dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1233
share rss forum feed

curious7

join:2012-11-19

[BC] Actiontec hacked??

Over the past week or so, I have noticed an intermittent log dump from my DIR-xxx router sitting behind a Telus Actiontec modem.
The log is filled with lines such as:

user.err kernel: debug: sleeping function called from invalid context at mm/slab.c:2472.

At first I thought my router had gone 'south' because the dumps arrived regularly. After a day or two, the log dumps seemed to stop, then start up again for a short time.
The last few days, things have been quiet and the router seems to work as expected.

A scan of my system did not turn up anything unexpected.

The nagging question now is, was this a sign of someone 'probing' the router after getting into the Actiontec.
I have seen some reports that these modem are not very secure, though Telus is very reticent to talk about it.

Any comments or suggestions?

curriegrad04

join:2009-09-14
That's a Linux kernel related issue. Your router was not in any way been hacked by somebody else.

Would I suggest that you upgrade your firmware on your D-Link box?

curious7

join:2012-11-19
said by curriegrad04:

That's a Linux kernel related issue.

I understand that.
My real question is why would this issue show up after almost literally years of use and only for a very short time - with a vengeance - and then disappear again.
Is this an indication of an attempt to create a buffer overflow or similar exploit?
said by curriegrad04:

Your router was not in any way been hacked by somebody else.

I am reasonably sure no one got through; but I am not nearly as confident as you are that no one tried
BTW, it may be my first post here, but ...
said by curriegrad04:

Would I suggest that you upgrade your firmware on your D-Link box?

That is an option I have considered, though I would not consider or expect it by any means to be a sure cure.
Right now my interest in the security implications - if any.


pfak
Premium
join:2002-12-29
Vancouver, BC
Upgrade the firmware on your D-Link, it's probably a freshly released exploit. Are you DMZing from the V1000H to your D-Link?
--
The more I C, the less I see.

curious7

join:2012-11-19

2 edits
Thank you, it probably would be a good idea to update the D-Link.

The D-Link is on one of the V1000H ports, as is an internet radio.
All the rest of my LAN is behind the D-Link

I have thought of hanging a machine as a monitor off a DMZ port of the V1000H, but have been reluctant to expend the effort of trying to do it 'right'.

curious7

join:2012-11-19
Checked & "No updated software is available at this time" says the update check from within the router itself, but the D-Link web site says there is an update to "Enhance WPS-Pin security concern" available.

On second thought, the 'work' might have come from the WiFi side!!

Guess I will update, just in case and wait and see.


Cartel
Premium
join:2006-09-13
Chilliwack, BC
kudos:2
Do you use wifi?
even if you encrypt it, you can still be hacked.

curious7

join:2012-11-19
not much, but I had it enabled on the router.
That probably will change