dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3159
share rss forum feed

tbelle

join:2012-10-16
dubliin 6

Security issue on Wireless home network

Hello, We have a home WIFI Network. It is a Netopia 3347NWG. Sofware Version 7.8.0r2.
I had a look in the security log and it had the following in the logs. is this a cause for concern. Is there anything I can do to make my router more secure.. easy instructions to follow? I traced those ip address's and they come up as ukraine etc (possible decoy?) I presume to connect they would have had to be very near the house.
Can I do a simple change to stop the SSID from broadcasting the name? Would that effect anything if I changed this and where would i do this? would it make the network more secure?

Also, is it possible they were able to access the WIFI network at a later date? If so, this would prob not be mentioned in the logs? Thanks please advise.

Your Gateway has detected and successfully blocked an event that could have compromised the security of your network.

Please refer to your customer documentation for a description of the logged event.

Number of security log entries : 3

Security alert type : Port Scan
Protocol type : TCP
IP source address : 91.226.212.41
Time at last attempt : 10/7/12 11:31:07 AM
Number of ports that were scanned: 40
Highest port : 27977
Lowest port : 80
3127 8080 3128 9090 27977 3124 8909 80 1080 8000
(Only the first 10 ports are recorded.)

Security alert type : Port Scan
Protocol type : TCP
IP source address : 91.210.200.14
Time at last attempt : 10/9/12 05:48:43 PM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80
80 81 443 8000 8080

Security alert type : Port Scan
Protocol type : UDP
IP source address : 108.174.202.242
Time at last attempt : 10/11/12 05:52:37 PM
Number of ports that were scanned: 30
Highest port : 5070
Lowest port : 5061
5061 5062 5063 5064 5065 5066 5067 5068 5069 5070
(Only the first 10 ports are recorded.)


btelle

@eircom.net
Hey, is it straightforward to change the encryption level from Wep-manual to ?
do i just change on router, reboot and then go to each device? i just dont fancy it going belly up and i have to pay a packet for an engineer to come out:(

tbelle

join:2012-10-16
dubliin 6
reply to tbelle

I just had a look at the logs now and there is more..

Security alert type : Port Scan
Protocol type : UDP
IP source address : 17.173.254.223
Time at last attempt : 10/16/12 09:26:17 PM
Number of ports that were scanned: 6
Highest port : 51400
Lowest port : 51371
51371 51376 51375 51398 51400 51399

Security alert type : Port Scan
Protocol type : UDP
IP source address : 83.70.239.217
Time at last attempt : 10/16/12 09:26:17 PM
Number of ports that were scanned: 6
Highest port : 51400
Lowest port : 51371
51371 51376 51375 51399 51398 51400

This it today!
Seems v determined.
I need to make sure my settings are secure..
is it straightforwrd to chanage from wep to a more secure level of encryption? change to wpa and change passwords etc reboot and all devices?
thanks


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2
reply to tbelle
Changing from WEP to WAP2 AES is easy, and nothing else will change for settings. Change the PW to a long one, preferably mixed characters.

As for the scan, I get them all the time. They bounce.
--
I'm not anti-social, I just don't like stupid people.


bellt

@inow.com
thanks a lot!


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
kudos:7
reply to tbelle
Port scans are pretty common. Your router is handling it well. There's no need for concern.
--
AT&T Uverse; Zyxel NBG334W router (behind the 2wire gateway); openSuSE 12.2; firefox 16.0.1


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
»www.grc.com/passwords.htm

Use this site to generate passwords for best security.
If not useful come up with your own 20 character plus Random password with letters U/l case, numbers and symbols.

If your going to use the generated one copy it to a file for later use and perhaps print it too (aka usb stick) so setting it up on laptops etc is easy to do.
--
Ain't nuthin but the blues! "Albert Collins".
Leave your troubles at the door! "Pepe Peregil" De Sevilla. Just Don't Wifi without WPA, "Yul Brenner"

LlamaWorks Equipment


tbell3

@50.117.72.x
Thanks a lot! Appreciated.

Tig

join:2006-06-29
Carrying Place, ON
reply to tbelle
I'm pretty sure those scans are from the WAN (gateway) side. Release/renew your WAN connection so you will get a new address.


belletj

@inow.com
Thanks a lot!

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to tbelle
It's a portscan, the internet equivalent of someone walking up and ringing your doorbell and jiggling the lock.
It has NOTHING to do with wireless security.

If you're worried about someone spoofing an IP from Ukraine and stealing your wireless from next door, I'd
check if the Netopia bothers to log when someone accesses the wireless than focusing on these port scan alerts.

My 00000010bits.

Regards


belletr

@speakeasy.net
Thanks a lot for your help!

wolfengod

join:2012-11-30
00120
reply to tbelle
Ok , first of all wpa 2 is newest privacy method and difficult to decrypt due to the hash +salt values . so use that for passwording. WEP is very old and easily translated to a key, if you have a router setup then disable the pin function because now there is a probe to decypher it. watch the ports 8080 and udp attempts they are generally to locate and recieve mac address ip and other relevant info to use.
other than these few tips play safe and refuse most downloads:)
*WG*
*cypher was created in ww2 you think it has changed well it's same old algorythems tweaked*