Monthly Archives: January 2016

Inspecting Your Router for Malware

Clean of the Malware on the Router.

Clean of the Malware on the Router.

How to Inspect a Router for Malware

There are advantages made by attackers on routers with manufacturers that lack in router security. These devices are open to attack due manufactures producing large amounts of them but never updating them.

How Attackers Make Their Way to Your Router

The DNS server setting on a router is what attackers most often strive to change. For example, you are directed to a phishing site from the malicious DNS server when trying to connect to your credit card site. Your address bar may still say your credit card site, but you will really be on a phishing site. All queries are not responded to by the malicious DNS server, most may have a time out. One sign of an infection can be slow DNS requests.

Advertisements may be injected, search results redirected, or attempted download installation could all be attempts by attackers. If you are seeing such stuff as pornographic advertisements on websites you know are legitimate, you most certainly have an infection, either in your router or computer.

Malicious JavaScript becomes embedded on webpages from attackers that JavaScript makes an attempt to load up the administration page of the router’s to change settings. A device which is in your local network has this JavaScript running on it, the code that has access to the web interface is available on from inside your network.

This is just some exploits attackers can take advantage of routers.

How to Inspect Your Router

One sign showing your router has been compromised is a change in it DNS server. You need to check the DNS server setting by going to the router’s web-based interface.

First, access web-based setup page of your router. Inspect gateway address of your network’s connection or to find out how, you may check your router’s documentation.

Sign in using both your router’s username and password, if required. Check somewhere for “DNS” setting, many times located in internet connections or WAN settings screen. You are fine if the setting is “Automatic”, however, if on “Manual” with custom DNS servers keyed in instead, you may have a problem.

If you configured your router for the use of alternative DNS servers on your own, such as Google or OpenDNS, and you recognize the numbers you are fine. If there are number you do not recognize, malware might have changed the router to use DNS servers.

Help With Malicious DNS Server

If you have found malicious DNS server configuration with your router, you have the ability of disabling it and have your router use automatic DNS server from you internet service provider, or if you wish enter legitimate DNS server addresses.

If you have found malware on your router, you may find it save to do a wipe of the router settings and put it back to a factory-reset.

Make sure to know how to protect yourself against Malware on your computer, and also how to access your router when you’ve forgotten your password.

 

Access Your Router When You Forgot the Password

linksyspassword_515_5a8d

Know how to get into your router, without your password.

Forgot Your Router Password? No Problem…

Web interfaces are protected by routers, where parental control, port forwarding, and network settings are configured with username and password. Router’s settings can be protected by changing the password.

You can reset a routers password if for some reason you do not know it. You can possibly forward ports also without having the password.

Default Username and Password

Default username and password must be tried for logging on prior to resetting the router to default settings. If resetting to default settings, you will need both of these anyway. There is more than one way of finding this information:

  • Router’s manual has username and password located inside. If lost, Google “manual” and model number of router.
  • Search router for sticker. There are some router’s that have password printed on sticker placed on router.
  • It may be a username and password which is common, for instance “admin” is used for password by many routers. Leave username blank, or try “admin” and username and password blank, or both as “admin”.
  • If unable to get these to work, go to next section.

Reset to Factory Defaults

There is a button located on routers to reset them to default factory settings. Any configuration settings you may have made, such as network settings, custom passwords, and forwarded ports will be cleared. You can now access your router using default username and password, however, it may take some time to configure your router if you had changes cleared before reset.

Reset process varies with routers, reset button location as well. To find specific result for your model, check owner’s manual. Most routers reset process is very similar however.

Look to your router’s back or bottom for a button labeled Reset. Most often this button is in a depressed hole to avoid accidental resetting.

Hold button down for approximately 10 seconds to reset router. After release of this button, your router will reboot, resetting itself back to factory settings. You may need to use a pin, or bent paperclip to press the button if in a depressed hole.

After router has rebooted, you should be able to log in using default username and password.

Forward Ports Without Password

Reason for this working is many routers supporting Universal Plug and Play (UPnP), which if enabled on router port will automatically open.

If this option is supported with a program, it normally would be found in its connection settings next to port configuration. Smaller amount of routers support NAT-PMP, you may notice, which is a similar way of opening ports automatically.

After resetting router’s settings, you can log in using default username and password. Go to its web interface to change your routers password if wanted.

Now make sure you know some tips for choosing, and purchasing the right router for the job.

Common Mistaken Beliefs about Wireless Networks

There are common myths you should know about.

There are common myths you should know about.

There are many different networking myths around, and easily started in a technical world. Of course, networking is not a subject that is usually on one’s mind, until an outage or intrusion.

The following are some examples of mistaken beliefs people have about wireless networks.

There is no security with wireless networks

Reality is, wired networks are more secure than wireless networks. However, what should be questioned is if Wi-Fi has enough security, to which the answer would be, it depends.

Wireless routers which are properly-secured have adequate security except for when needing high-security. For average households, all networks with a password that is secure and WPA2-PSK with AES encryption should have adequate security.  Keep in mind, cause of most intrusions are predictable weak passwords, not breaches from brute force.

I am getting cheated out of speed I pay for from my ISP

This mistaken belief is easily the most common. When not receiving speed in which you pay for, your ISP is an easy target for your anger. However, this is usually not their fault.

This happens most often from a communication breakdown between the client and ISP in how speeds are stated in advertisements. Clients get understandably upset if they do not receive 100Mbps, they “think” they are paying for. Fact is, when using wireless networks, stated speeds are rarely received.

ISP speeds are stated for Ethernet-connected devices, due to not having ability to correctly predict speeds of Wi-Fi.

You are hidden from hackers if hiding SSID

There is a name assigned to each wireless network by a form of Service Set Identifier (SSID). Some people believe if routers are prevented from having this information broadcasted, they are hidden from hackers. This is false.

Even if an SSID is hidden, computers running Windows version 7 or later, are able to see each device which is in range, even if they do not have SSID assigned to them. These do appear, although they are unable to identify by name/

Wired Networks are better than wireless networks

It would be hard finding someone saying wireless is faster than wired. However, there is a major trade-off for speed, which is convenience.

Speed gaps have narrowed with router technologies continually improving. But there is still a prevalence for wired with both reduction of environmental degradation and security.

There is not a way for one to connect to wired networks when the router has no physical access, making wired more secure in that way.

It is a reality however about environmental concerns. There is no competition for airspace with wired connections, unlike with Wi-Fi.

Some beliefs in which some people have come to know are true. However, remember everything you hear is not always true! Check out this post on how to extend your wireless network.