Can a system be protected if the router is infected
 

So, my router is infected and the moron next door has my wifi info, and admin passwords. He can get in in under 10 seconds by now.

I think he infected my router and re-routed us.

He has quick entry into my system, and this is what I've tried:

1) resetting the router - default factory setting.
2) changing router page admin password, wifi password, mac filtering, etc...
3) re-formatting my system, checking for rats, etc...

My question is this
if the router is infected (im not good enough to clean routers), and that i use a VPN, is my data secure or not?

What can i do in this case?

Get an entirely different router.

Don't use WiFi on your router.

Again???
https://www.linuxquestions.org/quest...os-4175656201/
https://www.linuxquestions.org/quest...em-4175625988/

This'll make the third account for the same 'problem'. Again, POST PROOF...we need more than 'router' to work with, along with some actual evidence of what you're talking about, how you know it's 'infected', and what kind of computer you have. If you can't provide actual evidence that something is going on, what do you expect us to do??? And *AMAZINGLY*, the 'lynxlyon' account had the same sort of screed a while back:
https://www.linuxquestions.org/quest...6/#post5896290

...and now it's 'lynxlyon2'??? Total coincidence, I'm sure. Even though your other duplicate thread indicates a 'moron':
https://www.linuxquestions.org/quest...ms-4175659817/

Seek help, and not technical help.

Some versions of routers have security issues. One may wish to see if any update from the OEM maker exists to correct this. One may wish to see if DD-WRT or other open sourced router firmware may support it. There are some routers that have a backdoor password. The firmware update should have fixed it if that is what is going on.

I agree that currently you ought to disable wifi if you don't feel you can configure it securely. Might look at any powerline adapters if you have them too.

I'd call police if you have some reason to suspect this. Most places it is a crime to do what you claim your neighbor is doing. Let the police investigate for proof.

Generally I'd think that a VPN created on a system computer could be immune to effects of a compromised router but this would assume more than a few things to be true. It could be that if one had access to the router one could start spoofing some things.

I'd assume that a new and current router tends to ship with the most current firmware not always. Easy enough to update upon first boot.

to be fair
there is a real problem in this closed thead
https://www.linuxquestions.org/quest...7/#post6029560

which I answered in this one
https://www.linuxquestions.org/quest...6/#post6029622

Is the router compromised?
Probably not.
But is is easy to see how lynxlyon2 could come to that conclusion when presented with the problem detailed in #post6029560

...and...
Sorry guys, no. lynxlyon2 is the same person as lynxlyon...and if I had to bet, the same person as the other two posters. Language, syntax, and 'problem' is all the same.

Does anyone honestly think that, despite the router being reset to factory, new settings applied, etc., etc., that the 'moron' gets in, in under 10 seconds???? Please...see previous posts:
https://www.linuxquestions.org/quest...0/#post5896253
https://www.linuxquestions.org/quest...ck-4175632746/
https://www.linuxquestions.org/quest...em-4175625988/
https://www.linuxquestions.org/quest...os-4175656201/

Now, I can't be *CERTAIN* that this OP is the same person as the other three mentioned here....but lynxlyon vs lynxlyon2 would seem to be a safe bet. And given the language and syntax, along with the same references to VPN's, that they're getting 're-routed', etc., sure seem to point in that direction.

Lynxlyon2...so far, you've made an accusation that the 'moron' is getting on your wifi in under 10 seconds. What we haven't seen so far is some PROOF...how do you KNOW anyone is getting in?? What exactly do you mean by 're-routed'??? Symptoms?? Your other thread was total speculation that you were 'hacked', when in reality it was just a system update...yet you blamed it on being 'hacked'.

I understand where you are coming from TB0ne

We can only help with their technical problems like the repos getting re-organised.

Not much I can do about their other issues.

I belive the belief is genuine and hostility will only re-enforce that belief.
not a troll just a tortured soul.

Let me just give you serious technical advice, because I want to show off. ;)

Are your router and modem a single device, or are they two separate devices?

If they're two separate device, it's the router that you think is infected, right?

Have you tried plugging your computer directly into the modem, via ethernet, instead of using the router's wifi? That would at least confirm whether there's a problem with (just) the router.

Just to add my 2 cents on this.

a. Get a trusted friend, relative or anyone to examine your home network or office network. Of course they must have a knowledge in IT.

b. If you purchase a router buy a good one I mean like "Cisco", Netgear etc. (change the admin password before you make it online)

c. They won't be able to get into your system so easily unless there is an insider, insider could be a person or a device already infected and whatever things you do it will always stay unless that device is clean. (devices like smart phone, smart TV or any thing that can be accessed via network, thumb drive, hard disk, old files)

d. Change habit, if you love to always visit a site full of malware or viruses (porn, torrent etc.) then i guess it will keep coming back

e. Make peace with your neighbor. :)

If you suspect the router is infected within 10 seconds, then the firmware is compromised. Meaning no matter how you reset it, it will always be there.

thank you for the wonderful answers!

In recent days, I lost my email account (I can't log back in), passwords, and the rest. I even lost my paypal account, but I got that reset. I also forgot my password for linuxforums, so i created a new account here.

okie, will try that

Right...I'm sure the 'moron' re-routed you, and stole all of them, right? Sorry, but you just don't have any problems anyone here can solve....seek professional help. Opening multiple accounts and filling the forums with baseless junk does no one any good. Anyone looking for real technical advice would get VERY confused reading your numerous threads, because there just isn't anything there.

Again: POST PROOF. Tell us what evidence you have (and POST IT) that you have been 'hacked in 10 seconds' and 're-routed'. You claim to "know" this....how??? If you can't or won't answer, there is ZERO we can help you with.

Has your neighbor repeatedly been able to break into your router using the admin passwords after you've changed them?

At a minimum, I'd:

• Not use the WiFi available on the router that your ISP supplies. You may be able to connect to the ISP's router and disable the WiFi access on it. If you can, do it.
• Run -- don't walk -- to the nearest computer store and pick up another WiFi router for you network.

then

• Change the admin password for the new router. If you're still using the factory default password -- "admin/secret" or whatever -- that may be your source of break-ins. When choosing a new password for admin access, use as long a password as it'll accept. Use a password generator (such as the one in KeyPassX or others) or the xkcd password generator. If you use the latter, I'd still put it into a password vault like KeyPassX just so you don't have to manually enter it each time. (If you forget this one, you'll need to find that paper clip and press the button that sets the router back to the factory defaults, login in using the original admin password, and reset the password again.)
• Change the SSID for the WiFi; don't set it to anything similar to what you have previously used (Try "FBI CyberCrimes Unit" and see if that helps. :^D ) Yes... it's security through security and any cellphone app that can see WiFi SSIDs will eventually reveal it but why make it easy.
• Make the WiFi access password long and difficult to crack. Again, make it as long as possible. (Using your password vault's generator or whatever hard password generation method you prefer.)
• If your router/WiFi allows it, I'd allow WiFi connections only from specific MAC addresses.

If this problem persists, I'd contact the authorities. What your neighbor is doing is patently illegal.

Good luck...