Router got hacked?

[Impetux]

My brother was telling me this morning he had some problems with his router. In the middle of playing a game, his home network goes down. Checks all the obvious things and when he plugs the computer directly into the modem connection is restored.

He goes in to check the router settings and almost every field just reads: HACKED!

He went through and fixed everything, but was wondering of the consequences of getting hacked. We can rule out someone in the house did it, it had to be an outside source.

How much access could they have gotten to his computer? If someone could alter the settings on his router (it's a netgear), is that the most they could do or could they get access to his computer?

 

[Goosemaster]

What model firewall does he have? Does it have wireless?

if it has an SPI(stateful packet inspection firewall) make sure you set it up correctly whereby these are the first two rules( for simplicity):

Rules

If you want to limit the out going traffic deny all LAN to WAN traffic. These rukes specific to general, so you could lock it down(no traffic in or out) and then set another rule to allow http port 80 traffic out only for example.



There is perhaps more we can do, but we need to know the model no. first so we know what we are dealing with here.

 

[n0cmonkey]

Were the netgears one of the brands with the always present default username/password?

Make sure all administrative interfaces are only present on the inside (and/or forward port 80/23 to non-existant ip addresses). Make sure he has changed the default password, that's usually the easiest way in :evil:

 

[Goosemaster]

Originally posted by: n0cmonkey
Were the netgears one of the brands with the always present default username/password?

Make sure all administrative interfaces are only present on the inside (and/or forward port 80/23 to non-existant ip addresses). Make sure he has changed the default password, that's usually the easiest way in :evil:

You cahnge change the logins on those damn thigns either iirc


At least my webramp allows me to do that. I can;t WAIT till i get an Astaro box up.

 

[Cheetah8799]

If the router was never configured, any bum on the street with a laptop and wifi card can get on the network. Then they login to the router with generic user/password, then change settings.

 

[Impetux]

Appreciate the help!

The model number was the Netgear <a href="http://www.netgear.com/products/prod_details.php?prodID=129&amp;view=">FVS318</a>.

There is one wireless access point set up, but it's only a WAP and a bridge for the Xbox to get online, none of the PCs in the house are connected to it.

I'm unsure if there was a default username/password.. I'd have to ask him about it. If there is, I should give him a smack