Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    Service Manager 2,500+ Posts rthonpm's Avatar
    Join Date
    Aug 2007
    Location
    Pennsyltucky
    Posts
    2,790
    Rep Power
    108

    Re: Home Router DNS hacked

    Likely, unless you're able to get the signing keys used for firmware updates, no MFP would load or potentially recognise the firmware file.

  2. #12
    Senior Tech. 2,500+ Posts NeoMatrix's Avatar
    Join Date
    Nov 2010
    Location
    Sunshine State QLD.
    Posts
    3,514
    Rep Power
    104

    Re: Home Router DNS hacked

    What F@#! crock of B/S....
    It's a very sad day when your two main Telcos/ISP's in your own country can use service analysis(AKA hack) into your DNS severs and cache.
    For those of us in Oz. In the following article below you will read about Optus and Telstra indicated in DNS analysis.

    I've reported the above practice to the federal government telecommunication ombudsmen last year.
    I now find out via the below Wikipedia article that DNS analysis service has been in use by these two main Telco's for some time.

    Big deal some people might say. It all relates back to the Telco allowing your DNS cache to be redirected to google-analytics service which then allows other 3rd party rouge/illicit java script to run on your, Mobile Phone, Tablet, PC or network.

    https://en.wikipedia.org/wiki/DNS_hijacking


    --------------------- Excerpt from wiki article update 1st-june-2016-----------
    Manipulation by ISPs[edit]

    A number of consumer ISPs such as Cablevision's Optimum Online,[3] Comcast,[4] Time Warner, Cox Communications, RCN,[5] Rogers,[6] Charter Communications, Plusnet,[7] Verizon,[8] Sprint,[9] T-Mobile US,[10] Virgin Media,[11][12] Frontier Communications, Bell Sympatico,[13] UPC,[14] T-Online,[15] Optus,[16] Mediacom,[17] ONO,[18] TalkTalk,[19] Bigpond (Telstra),[20][21][22][23] and TTNET use DNS hijacking for their own purposes, such as displaying advertisements[24] or collecting statistics. This practice violates the RFC standard for DNS (NXDOMAIN) responses,[25] and can potentially open users to cross-site scripting attacks.[24]
    The concern with DNS hijacking involves this hijacking of the NXDOMAIN response. Internet and intranet applications rely on the NXDOMAIN response to describe the condition where the DNS has no entry for the specified host. If one were to query the invalid domain name (fakeexample.com), one should get an NXDOMAIN response - informing the application that the name is invalid and taking the appropriate action (for example, displaying an error or not attempting to connect to the server). However, if the domain name is queried on one of these non-compliant ISPs, one would always receive a fake IP address belonging to the ISP. In a web browser, this behavior can be annoying or offensive as connections to this IP address display the ISP redirect page of the provider, sometimes with advertising, instead of a proper error message. However, other applications that rely on the NXDOMAIN error will instead attempt to initiate connections to this spoofed IP address, potentially exposing sensitive information.


    [read more ]
    https://en.wikipedia.org/wiki/DNS_hijacking
    Last edited by NeoMatrix; 07-07-2016 at 07:55 AM.
    Inauguration to the "AI cancel-culture" fraternity 1997...
    •••••• •••[§]• |N | € | o | M | Δ | t | π | ¡ | x | •[§]••• ••••••

  3. #13
    Trusted Tech 50+ Posts nekowaiidesu's Avatar
    Join Date
    Dec 2015
    Posts
    65
    Rep Power
    17

    Re: Home Router DNS hacked

    Hi all

    Been out of action for a while with a pneumothorax (collapsed lung basically )
    Thanks for the replies. Will look into those articles when I have a chance

  4. #14
    Senior Tech. 2,500+ Posts NeoMatrix's Avatar
    Join Date
    Nov 2010
    Location
    Sunshine State QLD.
    Posts
    3,514
    Rep Power
    104

    Re: Home Router DNS hacked

    Quote Originally Posted by nekowaiidesu View Post
    Hi all

    Been out of action for a while with a pneumothorax (collapsed lung basically )
    Thanks for the replies. Will look into those articles when I have a chance
    Ouch!.... no good.

    I can empathise with you there, that's exactly how I feel every end of financial year tax time.

    It's tax time now....
    Inauguration to the "AI cancel-culture" fraternity 1997...
    •••••• •••[§]• |N | € | o | M | Δ | t | π | ¡ | x | •[§]••• ••••••

  5. #15
    Trusted Tech 50+ Posts nekowaiidesu's Avatar
    Join Date
    Dec 2015
    Posts
    65
    Rep Power
    17

    Post Re: Home Router DNS hacked

    Quote Originally Posted by NeoMatrix View Post
    Have you written any software programs or applications?

    What area of knowledge are you interested in, games, data base, CAD, office-ware, op-systems, security, etc...?

    Below is a CTN link you might find of interest.

    "www.copytechnet.com\forums\connectivity\97276-all-one-i-t-tech-software.html?highlight=toolbox"

    All in one I.T. Tech software.


    There should be an updated version out soon.
    Yes I have written some small apps. Nothing too big or impressive. A clock-in/out type program so the receptionist can see which techs are in house or on callouts etc, key loggers, various IRC bots with varying capabilities (they were specific purpose bots), a load of college and textbook examples and practicals obviously. Also played around with Unity a bit among other things. Really am an amateur :P but I do find programming enjoyable. Very interested in security and hacking etc, but never bothered to learn much about it.

    I took a look at your thread. Interesting idea. Will read through the rest of the thread (10+ pages lol..) and give it some thought (I'm sure there are a bunch of ideas I could add if I rack my brain over night). What language are you primarily using for this?

  6. #16
    Not a service manager 2,500+ Posts Iowatech's Avatar
    Join Date
    Dec 2009
    Location
    Iowa
    Posts
    3,933
    Rep Power
    97

    Re: Home Router DNS hacked

    Quote Originally Posted by NeoMatrix View Post
    What F@#! crock of B/S....
    It's a very sad day when your two main Telcos/ISP's in your own country can use service analysis(AKA hack) into your DNS severs and cache.
    For those of us in Oz. In the following article below you will read about Optus and Telstra indicated in DNS analysis.

    I've reported the above practice to the federal government telecommunication ombudsmen last year.
    I now find out via the below Wikipedia article that DNS analysis service has been in use by these two main Telco's for some time.

    Big deal some people might say. It all relates back to the Telco allowing your DNS cache to be redirected to google-analytics service which then allows other 3rd party rouge/illicit java script to run on your, Mobile Phone, Tablet, PC or network.

    https://en.wikipedia.org/wiki/DNS_hijacking


    --------------------- Excerpt from wiki article update 1st-june-2016-----------
    Manipulation by ISPs[edit]

    A number of consumer ISPs such as Cablevision's Optimum Online,[3] Comcast,[4] Time Warner, Cox Communications, RCN,[5] Rogers,[6] Charter Communications, Plusnet,[7] Verizon,[8] Sprint,[9] T-Mobile US,[10] Virgin Media,[11][12] Frontier Communications, Bell Sympatico,[13] UPC,[14] T-Online,[15] Optus,[16] Mediacom,[17] ONO,[18] TalkTalk,[19] Bigpond (Telstra),[20][21][22][23] and TTNET use DNS hijacking for their own purposes, such as displaying advertisements[24] or collecting statistics. This practice violates the RFC standard for DNS (NXDOMAIN) responses,[25] and can potentially open users to cross-site scripting attacks.[24]
    The concern with DNS hijacking involves this hijacking of the NXDOMAIN response. Internet and intranet applications rely on the NXDOMAIN response to describe the condition where the DNS has no entry for the specified host. If one were to query the invalid domain name (fakeexample.com), one should get an NXDOMAIN response - informing the application that the name is invalid and taking the appropriate action (for example, displaying an error or not attempting to connect to the server). However, if the domain name is queried on one of these non-compliant ISPs, one would always receive a fake IP address belonging to the ISP. In a web browser, this behavior can be annoying or offensive as connections to this IP address display the ISP redirect page of the provider, sometimes with advertising, instead of a proper error message. However, other applications that rely on the NXDOMAIN error will instead attempt to initiate connections to this spoofed IP address, potentially exposing sensitive information.


    [read more ]
    https://en.wikipedia.org/wiki/DNS_hijacking
    This might be the most useless comment ever, but I have found that the "No Script" add on for Firefox is an adequate defense to cross-site scripting attacks. It has been part of the revenge mode for unnecessary flashy blinky crap I've had for quite a while. You are far more knowledgeable about network related issues than I am, so you will have to check that out yourself though, as this could be just so much nonsense.
    Last edited by Iowatech; 07-14-2016 at 05:35 AM.

  7. #17
    Senior Tech. 2,500+ Posts NeoMatrix's Avatar
    Join Date
    Nov 2010
    Location
    Sunshine State QLD.
    Posts
    3,514
    Rep Power
    104

    Re: Home Router DNS hacked

    How to identify if your Web browser SSL/TSL connection is being hacked or spoofed.
    The following article shows the average computer user how to monitor their own web browser SSL/TSL (credit card,banking,financial) connection for hacking.

    The website author Steve Gibson explains below in common language how to test for fraudulent and false positive SSL/TLS hacking. Read the entire article to the end, and then follow the step-by-step example at the end of the web page for your own relevant web browser instructions. For the average user you must read the entire web article to be able to fully understand how to use the "insert instructions ".


    SSL/TSL web article here:
    "https:\\www.grc.com\fingerprints.htm?domain=www.p bs.org" [www.pbs.org]

    https://www.grc.com/fingerprints.htm?domain=www.pbs.org


    It's important to understand the below inserted section by reading the above web article.
    You will then be able to apply that understanding to any of your own HTTPS websites:

    ----------8<----------------insert -----------------------------------------------
    How to display this page's (or any page's) SSL certificate fingerprint:

    Internet Explorer:

    • Right-click somewhere on the page.
    • Select “Properties” at the bottom of the pop-up menu.
    • Click the “Certificates” button on the Properties page.
    • Verify that the “Issued to” name exactly matches what this GRC page shows.
    • Click the “Details” tab to change views.
    • Set the “Show” selector to “<All>” if it isn't already.
    • Scroll down to the end of the list to “Thumbprint” (which is what Windows calls it).
    • Click on the “Thumbprint” item to select it and show the full thumbprint in the window.


    Google Chrome:

    • Click on the padlock at the far left end of the URL address bar.
    • Select the “Connection” tab.
    • Click on “Certificate Information”.
    • Verify that the “Issued to” name exactly matches what this GRC page shows.
    • Click the “Details” tab to change views.
    • Set the “Show” selector to “<All>” if it isn't already.
    • Scroll down to the end of the list to “Thumbprint” (which is what Windows calls it).
    • Click on the “Thumbprint” item to select it and show the full thumbprint in the window.


    Mozilla Firefox:

    • Click on the padlock at the far left end of the URL address bar.
    • Click the More “Information...” button.
    • Click the “Security” icon/tab at the top of the “Page Info” dialog.
    • Click “View Certificate”.
    • Verify that the certificate's name under “Common Name (CN)” exactly matches what this GRC page shows.
    • The SHA1 fingerprint is shown under “Fingerprints”.


    Apple Safari:

    • Click the [https padlock] icon at the far left end of the URL address bar.
    • Click “Show Certificate”.
    • Click the arrow to expand the “Details”
    • Verify that the certificate's “Common Name” exactly matches the name shown on the GRC page.
    • Scroll to the bottom to view the certificate's SHA1 Fingerprint.



    -------------------------------------------------------end insert ---------------------------


    Fingerprint test example for www.copytechnet.com:

    "https:\\www.grc.com\fingerprints.htm?domain=www.c opytechnet.com"

    https://www.grc.com/fingerprints.htm...opytechnet.com

    Webpage returns :
    Domain Name Certificate Name EV Security Certificate's Authentic Fingerprint
    www.copytechnet.com Parallels Panel C4-1E-11-1F-0A-61-39-13-23-DD-E8-B1-C5-5B-68-D0-36-EC-E7-B9
    Last edited by NeoMatrix; 08-21-2016 at 09:50 AM.
    Inauguration to the "AI cancel-culture" fraternity 1997...
    •••••• •••[§]• |N | € | o | M | Δ | t | π | ¡ | x | •[§]••• ••••••

  8. #18
    Service Manager 1,000+ Posts
    Home Router DNS hacked

    nmfaxman's Avatar
    Join Date
    Feb 2008
    Location
    Albuquerque
    Posts
    1,706
    Rep Power
    68

    Re: Home Router DNS hacked

    This is why, if I am not in front of my computer, I disable the LAN connection.
    I am also behind 2 routers with firewalls.
    Good luck getting to my computer even if I am on line.
    Why do they call it common sense?

    If it were common, wouldn't everyone have it?

  9. #19
    Senior Tech. 2,500+ Posts NeoMatrix's Avatar
    Join Date
    Nov 2010
    Location
    Sunshine State QLD.
    Posts
    3,514
    Rep Power
    104

    Re: Home Router DNS hacked

    Quote Originally Posted by nmfaxman View Post
    This is why, if I am not in front of my computer, I disable the LAN connection.
    I am also behind 2 routers with firewalls.
    Good luck getting to my computer even if I am on line.
    I've had to disable my WiFi internet connections from time to time as well...
    I originally had an old Nokia mobile phone that was connected to my WiFI network (saved on billing). The turd of a device was uploading off my network with out me knowing. I couldn't understand why my phone battery kept going flat quick, even after two costly new batteries fitted. I've since found out that back in the day Nokia hid a similar practice as a default setting within it's phones.

    Around the same time I even replaced the old modem/router, because the outer case would be come very hot. It got hot to the point where the beige coloured plastic case turned a shade of brown around the center. I even went as far as placing the modem on top of a large fin heat sink to dissipate the heat coming off. I was concerned about it becoming a fire hazard I when I wasn't home.

    Pop group "Tears for fears" lyrics: "Every-body wants to rule the world"....
    Last edited by NeoMatrix; 08-22-2016 at 12:05 AM.
    Inauguration to the "AI cancel-culture" fraternity 1997...
    •••••• •••[§]• |N | € | o | M | Δ | t | π | ¡ | x | •[§]••• ••••••

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Get the Android App
click or scan for the Copytechnet Mobile App

-= -= -= -= -=


IDrive Remote Backup

Lunarpages Internet Solutions

Advertise on Copytechnet

Your Link Here