cancel
Showing results for 
Search instead for 
Did you mean: 
Liam_
Expert
2,059 Views
Message 21 of 33

Re: Hacked by a neighbour

It is still most likely to be rogue software that has been downloaded to a device that is causing the issue.  Provided that is that your wireless password is kept secure and has not been shared with anyone, then the likelihood of being 'hacked' through the router from the internet is almost non existent.  The hacker would need to target you personally and directly.  Most unlikely with a dynamic IP address.  Then they would need Administrator access to your PC/laptop/MAC to be able to do much there.  Without an account on the machine they won't get anywhere.  So that brings us back to something downloaded by someone on your LAN.

Are you using good antivirus/firewall software?  Several free ones are available for PC, MAC and Android devices.  Search on Google.

A decent browser with add blocker and a script blocker will help, a little.  Firefox and Opera are available for mobile devices.  Though there is no substitute for common sense, never just click a link without knowing what it's actually going to do and avoid dodgy web sites.  Like pirate sites and others that don't need named here.

Never click a link in an email that you can't verify as trustworthy.

As for the browser, setting it to delete everything when closed can help a lot,  no info stored for the next session.

You could have a look online (Google again)  for Trend Micro.  They have a free service called Housecall.  Basically it scans your PC, whatever for malware.  Not used it since I worked in the PC shop but it cleaned out a lot of customers machines back then so should help.  Certainly can't hurt.

 

As for ARP.  Heard of it but never had any experience of it.  Couple of links for you to check, loads more out there, (Google?).  From the sounds of that it's becoming almost certain something was downloaded to a device on your LAN.

https://security.radware.com/ddos-knowledge-center/ddospedia/arp-poisoning/

 

https://www.veracode.com/security/arp-spoofing

 

Your WAN (Internet facing) IP is not static, it's dynamic and likely to change whenever the router (hub) is restarted or the connection refreshed.

Unless things have changed recently I don't think BT have active IPv6 specific DNS servers running yet.  Alternate DNS servers to try if you like, you just set them on the individual PC/laptop etc.

IPv4

208.67.220.220

208.67.222.222

IPv6

2620:0:ccc::2

2620:0:ccd::2

0 Ratings
Reply
Danwilliams
Aspiring Contributor
2,017 Views
Message 22 of 33

Re: Hacked by a neighbour

Well it’s happened twice now. I have had everything wiped and repaired at least twice. I think it’s a person vendetta. I think they are using pen testing tools like kali Linux.

I was using AVG Malwarebytes Ccleaner. Got rid of AVG but it’s still seem to be on the system for some reason. Also I have only just had the thing back from the repair guy I have found software I didn’t install avast security.

Also found a hidden partition and have spoken to the repair guy and he said there was nothing there before.

I would of loved to restore it but when I do it says it can’t because of some interference with antivirus software. I’ve tried to download zone alarm and couldn’t open it.

Also from the point of view of my phone I have an IPsec VPN running I never set up with these details.

ipsec3:
Address IPv4: 10.6.6.77
Destination IPv4: 10.6.6.77
Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP
NetMask IPv4: 255.255.255.255

Along with the rest of the interfaces where one of the interfaces is a direct link to my iPhone which I wouldn’t know how to set up

ap1: Flags: BROADCAST / MULTICAST / ARP

awdl0: Address IPv6: fe80::94fe:84ff:fedd:6515
Flags: BROADCAST / UP / RUNNING / MULTICAST / ARP
NetMask IPv6: ffff:ffff:ffff:ffff::

en0: Address IPv4: 192.168.1.80
Address IPv6: 2a00:23c4:4f0f:a200:f12d:9f2d:df66:37dd
Destination IPv4: 192.168.255.255
Flags: BROADCAST / UP / RUNNING / MULTICAST / ARP
NetMask IPv4: 255.255.0.0
NetMask IPv6: ffff:ffff:ffff:ffff::

en1: Flags: BROADCAST / UP / RUNNING / MULTICAST / ARP

en2: Flags: BROADCAST / UP / RUNNING / MULTICAST / ARP

ipsec0: Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP

ipsec1: Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP

ipsec2: Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP

ipsec3: Address IPv4: 10.6.6.77
Destination IPv4: 10.6.6.77
Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP
NetMask IPv4: 255.255.255.255

lo0: Address IPv4: 127.0.0.1
Address IPv6: fe80::1
Destination IPv4: 127.0.0.1
Destination IPv6: ::1
Flags: UP / LOOPBACKNET / RUNNING / MULTICAST / ARP
NetMask IPv4: 255.0.0.0
NetMask IPv6: ffff:ffff:ffff:ffff::

pdp_ip0: Flags: POINTTOPOINT / MULTICAST / ARP

pdp_ip1: Flags: POINTTOPOINT / MULTICAST / ARP

pdp_ip2: Flags: POINTTOPOINT / MULTICAST / ARP

pdp_ip3: Flags: POINTTOPOINT / MULTICAST / ARP

pdp_ip4: Flags: POINTTOPOINT / MULTICAST / ARP

utun0: Address IPv6: fe80::21c5:34f2:b95e:518f
Flags: POINTTOPOINT / UP / RUNNING / MULTICAST / ARP
NetMask IPv6: ffff:ffff:ffff:ffff::


Created with Network Tools by KeepSolid

When I go to my hub setting it says my IPv6 is static and has no DNS

When I go to the laptop there is no connection for IPv6.

I think my IP is being routed. And I think they are using that VPN to tunnel to my phone regardless of whether I’m at home or a friends using their Wifi or my data.

Does any of this make any sense Liam ? I’m so sorry to be a nag you’ve been excellent fair play

Also would like your opinion on whether you think this router netgear nighthawk x6 r8000 would help if I can not broadcast my ssid
0 Ratings
Reply
Danwilliams
Aspiring Contributor
2,015 Views
Message 23 of 33

Re: Hacked by a neighbour

I’ve done a similar thing with my android device downloaded an app called landroid to look to see what’s going on with the networking and it has given me this. (Look at the IPv4 IPv6 dev wlan0 section especially)
0 Ratings
Reply
Highlighted
Danwilliams
Aspiring Contributor
2,007 Views
Message 24 of 33

Re: Hacked by a neighbour

Interfaces:
dummy0
MAC: a2:4e:97:92:87:e9
sit0
p2p0
MAC: d6:0b:1a:5e:0f:74
lo
IPv6: ::1
IPv4: 127.0.0.1
rmnet_usb0
MAC: a2:4c:70:ae:34:fe
wlan0
IPv6: fdaa:bbcc:ddee:0:6897:ff42:1f05:e3c3
IPv6: 2a00:23c4:4f0f:a200:6897:ff42:1f05:e3c3
IPv6: 2a00:23c4:4f0f:a200:d60b:1aff:fe5e:f74
IPv6: fe80::d60b:1aff:fe5e:f74
IPv6: fdaa:bbcc:ddee:0:d60b:1aff:fe5e:f74
IPv4: 192.168.1.68
MAC: d4:0b:1a:5e:0f:74
Bytes: 90,609 IN, 21,450 OUT
Packets: 163 IN, 215 OUT
rev_rmnet0
MAC: ce:ff:22:0b:02:ae
rev_rmnet1
MAC: fa:54:aa:ee:f9:47
rev_rmnet6
MAC: 06:1f:05:28:38:6e
rev_rmnet5
MAC: ce:a1:eb:f5:32:72
rev_rmnet7
MAC: d6:ba:ad:44:3d:99
rev_rmnet3
MAC: ca:a5:b8:fc:03:3d
rev_rmnet2
MAC: e6:09:ee:80:a1:5f
rev_rmnet4
MAC: 2a:96:f2:26:e3:65
rev_rmnet8
MAC: 0a:c5:be:1c:de:b0
rmnet0
rmnet1
rmnet6
rmnet5
rmnet7
rmnet3
rmnet2
rmnet4

Ipv4 Routes:
192.168.0.0/255.255.0.0 dev wlan0
192.168.1.254/255.255.255.255 dev wlan0
default via 192.168.1.254 dev wlan0

IPv6 Routes:
2a00:1450:4009:809::200a/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80a::2004/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80a::200e/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4009:80c::200a/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:400c:c09::bc/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:1450:4010:c0d::bc/128 via fe80::42c7:29ff:fe17:7c25 dev wlan0
2a00:23c4:4f0f:a200:6897:ff42:1f05:e3c3/128 dev lo
2a00:23c4:4f0f:a200::/64 dev wlan0
2a00:23c4:4f0f:a200:d60b:1aff:fe5e:f74/128 dev lo
::1/128 dev lo
default dev lo
default via fe80::42c7:29ff:fe17:7c25 dev wlan0
fdaa:bbcc:ddee:0:6897:ff42:1f05:e3c3/128 dev lo
fdaa:bbcc:ddee:0:d60b:1aff:fe5e:f74/128 dev lo
fdaa:bbcc:ddee::/64 dev wlan0
fe80::/64 dev wlan0
fe80::d60b:1aff:fe5e:f74/128 dev lo
ff00::/8 dev wlan0
ff02::1/128 dev wlan0
ff02::1:ff05:e3c3/128 dev wlan0

Wifi connection:
AP(BSSID): 40:c7:29:17:7c:28
Name(SSID): "BTHub6-MX3S"
Signal(Rssi): -70
IP: 192.168.1.68
Netmask: 0.0.0.0
Gateway: 192.168.1.254
Dns1: 8.8.8.8
Dns2: 0.0.0.0
Dhcp Server: 0.0.0.0
Lease duration: 0s

Sockets Information:
sockets: used 211
TCP: inuse 0 orphan 0 tw 2 alloc 1 mem 1
UDP: inuse 0 mem 0
UDPLITE: inuse 0
RAW: inuse 0
FRAG: inuse 0 memory 0
0 Ratings
Reply
Danwilliams
Aspiring Contributor
2,006 Views
Message 25 of 33

Re: Hacked by a neighbour

See all the routes it wasn’t there before it leaves me with a constant static IP though I’m not going to post that on here though.
0 Ratings
Reply
Danwilliams
Aspiring Contributor
2,004 Views
Message 26 of 33

Re: Hacked by a neighbour

If you look at the original post I posted and look at the articles here they seems to correlate.

https://www.cnet.com/news/microsoft-ds-no-longer-hackers-top-target/

http://ntsecurity.nu/papers/port445/


0 Ratings
Reply
Danwilliams
Aspiring Contributor
1,998 Views
Message 27 of 33

Re: Hacked by a neighbour

How do I disable NBT only something like an iPhone or Android. I wouldn’t even know how to do it on my laptop
0 Ratings
Reply
Liam_
Expert
1,943 Views
Message 28 of 33

Re: Hacked by a neighbour

@Danwilliams

 

Check your PM.  Way too big to post here and specific to your current situation only.

0 Ratings
Reply
Danwilliams
Aspiring Contributor
1,970 Views
Message 29 of 33

Router help

So yeah I was hacked...

So I’ve been looking at routers and I can see there’s ones made for home and portable vpn routers you can get. To be honest I’m not convinced that with in seconds of me setting it up it won’t be hacked.

I was thinking of getting one of those portable vpn routers that you use in free Wifi zones because their cheap and they have security on them. I was looking at this YouTube for these routers.

I want something I’m going to have a firewall if possible or something really strong on security.

I looked at the link sys but to chance a being hacked once I’ve spent 140 quid on a router is a bit risky.

I’m so undecided as to whether to spend the money to have an open source router so I can configure my own vpn service around the router and my devices.

I’d like some advice and here’s the routers I been looking at

https://youtu.be/kn_lIDfbkTs

Also if I was to go for an open source home router for a decent price which one would be the best for security and price. I just want the ability to Mac filter turn off an remote connections. Have a strong vpn possible tor. And just mad max max security
0 Ratings
Reply
Moderator
Moderator
1,898 Views
Message 30 of 33

Re: Router help

Hi @Danwilliams

 

I've merged the content of the new thread you created with your original thread.  It's easier for the community when the conversation is all in the one place.

 

I'd appreciate it if you would refrain from creating duplicate threads about the same issue. Please keep the discussion on the one thread.  You can find all your recent posts by clicking on your username whenever you're on the home page.

 

Cheers,

 

Robbie

0 Ratings
Reply