Author Topic: can the router settings be changed by virus? If it is secured by ISP  (Read 59680 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #75 on: February 21, 2016, 06:07:20 am »
Hi, Long time no see to this topic.
                    To Shane, boggins and samson:
                         The avast scan showed vulnerability and i tried with whatever i could do, but still vulnerabilities.
                            Then i thought of downloading the zone alarm , to fix , but i think , it will disable the windows firewall. I raised a thread on this subject, as i had limited knowledge.
                             coming to the story. I waited for reply for that thread, and in the meantime, concentrated the settings in the firewall, windows firewall.
                              I just thought, of going to the advanced settings, and in the firewall settings, i clicked advanced, click inbounds, new rule, and then in the browsed page, selected ports instead of default and in the port, mentioned 21,80, http and ftp ports, and selected all domain, priv,public and other, and selected BLOCK, without knowing what i would have to face.
                              I ran the avast network scan, Oh! the vulnerability has gone and green ticks with words, that router configured correctly and  no vulnerability. Ofcourse, i had changed the admin pw to avoid weak password message. Please see the result for yourself. Thank god, the solution is the settings in the firewall, which default allows these ports, i suppose.
                         A sub query: would this affect my normal internet experience,
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #76 on: February 21, 2016, 06:54:17 am »
It's difficult to know - run ShieldsUp again to see what reports.

I saw your thread about Zone Alarm and Windows Firewall but as I have no experience of Zone Alarm - I didn't respond.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #77 on: February 21, 2016, 06:58:06 am »
GRC Port Authority Report created on UTC: 2016-02-21 at 14:56:53

Results from scan of ports: 0, 21-23, 25, 79, 80, 110, 113,
                            119, 135, 139, 143, 389, 443, 445,
                            1002, 1024-1030, 1720, 5000

    0 Ports Open
    0 Ports Closed
   26 Ports Stealth
---------------------
   26 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 10182
  • Location: UK
  • Karma: 122
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #78 on: February 21, 2016, 07:09:12 am »
The router's own firewall should deal with any vulnerabilities without having to do it from the computer.

I don't what the effect of blocking those will be.

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #79 on: February 21, 2016, 08:48:42 am »
J, You should be fine with that. I have ALL inbound blocked on my router, never had any problems.

By the way, looks like you have ditched that Teracom piece of junk for a decent D-Link?  :cheesy:

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #80 on: February 21, 2016, 07:52:45 pm »
Hi, Samson, How did you do that in router. I have done the settings in firewall. Yes of course, but it is really working fine . Only i do not know the firewall settings.
to boggin:
                      Please explain that part of the answer that you need not do any extra in firewall settings and could do in the router. Of course, the router gives NAT protection and SPI protection, but it does not have any protection on http and ftp protection. These are said to be not enabled in router. But, actually those ports are enabled for http and ftp traffic, so avast finds them as vulnerabilities.
          Hi, samson, Now i have 3routers/ one dlink, other two, dataone and terracom all are working without any problem.
                  The ports open problem is the one avast thinks as vulnerability, is it ?
« Last Edit: February 21, 2016, 08:24:29 pm by jraju »
The Bottom line is "Check your hardware first if it supports the task you try".

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #81 on: February 22, 2016, 12:46:23 am »
Hi, ssamson, and bboggins,   Betaal returns to his tree
Now the vulnerability is back
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #82 on: February 22, 2016, 04:35:42 am »
Hi, Samson, How did you do that in router. I have done the settings in firewall. Yes of course, but it is really working fine . Only i do not know the firewall settings.

Under "Firewall Settings" in my router (Netgear) The default setting is to block ALL inbound traffic. I have left this unchanged.
In answer to an earlier Q, ports 21 and 80 are only needed if you are running some kind of server. In my set up they are blocked by the default incoming setting and everything works fine for me.

I don't use Windows 7 (XP guy here  :wink:), but I'm sure that if you need to you can block all incoming in the Windows firewall, without having to add ports under advanced settings, a Windows 7 expert (Boggin) can put you straight on that  :wink:

The problem in your screenshot appears to be a weak password.
« Last Edit: February 22, 2016, 04:39:11 am by Samson, Reason: Spelling »

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #83 on: February 22, 2016, 04:51:39 am »
Hi, I changed to that admitted password , only alphanumeric.
How could the same av is doing these tricks, even they do not know. They asked me to send the logs, which i did sent to them for analysis.
                                   Still some new head technician again calling for logs, and i asked him to look at his server.
                                      I think , there is glitch in the HNS, by avast. i rely on this av, as it is using reduced cpu for scans. I do not know, if this is correct.
                                        I will try to surf the net further to get rid of this problem.This is with the new router, samson.
                                      Boggins, by this time would have enough of my router/s. Let him take some time so that i try something , getting the error, and he comes to the rescue. Where is shane?
The Bottom line is "Check your hardware first if it supports the task you try".

Offline Samson

  • Hero Member
  • *****
  • Join Date: Nov 2011
  • Posts: 915
  • Location: London
  • Karma: 38
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #84 on: February 22, 2016, 05:17:11 am »
J, I use Avast too, but a much older version that does n't include that network tool so I cannot offer any advice there I'm afraid. If it is a new feature it could have teething problems? I would place more reliance on the GRC ShieldsUp report, which looks good to me.

Offline jraju

  • Hero Member
  • *****
  • Join Date: Feb 2013
  • Posts: 2323
  • Location: india
  • Karma: 17
    • View Profile
Re: can the router settings be changed by virus? If it is secured by ISP
« Reply #85 on: February 22, 2016, 05:27:43 am »
Of course, Samson.
                       Yesterday i used 2015 avast, which had network scanner, but which says everything is ok.But the recent update, turned everything positive to negative.
                      i also sent the same results to the chief technician, who is yet to give a reply. Can i switch back to previous version, using properties for this. I will try.
                       You please visit the grc.com and see the videos Security now, a list of 5 to 6 videos, which hacked the grc.com for some days, before it could come back again. It is there in the google search.It will be interesting to know that , a calling bell could play a havoc, with a huge server to immobilize it totally. I could not hear the tech terms, that the grc.chief says, but could well understand the agony he has gone. He says about DDOS attack . By persons, who used a antenna like thing to capture the wifi settings and intruded to the system pl see those videos.
The Bottom line is "Check your hardware first if it supports the task you try".