Calguns.net  

Home My iTrader Join the NRA Donate to CGSSA Sponsors CGN Google Search
CA Semiauto Ban(AW)ID Flowchart CA Handgun Ban ID Flowchart CA Shotgun Ban ID Flowchart
Go Back   Calguns.net > GENERAL DISCUSSION > Technology and Internet
Register FAQ Members List Calendar Mark Forums Read

Technology and Internet Emerging and current tech related issues. Internet, DRM, IP, and other technology related discussions.

Reply
 
Thread Tools Display Modes
  #1  
Old 08-23-2013, 12:19 PM
delta9's Avatar
delta9 delta9 is offline
Senior Member
 
Join Date: Jun 2011
Location: SAN FRANCISCO
Posts: 1,426
iTrader: 2 / 100%
Default I think my home network has been compromised

I've been having a few strange computer things going on the past few weeks.

It started 2 weeks ago when my wife's web hosting company said that someone was sending out spam from her email server. We promptly changed passwords, scanned computers for viruses and beefed up email to be sent secure connection (SSL). A few days later my wife had a few strange charges on one of her credit cards - a few ~$50 charges in another state where she had not used her card. She contacted her credit card company, had the charges removed, and was issued another card.

Fast forward to today - my wife received some random forwarded Craig's list postings to her email that were sent from a Yahoo account with my name (I've never had a Yahoo email account).

Our home computer network is a combination of both wired and wireless using WPA2-PSK security. We connect to the internet though a router and Comcast cable modem

Is it possible that someone in my neighborhood could be intercepting information via our wireless connection? Any steps I should take to increase security?
Reply With Quote
  #2  
Old 08-23-2013, 12:25 PM
POLICESTATE's Avatar
POLICESTATE POLICESTATE is offline
I need a LIFE!!
 
Join Date: Apr 2009
Location: Sunnyvale, PRK
Posts: 17,832
iTrader: 25 / 100%
Default

What operating systems are you using on your network?

If you are using WPA2 you should be fine. Bear in mind WEP is like putting a twist-tie on a hasp and WPA is like using a keyring. WPA2 should still be fine AFAIK.

Have you ever shared your wireless password with anyone?

One thing on the wireless router I would consider doing is making sure only non-wireless connections can admin the thing. So if you're not plugged into it with an actual cable you can't admin the router. That used to be the default a while back, but newer routers the default is to allow wireless admin since most people use exclusively wireless these days.
__________________
If you want a picture of the future, imagine a boot stamping on a human face forever.


Government Official Lies
. F r e e d o m . D i e s .

Last edited by POLICESTATE; 08-23-2013 at 12:27 PM..
Reply With Quote
  #3  
Old 08-23-2013, 1:00 PM
ocabj's Avatar
ocabj ocabj is offline
Calguns Addict
 
Join Date: Oct 2005
Location: Riverside
Posts: 7,126
iTrader: 39 / 100%
Default

Even if your home network is secure from the outside, it's worthless if you let a compromised computer on your network, which can happen a lot considering people use laptops and bring them between home and work (and anywhere else) and use them on 'untrusted' networks (e.g. public wifi) then bring them back into a 'trusted' network (home, work/enterprise).
__________________

Distinguished Rifleman #1924
NRA Certified Instructor (Rifle and Metallic Cartridge Reloading) and RSO
https://www.ocabj.net | http://jocabphoto.com

My AR15 Service Rifle - Used for CMP/NRA High Power Service Rifle Competitions
My Eliseo R5 (Remington 700) Tube Gun - Used for NRA High Power (Match Category) Competitions
My M1 Garand Service Rifle - Used for JCG Matches, rebuilt by Dean's Gun Restorations
Reply With Quote
  #4  
Old 08-23-2013, 1:07 PM
delta9's Avatar
delta9 delta9 is offline
Senior Member
 
Join Date: Jun 2011
Location: SAN FRANCISCO
Posts: 1,426
iTrader: 2 / 100%
Default

Quote:
Originally Posted by POLICESTATE View Post
What operating systems are you using on your network?

Have you ever shared your wireless password with anyone?

One thing on the wireless router I would consider doing is making sure only non-wireless connections can admin the thing. So if you're not plugged into it with an actual cable you can't admin the router. That used to be the default a while back, but newer routers the default is to allow wireless admin since most people use exclusively wireless these days.
All computers are Windows 7 and haven't shared the wireless password with anybody. I just changed the admin password on my router
Reply With Quote
  #5  
Old 08-23-2013, 1:10 PM
delta9's Avatar
delta9 delta9 is offline
Senior Member
 
Join Date: Jun 2011
Location: SAN FRANCISCO
Posts: 1,426
iTrader: 2 / 100%
Default

Quote:
Originally Posted by ocabj View Post
Even if your home network is secure from the outside, it's worthless if you let a compromised computer on your network, which can happen a lot considering people use laptops and bring them between home and work (and anywhere else) and use them on 'untrusted' networks (e.g. public wifi) then bring them back into a 'trusted' network (home, work/enterprise).
Hmmm good point - My wife occasionally takes business trips with her computer and uses the hotel's wireless. What about an iPhone or iPad that is used between home and public wireless networks?
Reply With Quote
  #6  
Old 08-23-2013, 1:21 PM
Brianguy's Avatar
Brianguy Brianguy is offline
Veteran Member
 
Join Date: Sep 2009
Posts: 3,839
iTrader: 3 / 100%
Default

scan all your computers with a different av. check your email settings, they may have her emails forwarding to another address. use different passwords on everything and make them strong, not password1 some routers have the ability to use ssl for admin login and disable login from the internet. install a firewall on your laptops.
Reply With Quote
  #7  
Old 08-23-2013, 1:38 PM
the86d's Avatar
the86d the86d is offline
Calguns Addict
 
Join Date: Jul 2011
Location: Pinko-occupied ObamaDerkaderkastan
Posts: 5,621
iTrader: 2 / 100%
Default

If network was compromised, and they are using an address that you are not (not MAC cloning), then you might be able to see addresses if you are using DHCP, or HOSTS, or whatever depending on your router. When I was using WEP many years ago that is how I found someone on my sh+uff. Now everything I use into a static lease on certain IPs only, and the scope is outside of that, so IF I saw DHCP leases being used, I really know what should and shouldn't be on there. I also have a list of kosher MACs and hostnames that should match-up, and if it is a Windows box getting on then it usually will drop the hostname on the DHCP server (router, if newer).

Always use Upper, Lower, and numbers at a minimum for your WPA* key and you will be better off with special chars too ("!@#$%^&*), and it's tough to use extended ASCII in Linux, so I stopped going THAT far...
__________________
"That's what governments are for - get in a man's way." - Captain Malcolm 'Mal' Reynolds
Reply With Quote
  #8  
Old 08-23-2013, 4:35 PM
gabe123 gabe123 is offline
Member
 
Join Date: Jul 2009
Posts: 214
iTrader: 4 / 100%
Default

I dont think its has anything to do with your wireless setting. Its hard, and not productive to hack into your computer like that unless you are a high value target. By the damage you described, its most likely spam ware/ key-logger, and trojan horse in one or more of tour computer. iPhone and iPod that were not jailbreaked are safe. Once your email contact list is stolen, hacker don't have to use your email address to send spam anymore. They can just pretend to be you or your email. This is what i would do: turn off all computers. Use dvd boot disc or factory reset and reset one of your laptop. This should be a fresh install. Then update Windows and antivirus. Then use this one computer and change all passwords, including that of your email, online banking , online bills, everything. Then call credit card company to issue all new cards and close off unnecessary one. Obtain a credit report immediately, and 1 every 3 month for the next year. I would reinstall all computer since you dont know which is infected. Make sure you turn off or disconnect good computer before boot up suspected one, because it can infect others in the same network. Good luck.
Reply With Quote
  #9  
Old 08-24-2013, 6:40 PM
delta9's Avatar
delta9 delta9 is offline
Senior Member
 
Join Date: Jun 2011
Location: SAN FRANCISCO
Posts: 1,426
iTrader: 2 / 100%
Default

***UPDATE***

A week before all this started, Comcast sent me a new cable modem to install in order to takes advantage of "network upgrades". What they didn't tell me was that the new cable modem also functions as a wireless router. It was set to default log in and passwords until today presumably leaving my network wide open to intruders. Unfortunately there is no option to turn off the cable modem wireless so my only option was to beef up the password.
Reply With Quote
  #10  
Old 08-24-2013, 11:11 PM
POLICESTATE's Avatar
POLICESTATE POLICESTATE is offline
I need a LIFE!!
 
Join Date: Apr 2009
Location: Sunnyvale, PRK
Posts: 17,832
iTrader: 25 / 100%
Default

Google it, there has to be a way to turn off the wireless. That's really ****ed up on Comcast's part. Default open networks out of the box on consumer equipment is BS.
__________________
If you want a picture of the future, imagine a boot stamping on a human face forever.


Government Official Lies
. F r e e d o m . D i e s .
Reply With Quote
  #11  
Old 08-25-2013, 9:35 AM
dynamomark80's Avatar
dynamomark80 dynamomark80 is offline
Member
 
Join Date: Sep 2012
Posts: 203
iTrader: 0 / 0%
Default

a few things to do is go into the router settings and exclude all MAC addresses except the ones of your devices you enter in. As far as I know a MAC address is still unique to a specif device so they would have to have the password info and be listed on the approved MAC list.
Change the router Administrator "login" name and password too.
Kill wireless if you dont need it at all.
If you allow other devices to use your wifi setup a "guest network" and set a specific connection timeout.

Oh another thing, check your router wireless log as it should show info like the IP address of the device that connected to your wifi to do all this bs. It may help you or the proper authorities find them. I would also raise hell with comcast for not letting you know of the wifi and letting you set it up with out knowing the security risk of hooking up such equipment. In all reality a criminal could have stolen you identity/life, downloaded pirated material, or even use you network to download child porn. Either way Comcast should be at the very least yelled out for their lack of brain function.
__________________
I fear paper cuts far more than firearms.
Reply With Quote
  #12  
Old 08-26-2013, 3:51 AM
the86d's Avatar
the86d the86d is offline
Calguns Addict
 
Join Date: Jul 2011
Location: Pinko-occupied ObamaDerkaderkastan
Posts: 5,621
iTrader: 2 / 100%
Default

Quote:
Originally Posted by dynamomark80 View Post
a few things to do is go into the router settings and exclude all MAC addresses except the ones of your devices you enter in. As far as I know a MAC address is still unique to a specif device so they would have to have the password info and be listed on the approved MAC list.
...
Anyone who can crack WEP, can spoof a MAC, it can be part of the process, and only one command to do so.
Anyone who can crack WEP can see all MACs talking to an AP/a Wifi-router and MAC.
It can even be scripted.

WPA2 + Uppercase + Lowercase + Numbers + special chars is best, I was told by the guy setting up our arrays at work.
i.e. This!sTheBes+C0d3!c0uldThink0f@H0m3 but it would be a pain to remember.
__________________
"That's what governments are for - get in a man's way." - Captain Malcolm 'Mal' Reynolds
Reply With Quote
  #13  
Old 09-21-2013, 10:06 AM
catmman's Avatar
catmman catmman is offline
CGSSA Coordinator
 
Join Date: Jun 2012
Location: Long Beach
Posts: 451
iTrader: 4 / 100%
Default

Yeah, it isn't your house network. I see this all the time in a business I support when they use a free hotspot. Curious what you mean spam from your wife's email server? Do you mean client or an email server that she actually manages or something hosted somewhere?That is a big problem but if it is an actual email server you are talking about you will get blackholed.
Reply With Quote
  #14  
Old 09-21-2013, 12:20 PM
Darryl Licht's Avatar
Darryl Licht Darryl Licht is offline
CGN/CGSSA Contributor
CGN Contributor
 
Join Date: Dec 2012
Location: Somewhere in the Inland Empire between the mountains, the desert, and the beach
Posts: 2,309
iTrader: 14 / 100%
Default

What antivirus program are you using? Some of the free ones are total crap... you get what you pay for!

Also have you tried MalwareBytes Antimalware? Sounds like one of your PC's might have a nasty spyware infection.
__________________
Quote:
"Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one.
--Thomas Jefferson
Quote:
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong remedies. --Groucho Marx
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT -8. The time now is 6:19 PM.




Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
Proudly hosted by GeoVario the Premier 2A host.
Calguns.net, the 'Calguns' name and all associated variants and logos are ® Trademark and © Copyright 2002-2016, Calguns.net an Incorporated Company All Rights Reserved.