I'm at my wits end now. I'm having security issues. I've managed to whittle it down. To someone hacking me over WAN. I haven't just made this up. There's been evidence of port forwarding rules being set up by themselves. Mac addresses that don't belong to me showing under technical logs. When I used wireshark packet sniffer I'm consistently being flooded with ARP poisoning. I've been working with security team but no one is getting back to me. Also I've done nmap on my router ip and got back open ports for netbios hacking (confirmed by Microsoft) and now I find out today that they have installed something on the router called tinyproxy which redirects my https traffic. Which is funny because some websites don't work. Or sometimes I will get this connection is unsecure because of certificates.
Anyway they have exploited open ports and have now created reverse tcp connection from metasploit (from what I've read). So that means now that even when I change my WiFi password or admin password they are still able to get it. I've changed it so many times. Characters 20 letters long! Symbols! You name it I've tried it. I'm factory reseting my router every day because I can't even manually removed these port forwarding rules.
Can someone point me in some direction to start getting this under control. I can't even use my pc. My phone is slow. I'm wondering if they are just sniffing my traffic constantly. Or if after a password change they are brute forcing their way back in.
After factory reset the ports don't even close even tho they aren't being used.
Any advice. I have a feeling that they are qualified in CCNA or Aws because alot of apache and aws are being used.
I think they are using kali linux. And I think it's an ex neighbour whos moved recently. Can't explain why they persistently carry on. But I don't know what to do. I've had 3 hub 6 and the same thing just happens.