Jump to content
Network communication blocked after upgrade to macOS 15 (Sequoia) ×

Router infected?

Andrei-I

By Andrei-I
in Malware Finding and Cleaning

 Share

Recommended Posts

Andrei-I

Andrei-I 0

Posted
Posted

Hello, 

The trojans in my system keep being recreated despite Eset finding no issues. I have checked the Network Inspector and found that some connections are blocked.

Could these be a sign of an infected router? 

Screenshot 2024-09-25 081918.png

Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted
11 hours ago, Andrei-I said:

I have checked the Network Inspector and found that some connections are blocked.

First, to run the Eset Network Inspector tool, your Eset existing set up network connection profile must be set to Private mode. The Eset network connection profile assignment by default is set to Automatic. This in turn defers to the current Windows firewall profile which is set to Public by default.

Open Eset GUI and check your Eset network connection and verify that Connection profile is set to Private. If not, manually set the connection profile to Private.

Next, go to the Tools section and select Network Inspector. Now select the Scan your network tab. Eset will proceed to scan your network and devices for network vulnerabilities. The scan will run for a while. When the scan completes, Network Inspector will either show;

1. No vulnerabilities found or;

2. What network devices have one or more vulnerabilities associated with them.

Finally, reset Eset network connection back to Public if that was its initial setting.

Ref.: https://help.eset.com/essp/17/en-US/idh_page_homenetwork_protection.html

Link to comment
Share on other sites
Andrei-I

Andrei-I 0

Posted
  • Author
Posted
On 9/25/2024 at 11:48 AM, Marcos said:

Were the trojans detected by ESET? If so, could you please post the appropriate records from the Detections log?

At the moment nothing is shown in scans, but the last time was this: 

Could this be connected?

image.png

Link to comment
Share on other sites
Andrei-I

Andrei-I 0

Posted
  • Author
Posted
17 hours ago, itman said:

First, to run the Eset Network Inspector tool, your Eset existing set up network connection profile must be set to Private mode. The Eset network connection profile assignment by default is set to Automatic. This in turn defers to the current Windows firewall profile which is set to Public by default.

Open Eset GUI and check your Eset network connection and verify that Connection profile is set to Private. If not, manually set the connection profile to Private.

Next, go to the Tools section and select Network Inspector. Now select the Scan your network tab. Eset will proceed to scan your network and devices for network vulnerabilities. The scan will run for a while. When the scan completes, Network Inspector will either show;

1. No vulnerabilities found or;

2. What network devices have one or more vulnerabilities associated with them.

Finally, reset Eset network connection back to Public if that was its initial setting.

Ref.: https://help.eset.com/essp/17/en-US/idh_page_homenetwork_protection.html

The scan came out clear, but I don't recognize the last device in the list, which connected yesterday: 

image.thumb.png.22bfbd99a9e272c5cb8fb90da43eb332.png

guangzhou shiyuan electronic technology company limited - possibly a printer? 

Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted
1 hour ago, Andrei-I said:

The scan came out clear

Appears you are using OpenWRT as your router. Note that there have been multiple security vulnerabilities associated with older versions of it. Ensure you are using the latest version of it.

Ref.: https://openwrt.org/docs/guide-developer/security

Link to comment
Share on other sites
Andrei-I

Andrei-I 0

Posted
  • Author
Posted
22 minutes ago, itman said:

Appears you are using OpenWRT as your router. Note that there have been multiple security vulnerabilities associated with older versions of it. Ensure you are using the latest version of it.

Ref.: https://openwrt.org/docs/guide-developer/security

What would you say about the last device I sent on the screenshot? 

Link to comment
Share on other sites
itman

itman 1,746

Posted
Posted (edited)
16 minutes ago, Andrei-I said:

What would you say about the last device I sent on the screenshot? 

Quote

Check For All Connected Devices On Windows, MacOS, and Linux

Let’s understand how you can check for connected devices on various OS i.e. Windows, macOS and Linux using three different methods:

Method 1: Check Unknown Devices Using Router’s Web Interface:

  • Open a web browser and enter the router’s IP address.
  • Log in with credentials.
  • Navigate to the “Device List” or “Connected Devices” section.
  • View a list of connected devices with detail

 

https://www.geeksforgeeks.org/identify-unknown-connected-devices/

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...