I have been Hacked

klogg · May 26, 2018, 6:48am

This is good generic advice as I understand it BUT, also as I understand it the UPNP issue is an old one which is rectified in newer routers and older routers with newer firmware, I thought that there were some good reasons for needing UPNP enabled?

GRC ShieldsUp now scans UPNP on your router to check if it is secure / patched. https://www.grc.com/

sjee · May 26, 2018, 6:52am

Unless you actually have a good reason better disable it.

nickrout · May 26, 2018, 11:37am

If someone can tell me a good reason to have it enabled, speak now!

dabell · May 28, 2018, 7:07pm

I’d typically follow your advice re: pick a different port. I did find that it caused no end of trouble when trying to configure TTS - whereas defaulting back to 443 worked right away. Somewhere the default expected port became the only possible port. It was a few months back, might be time to see if that’s updated.

tmjpugh · May 28, 2018, 7:48pm

My point was…hiding will not protect you if you if you don’t have good security practices.

Don’t bury money on a beach and expect it not to be found by a random kid with a shovel

forsquirel · May 28, 2018, 10:00pm

It’s been said ad nauseam but ‘Security through obscurity’ is a horrible practice.

Best bet is stay up to date on software, have all patches installed, use a good password and make use of best practices.

edif30 · May 28, 2018, 11:15pm

Yes agreed. I wasn’t saying just to hide. Yes, patch up, secure yourself, etc etc.

tmjpugh · May 29, 2018, 1:12pm

Site list router vulnerabilities.
https://routersecurity.org/bugs.php

I am thinking router flaw that lets them into network and onto install…OR just user error
anyway, The site above is worth a look.

UPNProxy is a one I been look to share for a few days
UPnP open by default on WAN by default on major consumer brand router

dabell · May 29, 2018, 1:40pm

I should make clear, I’m talking about choosing a non-standard port on top of following best practices. Obviously switching ports alone is just asking for trouble.

The case that always pops into my head is how (a couple years ago now) my SSH port had people knocking - sometimes hundreds a day - when on port 22. The moment I switched to a high number non-standard port the failed entry log dropped off to nothing. Call it personal choice but I find some satisfaction in that.

tmjpugh · May 29, 2018, 4:45pm

I think many understand your idea(i did at least)

Just some don’t read “do all 5 of these network best practices together”…they read “do this one thing and your secure” Unfortunately

Dominic · June 26, 2018, 9:49am

best discourse ever. so glad i started all this and sort of glad i got hacked to be honest