If the configuration tool for my router points to another device, does this mean security has been compromised?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If the configuration tool for my router points to another device, does this mean security has been compromised?
I connect my computers to the Internet using a Mercury brand router. This plugs directly into the wall with an ethernet cable. A modem is not needed, as best as I know. Near my apartment is a closet with the network switch. I assume my Internet cable goes directly to that.
Recently, my Internet connection has strange problems with SSL sites always failing to establish secure connections. Other residents in my building had no such problem.
So, I went to the IP address which I usually use to configure the Mercury router. Instead, this asks me for the password to a FAST brand VPN router. From pictures on-line, I see that this is one of the small consumer routers designed to sit on a shelf, and has two WIFI antenaes. Most of the other newer residents received one of these for free when they moved in, but I don't have one in my apartment.
Why is the IP address for the Web-based Mercuriy configuration tool going to another device? Is that normal to place a router somewhere inside the walls before the Internet plugs directly into the network switch? Is this a sign that my router or some part of the Internet connection has been hacked?
Do you mean, they sent a software update to all of the FAST brand routers, and my Mercury router's software was mistakenly overwritten with the FAST updates?
To be sure, you should disconnect the router from the Internet, switching-off any wireless etc., connect your computer to the device through a Cat-5 cable, and go directly to the IP address corresponding to the device's maintenance port. The password and so-forth should be exactly as you left it.
You don't make it clear what "the IP address that you use" ... is. I would expect it to be a local-only "127.x.x.x" address which, most likely, should be configured so that it can only be accessed by a Cat-5 cable connection from your computer.
Routinely check the manufacturer's web site to see if software updates have been published for the model that you own, and install them immediately.
192.168.x.x is a non-routable address - many (most ?) home routers use addresses in this range.
I'd say one of your neighbours got a new router with the same address as you use (or reset it), and you got connected to that (via wifi) accidentally. Best to connect by SSN (name) rather than ip address, and use a cat5 cable to do the config, rather than wifi.
Last edited by syg00; 01-23-2016 at 10:28 PM.
Reason: clarification re IP of router
No, I am not connected with Wifi, but connected with the cable. I don't even have the Wifi drivers and software installed, and when I unplug the wire, the Internet stops working.
Ensure facts, getting right you should.
Else no basis you have, to draw conclusions on. Don't assume but ensure.
Quote:
Originally Posted by General
I connect my computers to the Internet using a Mercury brand router. This plugs directly into the wall with an ethernet cable. A modem is not needed, as best as I know.
Cable and xDSL require a modem. Providers often ship a single device acting as modem / router.
Quote:
Originally Posted by General
Near my apartment is a closet with the network switch. I assume my Internet cable goes directly to that.
Have the equipment inspected instead?
Quote:
Originally Posted by General
Recently, my Internet connection has strange problems with SSL sites always failing to establish secure connections.
Explain with examples how it fails and use verbose 'cURL' output ('curl -vIL https://some/site;') to illustrate?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.