    > I've been using DD-WRT on the same router as yours for a 2-3 years for
    > now. The use of it is quite strait forward, since it have a very good
    > GUI and provides you with integrated help.
    >

    I have heard nothing bu good about it.
    > I would advise you for the begining to mostly accept all defaults but
    > enabling desired wireless security, firewall, desabling web access to
    > the router, may be desabling remote ssh access (unless you need it),
    > and setting up a strong password.
    >

    The DD-WRT defaults are probably better than the Linksys defaults, and I
    don't need ssh since when I am out, I don't want to be bothered. My
    passwords are generally mathematically derived, like a prime number
    sequence up to 47 or so, or what ever comes to mind, even some sequences
    from a Mensa test, like letters with all straight lines in caps, and
    curved letters in small case.
    > I would not expect you having any difficulty in using it. The only
    > possible pitfall is actually in burning in the DD-WRT firmware, since
    > by not doing it right you can easily brick your router.
    >

    I've already read plenty about that possibility, so I am aware. Backup,
    backup, and be really careful. Not something to tackle while talking to
    the wife.
    > So, I advise to you to read available and related documentation here
    > http://www.dd-wrt.com/wiki/index.php/Main_Page before you attempt
    > burning your new firmware.
    >
    > It's pretty straight forward procedure but should be done carefully.
    > I was doing it at least 3 times with always success while upgrading
    > from version to version. But you should be aware that posibility to
    > brick your router theoretically does exist.
    >

    The benefits at this point do seem to outweigh the risk. My firmware has
    been stuck at 1.3000 IIRC since I bought the router.
    > Though the benefit of using DD-WRT way outweighs the risk. It is
    > really good. The pathetic proprietary Linksys firmware is in no
    > comparison with it.
    >

    Amen. I was thinking of the GL model because it has a faster CPU and
    much more memory to play with, but it may not be needed with just DD-WRT.
    > And it never left me open after power failures. :-)
    >
    >
    >

    It was actually about a one second dropout while I was watching the news
    with the computer off and the router on.
    The router may have seen it as a remove power reset attempt, but I did
    pretty much have to un-brick it after that, but I forgot to check my
    security settings, so bad on me.
    As to burning an image, that is easy with my windows Nero that came with
    my Sony DRU-840 DVD+/- RW drive.
    I have spent some time today looking at the repositories and so far
    found no one answer that I am totally happy with. There are some things
    I have found that do work better (or easier) in windows, and some that
    can't be beat in the Linux universe. Someone once said that Linux will
    only take off after there are enough good applications for it and I am
    finding that to be true.
    Many thanks,
    Bill Baka

+ Reply to Thread
Page 1 of 4 1 2 3 ... LastLast