9
My neighbor's router got hit with a botnet attack last month
He asked me to look at it. Had to choose between just resetting it or doing a full firmware wipe and reinstall. Went with the wipe. Found a bunch of weird connections in the logs after. Took about an hour to get his network secure again. Anyone know a good tool to monitor for that kind of traffic?
3 comments
Log in to join the discussion
Log In3 Comments
michael_burns24d ago
Man, that's scary. What kind of weird connections did you see in those logs? Were they all going out to random foreign IP addresses, or was there something trying to talk to devices inside his house? Knowing the pattern might help spot it faster next time.
5
ray_king24d ago
Good call on the full wipe. Those logs sound like a horror movie. My old router used to light up like a Christmas tree with sketchy traffic until I set up a Pi-hole.
2
jana_lewis8724d ago
Forget just looking at the logs... you gotta check what's making the calls in the first place. I got obsessed and started checking task manager for weird processes, and half the time it's some "helper" app from a printer or old software phoning home. That stuff slips right past a pi-hole if it's using your browser to connect.
2