DNS Hacked in Router

ijsa

Regular
[OP]
Regulars
May 3, 2008
1,675
167
@alphago I am on windows 10 and by default telnet is not working... I will enable and check.

@Jay Yes it does seem like DNS hack is primarily trying to load malware on various devices. My phone is not rooted and I guess no apps except the default would have root access/ admin privileges.

@pothi I do like your idea of using guest network as primary network for all users.

My home(we are a joint family) network is spread across 2 floors with 12 phones + 2 tablets + 2 Android Tv box + 2 laptops + 2 desktops and occasional friends and extended family accessing the network. So it is difficult to monitor all the devices.....

One of my doubt is that can the ISP or anyone else could log in to my router and physically change the DNS servers if the router is having a strong password. Though they can try to phish or check my browser for saved passwords.

So wiping out/ resetting all devices in network does not seem to be a solution to me...... since a nine year kid in the family is also accessing the network, playing fortnite/ pubg on his parents discarded phone, downloading whatever or what not...

So my primary concern is to safeguard the router..... the two things that are workable are:

  1. as suggested by @Sushubh.... I am going to put DNS in all devices on which I have control.
  2. as suggested by @pothi..... use guest network of router as primary network..

BTW during that time I did some bank transactions and used GST network/ paid taxes.... which all went fine.....

Do spare a thought/ suggestion about the situation.
 
  • Wow
Reactions: pothi

Smh

Regulars
Nov 7, 2016
917
148
if your bank uses strict https (will not work on stripping https) then your bank transactions should be safe as dns hijacking is a kinda MITM attack. Google, Facebook would always stop working if someone tries mitm/dns poisoning attack, cannot recall exactly how but its something related to a default certificate installed in browsers.

I would suggest to download the latest firmware for your router and setup everything from scratch. Block all remote access (WAN). Only allow some device(mac filter) to access router admin page though lan.

Use encrypted dns on all devices (simple dns for pc with 1.1.1.1 and there is a similar app for android)

Scan your devices with a good antivirus. Use something like wireshark to monitor suspicious traffic.
 
  • Like
Reactions: ijsa

rajujayaraman

Newbie
Regulars
Mar 6, 2012
197
12
Hi, i would prefer you to reset and reconfigure . After doing this, change the password. Router dns shows ,0 0 0 0 if there is netwok, but not getting assigned any ip. Normally in such case windows assign 169 started ips.
In wifi settings , disable WPS .
what is the time settings that you have prefered. is it some ntp server
please check suspicious programs bundled with a recent downloaded software or page accessing.
 
  • Like
Reactions: ijsa

netseeker

Member
Mar 16, 2019
38
13
This forum has way too many entertaining threads, I am getting addicted lol!
 


  • LOL
Reactions: pothi

Similar threads