- Aug 25, 2001
- 56,348
- 10,048
- 126
I never had issues before, with my FIOS ActionTec Rev. I router, and my Asus RT-N12/D1 running Shibby Tomato 13x firmware.
I've got a PC, that's wired to an 8-pin Gigabit switch, and that switch, is wired to an AC1200 AP, set up in Client Bridge mode, connected to the 5Ghz AC band on my Asus RT-68R, running Shibby Tomato 138-MultiWan. The Tomato router (my LAN router), has its WAN port wired to a LAN port on my FIOS Quantum Gateway router.
The FIOS router, is 192.168.1.1, and the Tomato router is 192.168.1.2 on the WAN (static), and 192.168.2.1 on the LAN. All of my stuff is hooked up to the Tomato router.
So, I couldn't connect to my NAS units from this PC, but I could connect to the internet.
I did an IPCONFIG /ALL, and what I got, surprised me.
The PC, behind the Tomato router, pulled a 192.168.1.x address, and is showing the FIOS router as the default gateway and DNS server.
How is this happening?
Edit: DAMN. I SCREWED UP.
Recently, I plugged in a "guest" wired connection ethernet cable into my new FIOS QG router that I got a few months ago.
I thought maybe the other end of that cable was plugged into my LAN somewhere. Well, not THAT cable. The other end of THAT cable was disconnected.
But I noticed that there were three cables connected to LAN ports on my QG, and there should have only been two (my Tomato's WAN port), and the guest wired LAN (attached to the "outer" router, not directly on my LAN).
There was a black cable, that I traced the other end to, and it was plugged into my network switch!
Ruh-roh.
Nothing like bridging your WAN to your LAN for security purposes.
The black wired cable turned out to be for my single-drive Gigabit NAS unit, that was next to the FIOS router, to connect to the LAN.
I had made a crucial, yet easy, mistake.
When I replaced my FIOS router Rev. I with the QG, I grabbed the two nearest free plugs and plugged them into the LAN ports. In the darkness of my shelving unit, and with my age, I really couldn't notice much that the cable I was plugging in was black, rather than dark blue (the guest LAN).
So, conceivably, hackers could have been running around on my LAN for a while now.
Worse yet, when I got my Asus router, and put Tomato on it, I neglected to change the admin password, thinking that the LAN wired interface was safely away from the internet.
The Tomato router's WAN IP was DMZ'd from the FIOS router, so that UPnP could work properly from my secondary LAN subnet, without double-NAT.
FACK!
Edit: Worse yet, conceivably they could have gotten at the admin login interface on my main FIOS router. I wonder if it was compromised, because my internet went out a few times strangely, soon after I got the router installed. I figured that Verizon updated the firmware. Maybe not Verizon?
Anyone have suggestions how to proceed? I need to establish a "safe" baseline now.
Edit: Maybe I'm OK, if the DMZ destination was the WAN IP of my Tomato router? Even though the LAN was wired directly to the FIOS QG's subnet, it has a firewall, and all incoming connections would have been routed to the WAN IP of the Tomato router.
In short, it might be like what happened when I went to a LAN party once at a friend's house, and he set his PC up in the DMZ, for better gaming online (we were playing UT). I was running Windows2000 at the time. Well, he went to sleep and turned his PC off, I stayed up. At some point, my DHCP pulled the same IP that his PC used to have, and thus, my PC was unwittingly in the DMZ. I found out because I got "NT messenger spam". I reformatted my PC when I got home.
So, just because my Tomato router's WAN IP was in the DMZ IP address, doesn't mean that hackers could have unfettered access to my entire LAN.
So, *I think*, I dodged a bullet here.
I've got a PC, that's wired to an 8-pin Gigabit switch, and that switch, is wired to an AC1200 AP, set up in Client Bridge mode, connected to the 5Ghz AC band on my Asus RT-68R, running Shibby Tomato 138-MultiWan. The Tomato router (my LAN router), has its WAN port wired to a LAN port on my FIOS Quantum Gateway router.
The FIOS router, is 192.168.1.1, and the Tomato router is 192.168.1.2 on the WAN (static), and 192.168.2.1 on the LAN. All of my stuff is hooked up to the Tomato router.
So, I couldn't connect to my NAS units from this PC, but I could connect to the internet.
I did an IPCONFIG /ALL, and what I got, surprised me.
The PC, behind the Tomato router, pulled a 192.168.1.x address, and is showing the FIOS router as the default gateway and DNS server.
How is this happening?
Edit: DAMN. I SCREWED UP.
Recently, I plugged in a "guest" wired connection ethernet cable into my new FIOS QG router that I got a few months ago.
I thought maybe the other end of that cable was plugged into my LAN somewhere. Well, not THAT cable. The other end of THAT cable was disconnected.
But I noticed that there were three cables connected to LAN ports on my QG, and there should have only been two (my Tomato's WAN port), and the guest wired LAN (attached to the "outer" router, not directly on my LAN).
There was a black cable, that I traced the other end to, and it was plugged into my network switch!
Ruh-roh.
Nothing like bridging your WAN to your LAN for security purposes.
The black wired cable turned out to be for my single-drive Gigabit NAS unit, that was next to the FIOS router, to connect to the LAN.
I had made a crucial, yet easy, mistake.
When I replaced my FIOS router Rev. I with the QG, I grabbed the two nearest free plugs and plugged them into the LAN ports. In the darkness of my shelving unit, and with my age, I really couldn't notice much that the cable I was plugging in was black, rather than dark blue (the guest LAN).
So, conceivably, hackers could have been running around on my LAN for a while now.
Worse yet, when I got my Asus router, and put Tomato on it, I neglected to change the admin password, thinking that the LAN wired interface was safely away from the internet.
The Tomato router's WAN IP was DMZ'd from the FIOS router, so that UPnP could work properly from my secondary LAN subnet, without double-NAT.
FACK!
Edit: Worse yet, conceivably they could have gotten at the admin login interface on my main FIOS router. I wonder if it was compromised, because my internet went out a few times strangely, soon after I got the router installed. I figured that Verizon updated the firmware. Maybe not Verizon?
Anyone have suggestions how to proceed? I need to establish a "safe" baseline now.
Edit: Maybe I'm OK, if the DMZ destination was the WAN IP of my Tomato router? Even though the LAN was wired directly to the FIOS QG's subnet, it has a firewall, and all incoming connections would have been routed to the WAN IP of the Tomato router.
In short, it might be like what happened when I went to a LAN party once at a friend's house, and he set his PC up in the DMZ, for better gaming online (we were playing UT). I was running Windows2000 at the time. Well, he went to sleep and turned his PC off, I stayed up. At some point, my DHCP pulled the same IP that his PC used to have, and thus, my PC was unwittingly in the DMZ. I found out because I got "NT messenger spam". I reformatted my PC when I got home.
So, just because my Tomato router's WAN IP was in the DMZ IP address, doesn't mean that hackers could have unfettered access to my entire LAN.
So, *I think*, I dodged a bullet here.
Last edited:
Facebook
Twitter