Someone tried to hack my router

I just checked access and it shows someone externally connecting to a router i use,
someone using a japanese nick and apple computer hardware. I can assume only one from /prog/(or /jp/?) is leet enough to do it.
If you have a problem with me just ask here. Wrecking my router is not going to help(at most i'll just reset the hardware)

I can assume only one from /prog/(or /jp/?) is leet enough to do it.
implying anyone on 4chan can actually h4ck

It was me. U MAD? I'll make that shit blow up.

Grand Theft Loli

>>2
The router in question is not open to public access and i see 2 computers that connect not long ago which have expired IPs, one of which uses a Japanese Shift-jis hostname(something which translates to Ri-"system"-/"S"? , using hardware ID from apple computers) and the other is blank(only hardware ID matches for some japanese appliance?).

If you have a problem with me just ask here.

You have to be either blind, or... stupid.

There are more than enough "things" on /praque/ that should give you a hint that people fucking hate you

>>4
I'd play it. I would have sex with them, and then run them over to get my money back not at all like in real life.

>>3
I'm not mad i just can't modify that router firmware or locking it down entirely without ISP making a fuss(router technically belongs to ISP) and disabling it.

>>6
if 4chan was full of people who like each other it would be GaiaOnlineChan.

I think it could be guys from some japanese forum, though i don't have a clue who is doing that and i don't recall visiting any this week. It someone probably from /prog/ or connected to /prog/ but i'm not sure anymore.

check 'em

>>10
Wow..you managed to anger people from across the globe, likely not even speaking a word of japanese.

>>10
How did you manage to give away your IP?

Set a WPA2 non-dictionary password, a MAC address filter and disable DHCP, for the start. If your router allows it, use WPA2 enterprise with RADIUS.

>>12
>not even speaking a word of japanese.
i use google translate if i need to. There is no point learning japanese if you don't use it everyday. It like learning Sumerian
>>13
An IP is not some magical secret guarded by layers of NATs and firewalls. Unless you use slow,unreliable proxies or some service which relies the pages to you, you have to transmit an IP(I'm not that keen on using internet at 3kbps via proxy) for every request.

>>15
Your IP is not shown on this board, except for admins. So, how did you managed that?

>>14
>disable DHCP
I'm not the only one using it, and i can't really modify much without breaking stuff(ISP routes for example are hardcoded?? ).
MAC filter: it can be easily faked.
>WPA2
Wireless is always disabled and there is admin password present >8 chars.

>>16
It does not have to be someone with server access to 4chan, it could be a site linked from /prog/(i check links often) or some other site.
I really have no clue, but i don't mask IPs and i don't use any proxies, so it would be much easier to get there.

>>18
Ok. Suppose I make a link to my domain: html://honeypot.com/some-cool-link.html . I get a list of IPs coming from /prog/. That doesn't tell me which one is FrozenVoid's.

>>19
html://
wow!

inorite!

how about this hyper awesome hack trickz0rz!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

xhtml://127.0.0.1/?hack=yes&what=insert-virus #(this hacks the computer)

xhtml stands for SUPER EXTENDED ENTERPRISE HTML 2.0!!!!!!!!!!"!!!!!

>>19
maybe its someone with access to 4chan servers
I can't grasp what going on:
1.router can not physically connect to anything outside. It does not have wireless enabled since it was installed.
2.Assigning DHCP leases to 2 new computers which do not exists here is impossible(or i misunderstand the whole DHCP security idea but getting a local 10.0.0.x ip from outside should be impossible).
3.No one here has a shift-jis or non-english hostnames. since i can see every hostname as wired to a physical computer, these two are coming outside the routers local zone.No one uses macs or that hardware ID from japanese appliance.
4.System log of router does not have any alerts for this, just as someone was using my router as a casual way to log in.

maybe is mafia??

It's your alter-ego. You are developing DID.

>>24
DID does nto usually cause people to change their mac addresses and it cannot cause new hardware to magically appear.

>>22
Then it can be only Mister Sac-Van-Bob.

>>26
He doesn't seem like a guy that would hack random visitors and i don't see why would he use my router to assign himself a local IP(unless he was setting up a secret VPN on my router)

PROTIP: These "hackers" are actually malware working as part of a botnet.

>>27
Yes that doesn't make sense. >>28 is most probably right. What router do you use?

>>28
I never considered that idea. Malware could technically exploit the router software(ancient busybox build with software which ISP updates once per year at most) but that would be much more visible in wireshark(as botnet traffic or something).
Wireshark is showing zero traffic from outside, usual ARP exchanges in local zone. Everything unusually quiet.

>>29
D-Link 2650U

>>31
Have you reported that to your ISP?

>>32
1.There is nothing to report(a local IP has appeared of out nowhere? That not ISP problem)
2.They can't help, they have support which barely know about DHCP and their policies include no modification of ISP routers.
3.If its malware the problem would already by visible and ISP would start filtering traffic or update routers.

>>30
What I want to know is how a random 4chan user is going to know YOUR IP address. I studied network engineering and I don't your address.

>>34
its sounds unlikely, probably someone who has access to 4chan server data. Could be another site. I'm not sure 100% now its someone from 4chan.
Also, i'm managed lock down the router so hard i can't even access it anymore(it block access to itself since apparently blocking http Lan also disables the access to webapp which controls the router, and i don't know if there is some other way to control it)

>>35
Since telnet and every other protocol more complex than routing and DHCP are now completely blocked.

FrozenVoid, are you crazy?

>>37
I'm completely sane. I'm feeling sligthly nervous because something is going on which i don't understand. As for router,
I'm not going to reset it as it(the complete block) provides some protection from another leet hacker taking over it or anyone ever even trying logging into the router app and rewriting the firwmare to malware/trojan/botnet client.

someone once tried to do a brute force login into my ssh daemon, by trying many different usernames and passwords randomly. I suppose if I never noticed, he/she may have succeeded after a decade or so. I made a frequency table for the usernames they tried.

mythtv    14
marine    10
navy    10
oracle    3
sea    3
ale    2
apache    2
cead    2
condor    2
demo    2
dilli    2
global    2
globus    2
jboss    2
postgres    2
postmaster    2
simoni    2
tomcat    2
undernet    2
upload    2
alex    1
cadi    1
cady    1
cai    1
cailin    1
cailine    1
caimile    1
caitlin    1
caitlyn    1
cala    1
calan    1
calandra    1
calantha    1
caleigh    1
caley    1
calhoun    1
calina    1
calista    1
calla    1
calli    1
callie    1
calliope    1
college    1
eaguilar    1
estudiante    1
feedback    1
grupo2    1
nagios    1
payala    1
photo    1
portal    1
sameer    1
shit    1
temp    1
test    1
tester    1
testing    1
testuser    1

>>38
Nobody cares about you, nobody needs.

>>39
That's nothing special. Bots attack SSH servers all around the clock, every day, all the time. I installed fail2ban and stopped caring.

>>39
Jesus, learn to use [m].