Posted 17 May 2012 - 01:19 AM
Posted 17 May 2012 - 04:43 AM
I think, that you should immediately have the malware removed (you can get help here: link), and after that close unnecessarily opened ports. You should also encypt your Wi-Fi with a strong password (WPA2), and a strong password for your router. Then, the possibility, that someone hacked into your network is very close to 0.
Maybe you should get an antivirus to help prevent infections ?
Posted 17 May 2012 - 09:20 AM
It shows you low level formatted and had your system gone through by one of our malware techs. You also did a bios update which would help.
Unless you have reinfected yourself I don't think your issue is malware.
The fact your temps are high on the cpu itself is a problem. Also the date and time in not only the OS but your BIOS can affect certificates being validated.
Have you done a hard reset on your modem and or router?
What you need to do is what is referred to as "power cycling" your modem. To do this, do the following:
- Turn off all computers connected to the router.
- Unplug the power cords from the back of the modem and from the back of the router.
- Wait at least five minutes.
- Plug the power cord into the modem and wait at least one minute for it to initialize.
- Plug the power cord into the router and, again, wait at least one minute for it to initialize.
- Power on one computer and try to connect to the Internet with it.
- If the first computer can connect to the Internet, then you can start turning on the other computers, one by one, and checking their Internet connections.
Posted 17 May 2012 - 03:50 PM
Posted 17 May 2012 - 04:17 PM
This has no bearing on the issue except that wifi is easier to hack then a hardwired system.
You may have some doinked host files or dns issue. Have you contacted the malware tech who helped you and asked that he rescan your system to make sure?
Posted 17 May 2012 - 04:43 PM
Posted 17 May 2012 - 04:57 PM
Posted 17 May 2012 - 05:11 PM
Now, onto the actual issue(s);
- Closing ports on a device should be done using a firewall. On Linux you can use the iptables command to set rules on the firewall.
- I very highly doubt someone "hacking into" your bridged modem from the outside. If you don't allow remote management, they won't be able to do anything with it unless they already have access to a device on your network.
Reading through the posts it's quite hard to find out what exactly you're trying to accomplish. Could you perhaps sum up the issues you're trying to correct?
Posted 17 May 2012 - 05:59 PM
Remote management is turned off in the brideged modem and the router.. The firewall is in transparent mode and all security measures have been taken as far as configuration to blocking ports except setting up my own vpn..
Posted 17 May 2012 - 08:17 PM
Posted 17 May 2012 - 11:58 PM
Sorry if this sounds a bit rude, but it looks like you're a little paranoid..
As far as I can see you are not being redirected to a hackers site. But it does take more than 3 hours for someone to respond to your topic as there are multiple time zones in this world and on top of that, we also have our own social lives.
Let me ask you this; Do you know exactly what you see when you are using Wireshark? Because Wireshark isn't really a tool that you should be looking at if you have no basic understanding of what is happening on a PC all the time. Wireshark is not a tool that the average person uses, as the output can be confusing and misleading.
If you mean that wireshark won't capture traffic from a USB port, then you're correct. Because it will only capture traffic on network interfaces.
Define "unknown"? Can you give me an example?
I'm not sure what you mean here??? Can you tell me exactly what you are trying to do?
Posted 18 May 2012 - 01:13 AM
Posted 18 May 2012 - 02:40 AM
Wireshark is not a tool you just learn in a day. It is used by specialists who already know a lot about network protocols and processes.
Quoting the Wireshark manual;Ļ
network administrators use it to troubleshoot network problems
network security engineers use it to examine security problems
developers use it to debug protocol implementations
And on the question if hackers can "create" new ports, then the answer is no.
If you look at the process in which one PC communicates with the other, ports are simply used for the PC to determine what application it should be sending the data to. Now, because we live in a world where network communication is the most common thing of the day we need a way to prevent applications from using the same port numbers. Thatīs where the IANA (Internet Assigned Numbers Authority) has set a few ranges of ports; System
Ports (0-1023), User Ports (1024-49151), and the Dynamic and/or Private Ports (49152-65535). Since a lot of the ports between 1024 and 65535 are used by different programs, firewalls mark these ports as "unknown".
I hope to have answered a few of your questions.
Posted 18 May 2012 - 11:40 AM