This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Hi all, I'm concerned my router might be compromised. All of the three main people who are connected to it got hit with a random CC charge a while back.
Me and my roommate factory reset the router and set up Access Control to block all new connections so we could manually approve them.
Now there are a couple devices I'm seeing as "wired" ones that don't have a description and I don't know what they are at all, I pinged them so they're live and I've accounted for all the wired devices I can think of.
I also tried blocking them in access control and it said it was working on it then came back to the list and they were still allowed.
Has anyone experienced this before? Should I just dump my router and buy a new one? It's a couple years old now so not really at EoL...
I've actually figured this out, I was using an app on the FireTV called "Downloader" which is used to circumvent the FireTV's verification process of applications so you can "side load" different unapproved apps, I don't even remember what I used this for.
Anyway, it seems that in order to do this, it can't use the IP that is displayed in settings so it must create a couple virtual network devices and get IPs for them so it can download not using the "main" IP.
> [...] I'm concerned my router might be compromised. All of the three > main people who are connected to it got hit with a random CC charge a > while back.
Those people (and their unspecified computers/devices) also connected to everything else on your LAN when they connected to your router. Why blame the router, and not all the other stuff?
> Now there are a couple devices I'm seeing as "wired" [...]
With my weak psychic powers, I'm seeing nothing at all about them. Copy+paste is your friend.
> Me and my roommate factory reset the router [...]
If its firmware was corrupted somehow, then I wouldn't expect a settings reset to do much about it. Loading (reloading) the firmware might do more.
Firmware version is V1.0.2.130 also my router is the R8300 not R7800.
Attached is a list of attached devices.
So after I signed in today, I noticed that the devices I was trying to block are now showing as blocked .20 and .17 but I'm still able to ping anything that is "blocked". I think that might be okay though as even when "blocked" they're still connected to the network.
That being said, I've disconnected almost everything that is "wired" from the router and it's still showing these as connected devices.
That's a good point, we have a media server that could be the culprit. I guess the reason I was thinking it was the router was because it was behaving oddly with respect to the blocking of these devices. Also it's showing one device twice in the list the .20 when on the Access Control List page.
Okay so more weirdness, all three of the "unblockable" devices had the same MAC address which is odd because there are two different IPs attached to it. They're all my FireTV
When I go into attached devices, I notice that that MAC has 3 different "wired" IPs that it's using. And I can ping all 3 of them.
I've actually figured this out, I was using an app on the FireTV called "Downloader" which is used to circumvent the FireTV's verification process of applications so you can "side load" different unapproved apps, I don't even remember what I used this for.
Anyway, it seems that in order to do this, it can't use the IP that is displayed in settings so it must create a couple virtual network devices and get IPs for them so it can download not using the "main" IP.
