Inspecting Your Computer’s Router for Malware

PC Answers Blog  > Computer Repair >  Inspecting Your Computer’s Router for Malware
admin January 26, 2016 0 Comments

How to Inspect a Router for Malware

There are advantages made by attackers on all computer’s routers with manufacturers that lack in router security. These devices are open to attack due manufacturers producing large amounts of them but never updating them.

How Attackers Make Their Way to Your Computer’s Router

The DNS server setting on a router is what attackers most often strive to change. For example, you are directed to a phishing site from the malicious DNS server when trying to connect to your credit card site. Your address bar may still say your credit card site, but you will really be on a phishing site. All queries are not responded to by the malicious DNS server, most may have a time out. One sign of an infection can be slow DNS requests.

Advertisements may be injected, search results redirected, or attempted download installation could all be attempts by attackers. If you are seeing such stuff as pornographic advertisements on websites you know are legitimate, you most certainly have an infection, either in your computer’s router or computer.

Malicious JavaScript becomes embedded on webpages from attackers that JavaScript makes an attempt to load up the administration page of the router’s to change settings. A device which is in your local network has this JavaScript running on it, the code that has access to the web interface is available on from inside your network.

This is just some exploits attackers can take advantage of routers.

How to Inspect Your Router

One sign showing your router has been compromised is a change in it DNS server. You need to check the DNS server setting by going to the router’s web-based interface.

First, access web-based setup page of your router. Inspect gateway address of your network’s connection or to find out how, you may check your router’s documentation.

Sign in using both your router’s username and password, if required. Check somewhere for “DNS” setting, many times located in internet connections or WAN settings screen. You are fine if the setting is “Automatic”, however, if on “Manual” with custom DNS servers keyed in instead, you may have a problem.

If you configured your router for the use of alternative DNS servers on your own, such as Google or OpenDNS, and you recognize the numbers you are fine. If there are number you do not recognize, malware might have changed the router to use DNS servers.

Help With Malicious DNS Server

If you have found malicious DNS server configuration with your router, you have the ability of disabling it and have your router use automatic DNS server from you internet service provider, or if you wish enter legitimate DNS server addresses.

If you have found malware on your computer’s router, you may find it save to do a wipe of the router settings and put it back to a factory-reset.

Make sure to know how to protect yourself against Malware on your computer, and also how to access your router when you’ve forgotten your password.

Leave a Reply

Your email address will not be published. Required fields are marked *