Hot to Determine if Unauthorized Remote Access Succeeded

---

Umrk wrote:

Schumaku,

 

I appreciate the time you took to write a thoughtful, informative response to my question. You have certainly proven your knowledge in this area because the IP 192.168.199 is used by my Xbox 1, and I have forwarded ports to decrease lag and improve performance for gaming. I have configured the settings on both my router (Nighthawk X6 R7900 with latest firmware update) and OS (Win 7 x64) to a degree that my network should be safe from these unscrupulous &^%^ $#, yet doesn’t interfere with Xbox/gaming performance.  

 

Nevertheless, these devious f^&%$ who have nothing else to do but troll the internet in search of an unsecure network continue to worry me. So, while I have prepared my network defending it against their continual probing, how can one determine what they did, how long they did it, and what if anything did they get.  The more I learn about their actions while trying to gain entry into my router/network, the more I can do to protect myself. I would much rather be proactive in protecting myself and I am sure many others feel the same way.   So, with this in mind, I have the following questions:

 

1. Can the router be configured to capture more information, e.g., activity, number of times they tried to enter the admin’s account password, duration of their activity?

---

If you have remote management enabled on the router, then I'm pretty sure the router will log each time someone remotely logs into the router.  Logging into the router, however, is different than "LAN access from remote".  The latter indicates that the router permitted unsolicited traffic to pass through the router to a device on your home network.  In your case, several remote sites are attempting to connect to the HTTP port on your Xbox.  I don't know if the Xbox listens to port 80.  You can easily check by pointing your browser at 192.168.1.199:80.  If something comes up, then your Xbox is listening.  Depending on what is displayed, you'll have to decide if you want to continue exposing that port to the Internet.

1. Does Windows log the above, or can Windows be configured to log the activity, password attempts, duration of activity etc.?

---

 I'm pretty sure Windows can log attempts by people to log into Windows.  It won't log attempts by someone to access your Xbox.

1. I am able to test the security of my browser (Panopticlick2) the (true) bandwidth (Speedtest.net) not my ISP’s overestimated/lie of my internet connection: Does a reputable, safe site that tests the security of a home network exist, or is using such a site an invitation for trouble?

---

 There are various websites that will basically attempt to scan your router for open ports.  Google test open router ports and you will find several sites.