× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Home network security issues

CrimpOn
Guru

Re: Home network security issues

Please download and install TCPView. It will show exactly which program is connecting to this web site.
Message 26 of 41
Ggogo2368
Aspirant

Re: Home network security issues

Now my non-tech is going to really show....is TCPView a program or a file?
Message 27 of 41
Ggogo2368
Aspirant

Re: Home network security issues

I would download this on my device or my daughters since I do not have access or control over “the device” in question, right? Does the other device need to be online or running when this is done or does it matter?
Message 28 of 41
CrimpOn
Guru

Re: Home network security issues

It is a program. Click on the link above. Download and extract the files (desktop is fine), then click on the program to run it.
Message 29 of 41
Ggogo2368
Aspirant

Re: Home network security issues

I’m not seeing a link on my end
Message 30 of 41
CrimpOn
Guru

Re: Home network security issues

It was several posts above. Since you have blocked the strange web site, you may have to unblock it to see which program is connecting to it.
Message 31 of 41
Ggogo2368
Aspirant

Re: Home network security issues

I was able to download it from Microsoft and I am on a PC running windows 7 Pro.  Not sure what I'm looking at though.  The other "device" is not currently online though if that matters?

 

Message 32 of 41
CrimpOn
Guru

Re: Home network security issues

You need to run it on the machine that is causing the problem.
Message 33 of 41
Ggogo2368
Aspirant

Re: Home network security issues

If I had access to that machine I would probably be able to figure a lot of the problems on my network out - but there in lies the problem.  

Message 34 of 41
tomschmidt
Virtuoso

Re: Home network security issues

I suggest enabling the Access Control feature on your Orbi and disabling the network connection of the infected device.  You previously reported this as being a Windows 10 system at IP 192.168.1.16, so disable that device using the Access Control in either the web or smart phone application.  Once the device is disabled from network access, then you can make sure no other devices are affected/infected by whatever malware may be on it.

 

Model: RBK53|Orbi AC3000 Tri-band WiFi System
Message 35 of 41
CrimpOn
Guru

Re: Home network security issues


@Ggogo2368 wrote:

If I had access to that machine I would probably be able to figure a lot of the problems on my network out - but there in lies the problem.  


This is where I am failing to understand the problem.  WiFi routers have a "public" Wide Area Network (WAN) IP address which is assigned to the Internet Service Provider (ISP).  The WiFi router then create a "private" Local Area Network (LAN) IP address for each of the computers that are being serviced by the WiFi router. IP addresses which begin with 192.168 are "private" IP addresses.  So, the Orbi has assigned the IP 192.168.1.16 to this Windows 10 computer.  It's your network, but you have no access to this computer.

 

This is what I cannot understand.  Is there a locked room in the house that you cannot get into?  Does the computer belong to a teenager who won't let you into this room?  Is this Orbi providing service to several apartments, and the other tenants won't let you in?

 

If the problem is that this computer is not supposed to be on your network, then change the WiFi password, put the MAC address of this computer into the Security Access Control table as "Blocked", and the problem should go away.

 

I am probably coming across as confrontational.  (sorry)  Please explain how this computer can be on your network yet you cannot touch it.

Message 36 of 41
Ggogo2368
Aspirant

Re: Home network security issues

Thank you for that suggestion. We have tried that one. When we blocked the IP of that device and ran malwarebytes and system mechanics nothing was found or resolved. The same issue persisted and when we tried to update or restore we get message that we do not have authorization to perform these tasks.
Message 37 of 41
Ggogo2368
Aspirant

Re: Home network security issues

Not taken as confrontational at all. I appreciate any and all suggestions and advice. The device is not locked in a room and it’s not an apartment. The device has been allowed intermittent access to the internet in the home over the past two years but I do not own the device (please see my pvt. message) but as I mentioned- I do work from for two small companies and people do come to the home and access the internet occasionally as well. I typically will share the Wi-Fi via the app on the phone when that occurs.
Message 38 of 41
CrimpOn
Guru

Re: Home network security issues

What about changing the SSID and opening up the Guest network (with a separate password)?  That is supposed to keep devices on the Guest network from affecting the primary network.

Message 39 of 41
tomschmidt
Virtuoso

Re: Home network security issues

The infected device (your daughters Windows PC at 192.168.1.16) is the device that you need to run Malwarebytes and TCPview on.  Running Malwarebytes on your other systems is also advised to clear them of any malware.  You stated you ran Malwarebytes and it did not have permissions to repair it.  Was that on the infected PC?  If so, then the infected PC may need to be either erased and reloaded from an uninfected backup or from scratch, or possibly take it to a local computer shop that can remove the malware from it.


@Ggogo2368 wrote:
Thank you for that suggestion. We have tried that one. When we blocked the IP of that device and ran malwarebytes and system mechanics nothing was found or resolved. The same issue persisted and when we tried to update or restore we get message that we do not have authorization to perform these tasks.

 

Model: RBK53|Orbi AC3000 Tri-band WiFi System
Message 40 of 41
CrimpOn
Guru

Re: Home network security issues

Another proposal.  This issue has consumed enormous amounts of your time and energy.

 

  • Open the Control Panel, click on "Programs and Features".  Look through the list of programs on the computer.  Are there any that you do not recognize?  Make a note of them.  (We'll need that list later).
  • Do another scan of your Windows 7 computer (anti-virus and Malwarebytes).
  • Reset the Orbi to "factory" (which is now firmware 2.5.1.8)
  • Connect your Windows 7 computer to the Orbi with an ethernet cord, open a web browser and do a new setup.
    Create a new admin password for the Orbi, and a new WiFi password. (no need to change the WiFi SSID, just the password)
  • Activate the Guest network, with a new password.
  • There is now one computer connected to the Orbi.
    On the Windows 7 computer, run the program TCPView.
    It should show a list of programs and which web sites they are connected to.
    Is the suspect web site on the list?
  • Are any programs on the list that seem "odd", such as programs from the above list that you did not recognize?
    (There will be a huge number of Windows programs connected all over the place.  But, that's Windows.)
    I have attached part of a scan from my computer.  Sort of takes one aback to realize how "busy" my computer is.
    No idea why it is connected to my TV, or what most of those entries are.
  • Try to do things on the Windows 7 computer.  Browse web sites.  Open email.
    Do you get those error messages about certificates or authorization?
  • Add the daughter's computer and do the same thing as above.
  • When the suspect computer comes in again, have it join the Guest network.
    Watch for "something to happen."

If a computer on the Guest network is able to in some way affect an Orbi, it should come as a big shock to Netgear engineers and we would want one of the moderators to get involved to escalate the problem to the engineers.

 

 

Message 41 of 41
Top Contributors
Discussion stats
  • 40 replies
  • 5658 views
  • 0 kudos
  • 6 in conversation
Announcements

Orbi WiFi 7