Has my network been hacked/compromised?

[JSFLY]

I have a linksys BEF SX41v2

I use bittorrent and have 1 port forwarded on my router as such for the torrents to work.

Today, I check my port forwarding ranges to discover another port has been forwarded, its called Application: RTSP_67, Starts from ports 3028-3029. I did not forward this port myself nor has anyone I know messed with this computer and forwarded this port.

Also, I have not installed any software as far as I know that would require the openning of ports in my router.

Could this have been done via a virus or some sort of trojan?

 

[p0lar]

Does your router support 'Plug-n-Play' networking by chance?

 

[Laughingman12]

Check your DCHP client table

 

[JSFLY]

Thank you for your fast responses

Polar: Is there a way I can check to see if my router supports plug and play?

Laughingman: I checked the client table and there is only my name on it. Will this table show current active users or is it showing a history of past users that have logged on?

 

[p0lar]

Originally posted by: JSFLY
Thank you for your fast responses

Polar: Is there a way I can check to see if my router supports plug and play?

Without doing my due diligence for you by reading the manufacturer's documentation (hint hint), it's difficult to say for certain. Pick through your router's admin interface to see if you see an option in there. If it's enabled, disable it -- it was a VERY dumb idea by a group of idealists to even design a protocol that allows such behaviour. (note: not your dumb idea, that of some industry idealists, heh)

 

[vorgusa]

if we are talking about the same thing it should be labeled UPnP (universal plug and play).. just the networking version.

 

[p0lar]

Originally posted by: vorgusa
if we are talking about the same thing it should be labeled UPnP (universal plug and play).. just the networking version.

Yes, that's the correct term for it.

 

[SoulAssassin]

How much will you pay to get control of your machine back?

 

[Aarondeep]

Run hijack this and check the running processes. I doubt your computer/network was hacked. Was it forwarding it to your specific computer or a different IP address?

 

[Goosemaster]

Originally posted by: SoulAssassin
How much will you pay to get control of your machine back?

:evil:...

er I mean..:sun: