Jump to content

100s of attempts a week to remote login


PaulAllen
 Share

Recommended Posts

Hello new to this site, I'm Paul hello. 

Here's my problem well not mine my Grans, I look in her routers firewall log and see 100s of remote attempts a week to gain remote access mostly from china. what can I do about this.

so far I have written to china telecom and showed them the logs and they just blanked me so I'm guessing they don't care or it's state sponsored so they can use it to hide behind to hack more sensitive targets.

My computer level is stone-age so don't be to technical with any answers, I know how to turn it on and push the buttons uggg and how to play games.

Thanks for your answers if any 

Paul Allen (stone-age man)

Link to post
Share on other sites

Hello new to this site, I'm Paul hello. 

 I look in her routers firewall log and see 100s of remote attempts a week to gain remote access mostly from china.

 

Hello Paul: :welcome:

 

Just short of normal, this is what almost all of us might see in our router logs.  Although it's disconcerting, you should take comfort in knowing the router is doing its job.

 

Like some forms of email spam, the attacks will likely stop with time, only to be replaced by their successors.

 

Keep your grandmother's router firmware updated along with her system/applications software and hopefully a thoughtful grandson has made sure she has a good quality automatically updated anti-virus application and Malwarebytes Anti-Malware with a Lifetime license. :D

 

I hope this helped.

Link to post
Share on other sites

Thanks gents for the reply :)

This has been going on for over a year every day relentlessly is that still OK? and I have just discovered an infected userinit.exe file (found by combofix) on her main computer.

I do play games on this computer but only Neverwinter and dont visit any bad sites and I know she does not do anything bad on it as in looking at dubious sites so where and how did this file infect it. Its got past scotty dog, avast, mbam pro, mbae, and comodo firewall and hips. (no bad emaisl have been opened by either of us)

is it me or could something be up here?

I never get anything on my own pc or have any attacks on my router apart from the odd port scan like you say certainly not the amount she gets on a daily basis if they keep rising she will be competing with NASA or some places in silicon valley lol.

Thanks again gents

Link to post
Share on other sites

First off, they're right - it's routine to see such attack attempts.  In years past I used to collect the attempts and submit them to http://dshield.org/ but the major avenue of collecting those logs, namely Kiwi Syslog Daemon, which used to be a free product but was bought out by Solarwinds and is no longer free :(

 

The best thing you can do now is to make sure the router has a super strong password, that you change it often, and unless you absolutely have to have it on, I'd advise turning off remote management as well.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.