 |
VO-BB - 20 YEARS OLD!
Established November 10, 2004
|
| View previous topic :: View next topic |
| Author |
Message |
Mike Harrison
M&M
Joined: 03 Nov 2007
Posts: 2029
Location: Equidistant from New York City and Philadelphia, along the NJ Shore
|
 Posted: Sat Jun 02, 2018 4:42 am Post subject: Security alert: reboot computer routers: also:Source-Connect |
 |
|
We are being told that the Russians are now hacking small business and home computer routers and installing malware dangerous to the security of our information.
Rebooting the router is the SIMPLEST method to, apparently, disrupt or disable anything that any malware may have already done. But a better fix is to see if your router manufacturer has a firmware update available and, if so, to download and install it. Doing so will automatically reboot the router.
SOURCE-CONNECT USERS NOTE: Beyond the security reason, the other reason I'm posting this is, because, rebooting the router greatly runs the risk of changing your computer's IP address in your network settings. And, in doing so, the address will no longer match the IP address you entered in your router configuration for Source-Connect, thereby preventing any connections.
_________________
Mike
Male Voice Over Talent
I have taken leave of my sensors.
 |
|
| Back to top |
|
 |
Eddie Eagle
M&M
Joined: 23 Apr 2008
Posts: 2393
|
| Posted: Sat Jun 02, 2018 5:08 am Post subject: |
|
|
| You can set your router to a dedicated IP and not have to worry about that. |
|
| Back to top |
|
|
Mike Harrison
M&M
Joined: 03 Nov 2007
Posts: 2029
Location: Equidistant from New York City and Philadelphia, along the NJ Shore
|
| Posted: Sat Jun 02, 2018 6:52 am Post subject: |
|
|
Thanks, Eddie. I appreciate that.
I'm now trying to find reliable instructions for doing that. The manufacturer's support page tells me several things I need to get from my ISP, but it appears they're assuming I'm setting this router up for the first time. My Mac's network settings seem to show the information they described, so I'm hoping to learn that I can just make a couple of quick setting changes without involving my ISP (a cable TV company), whose support reps often don't have the right information.
_________________
Mike
Male Voice Over Talent
I have taken leave of my sensors.
|
|
| Back to top |
|
|
Foog
DC
Joined: 27 Oct 2013
Posts: 608
Location: Upper Canuckistan
|
| Posted: Sat Jun 02, 2018 11:32 pm Post subject: |
|
|
And before panicking and rebooting, have a look at the list of routers than can be infected. Chances are (fingers crossed) yours isn't in the list.
Here's the list from PC MAG's article on VPN Filter malware.
https://www.pcmag.com/news/361431/is-your-router-vulnerable-to-vpnfilter-malware
| Quote: | Netgear "strongly advise[s] all Netgear router owners" to: update their router firmware; change the default admin password if that's never been updated; and make sure remote management is turned off on the router (here's how).
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
"No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues," according to Cisco Talos, which first reported the bug. |
If you are not on the list, you're fine doing nothing. If you are, you not only need to reboot, you need to reset (usually a small button on the router, or a hard trip down the stairs followed by a longer but less violent trip to the computer store).
_________________
Andrew Fogarasi
|
|
| Back to top |
|
|
MBVOXX
Been Here Awhile
Joined: 03 Jun 2008
Posts: 236
Location: USA
|
| Posted: Wed Jun 06, 2018 6:52 am Post subject: |
|
|
| My SC Pro uses a static IP. We had a big storm roll through Monday morning at 8am and suffered 2 quick brown outs within just a few minutes then lost power for half an hour. When the weather passed, even with UPS back ups for all systems and double layers of surge protection, the power came back on but we had no internet connection. After diagnosis and checking with my ISP, we determined that the router had been compromised. I had an offsite session at 1p and just a couple of sessions at the home studio scheduled that were self directed with end of day delivery so I hit the road for the city, picked up a new router, got my 1pm session done, and once back home before installing the new router, I did a hard reset on the old router (which is only 11 months old, (Synology RT 2600ac) which deletes the LAN settings and necessitates setting up a new network. It came back to life with the static IP configuration still intact. After the simple task of creating a new LAN things were back to normal. Then I logged into the new network on all the computers and devices, did a Source Connect connection test in the studio, and everything was good to go. The big test came on Tuesday when I had a busy day with 8 sessions scheduled, 3 of which were Source Connect sessions. All systems good! Not once did I suspect Russian involvement! |
|
| Back to top |
|
|
Tim Jackson
Joined: 21 Nov 2017
Posts: 23
Location: Salt Lake City, UT
|
| Posted: Tue Jun 26, 2018 1:19 pm Post subject: Unfortunately, that list has grown. |
|
|
Be sure to check out the link Foog listed below https://www.pcmag.com/news/361431/is-your-router-vulnerable-to-vpnfilter-malware to see the expanded list of affected devices.
| Foog wrote: | And before panicking and rebooting, have a look at the list of routers than can be infected. Chances are (fingers crossed) yours isn't in the list.
Here's the list from PC MAG's article on VPN Filter malware.
https://www.pcmag.com/news/361431/is-your-router-vulnerable-to-vpnfilter-malware
| Quote: | Netgear "strongly advise[s] all Netgear router owners" to: update their router firmware; change the default admin password if that's never been updated; and make sure remote management is turned off on the router (here's how).
Linksys E1200
Linksys E2500
Linksys WRVS4400N
Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
Netgear DGN2200
Netgear R6400
Netgear R7000
Netgear R8000
Netgear WNR1000
Netgear WNR2000
QNAP TS251
QNAP TS439 Pro
Other QNAP NAS devices running QTS software
TP-Link R600VPN
"No other vendors, including Cisco, have been observed as infected by VPNFilter, but our research continues," according to Cisco Talos, which first reported the bug. |
If you are not on the list, you're fine doing nothing. If you are, you not only need to reboot, you need to reset (usually a small button on the router, or a hard trip down the stairs followed by a longer but less violent trip to the computer store). |
|
|
| Back to top |
|
|
Foog
DC
Joined: 27 Oct 2013
Posts: 608
Location: Upper Canuckistan
|
|
| Back to top |
|
|
Bruce
Boardmeister
Joined: 06 Jun 2005
Posts: 7977
Location: Portland, OR
|
| Posted: Tue Jun 26, 2018 1:38 pm Post subject: |
|
|
Mac devices (knock on wood) appear to be immune to date. Yay.
B
_________________
VO-BB Member #31 Enlisted June, 2005
I'm not a Zoo, but over the years I've played one on radio/TV. . |
|
| Back to top |
|
|
todd ellis
A Zillion
Joined: 02 Jan 2007
Posts: 10529
Location: little egypt
|
| Posted: Tue Jun 26, 2018 5:12 pm Post subject: |
|
|
HOWEVER -- my website WAS Russian hacked! i couldn't believe it.
*deebs is fixing it!!!
_________________
"i know philip banks": todd ellis
who's/on/1st?
 |
|
| Back to top |
|
|
Tre M.
Backstage Pass
Joined: 01 Nov 2017
Posts: 489
Location: Vegas, the desert part.
|
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB © 2001, 2005 phpBB Group
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
