cancel
Showing results for 
Search instead for 
Did you mean: 

Router keeps getting hacked :( help

Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Router keeps getting hacked :( help

Hi,
I fond some1 in my attached devices, I changed password ect they came back, looked like they was using wps hack maybe, they then changed there device name to match my mr's ipad but the mac was the same as the gesswho device hacker.
I've now turned wps/guest wireless off and I look through the router log and see whats at bottom of post, could somebody please look at this and see what they think please.
I've been using Bactrack and airodump to catch ap's and clients associated with ect  so I have a file that can be looked at aswell bt it does include innocent peoples mac address's ?
My pc is on Ethernet 192.168.1.5 , we use phones and tablets on wireless.
We use WPA-PSK [TKIP] + WPA2-PSK [AES]
Been looking at logs for last few days and seen no ddos attacks until just now.

[Admin login] from source 192.168.1.5, Friday, Jun 21,2013 21:06:25
[Time synchronized with NTP server] Friday, Jun 21,2013 21:01:15
[Admin login] from source 192.168.1.5, Wednesday, Jan 01,2003 00:00:10
[Internet connected] IP address: 146.90.93.91, Wednesday, Jan 01,2003 00:00:06
[Initialized, firmware version: V1.0.2.18_47.0.52] Wednesday, Jan 01,2003 00:00:02
[Internet disconnected] Friday, Jun 21,2013 21:01:27
[Admin login] from source 192.168.1.5, Friday, Jun 21,2013 20:59:42
[DHCP IP: (192.168.1.7)] to MAC address 4C:B1:99:CB:3F:34, Friday, Jun 21,2013 20:58:24
[DHCP IP: (192.168.1.7)] to MAC address 4C:B1:99:CB:3F:34, Friday, Jun 21,2013 20:54:59
[Admin login] from source 192.168.1.5, Friday, Jun 21,2013 20:51:00
[Admin login] from source 192.168.1.5, Friday, Jun 21,2013 20:43:32
[LAN access from remote] from 83.248.242.212:54962 to 192.168.1.5:54808 Friday, Jun 21,2013 20:34:08
[DHCP IP: (192.168.1.7)] to MAC address 4C:B1:99:CB:3F:34, Friday, Jun 21,2013 20:20:59
[DHCP IP: (192.168.1.7)] to MAC address 4C:B1:99:CB:3F:34, Friday, Jun 21,2013 20:12:46
[LAN access from remote] from 94.22.3.63:41490 to 192.168.1.5:54808 Friday, Jun 21,2013 20:09:34
[LAN access from remote] from 37.75.171.229:42644 to 192.168.1.5:54808 Friday, Jun 21,2013 20:08:18
[LAN access from remote] from 37.75.171.229:55449 to 192.168.1.5:54808 Friday, Jun 21,2013 20:07:57
[LAN access from remote] from 95.215.97.244:39001 to 192.168.1.5:54808 Friday, Jun 21,2013 19:37:37
[DHCP IP: (192.168.1.7)] to MAC address 4C:B1:99:CB:3F:34, Friday, Jun 21,2013 19:36:54
[LAN access from remote] from 37.190.39.29:23233 to 192.168.1.5:54808 Friday, Jun 21,2013 19:05:54
[DoS attack: STORM] attack packets in last 20 sec from ip [192.168.1.5], Friday, Jun 21,2013 18:49:23
[DoS attack: STORM] attack packets in last 20 sec from ip [192.168.1.5], Friday, Jun 21,2013 18:49:02
[DoS attack: STORM] attack packets in last 20 sec from ip [192.168.1.5], Friday, Jun 21,2013 18:48:41
[UPnP set event: Public_UPNP_C3] from source 192.168.1.5, Friday, Jun 21,2013 18:48:18
[LAN access from remote] from 77.103.4.69:51999 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:18
[UPnP set event: Public_UPNP_C5] from source 192.168.1.5, Friday, Jun 21,2013 18:48:18
[LAN access from remote] from 60.225.96.13:53833 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:18
[UPnP set event: Public_UPNP_C5] from source 192.168.1.5, Friday, Jun 21,2013 18:48:17
[UPnP set event: Public_UPNP_C3] from source 192.168.1.5, Friday, Jun 21,2013 18:48:17
[LAN access from remote] from 90.37.196.223:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:17
[LAN access from remote] from 93.85.168.145:43836 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:17
[LAN access from remote] from 184.3.245.31:23170 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:17
[LAN access from remote] from 213.242.3.27:28281 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:15
[LAN access from remote] from 88.114.93.179:50779 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:15
[LAN access from remote] from 188.49.108.71:15077 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:13
[LAN access from remote] from 188.124.104.212:22502 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:13
[LAN access from remote] from 98.164.13.66:35275 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:13
[LAN access from remote] from 86.153.73.33:50736 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:13
[LAN access from remote] from 95.135.77.41:13959 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:13
[LAN access from remote] from 70.68.153.215:15558 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:12
[LAN access from remote] from 178.165.94.186:10013 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:11
[LAN access from remote] from 111.125.83.80:36917 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:10
[LAN access from remote] from 188.162.14.97:7917 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:09
[LAN access from remote] from 109.195.205.72:50333 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:09
[LAN access from remote] from 67.171.57.60:4662 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:09
[LAN access from remote] from 85.154.207.227:1551 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:08
[LAN access from remote] from 195.241.18.109:51930 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:08
[LAN access from remote] from 178.140.208.255:51664 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:08
[LAN access from remote] from 89.252.114.214:60069 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:08
[LAN access from remote] from 184.75.221.50:35051 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:08
[LAN access from remote] from 74.14.104.95:36877 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:07
[LAN access from remote] from 2.134.133.138:32290 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:07
[LAN access from remote] from 37.44.126.160:21593 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:06
[LAN access from remote] from 207.81.49.8:1070 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:06
[LAN access from remote] from 46.200.3.101:1171 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:05
[LAN access from remote] from 87.220.77.116:47406 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:04
[LAN access from remote] from 92.46.164.218:21067 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:03
[LAN access from remote] from 5.143.71.153:12142 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:03
[LAN access from remote] from 99.130.178.223:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:02
[LAN access from remote] from 24.98.246.113:37724 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:01
[LAN access from remote] from 174.125.12.242:45966 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:01
[LAN access from remote] from 95.29.213.176:27666 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:00
[LAN access from remote] from 90.31.101.87:65467 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:00
[LAN access from remote] from 188.187.179.109:21850 to 192.168.1.5:45337 Friday, Jun 21,2013 18:48:00
[LAN access from remote] from 82.47.85.43:61393 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:59
[LAN access from remote] from 83.251.80.147:61982 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:59
[LAN access from remote] from 69.243.175.197:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:56
[LAN access from remote] from 178.127.94.99:23531 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:56
[LAN access from remote] from 50.81.216.74:49614 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:55
[LAN access from remote] from 93.116.121.182:46058 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:55
[LAN access from remote] from 69.204.183.181:57768 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:55
[LAN access from remote] from 93.116.182.193:10043 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:54
[LAN access from remote] from 87.5.33.117:46657 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:54
[LAN access from remote] from 77.39.80.183:64777 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:53
[LAN access from remote] from 60.241.66.91:57161 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:53
[LAN access from remote] from 82.154.26.5:6666 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:53
[LAN access from remote] from 91.246.167.153:16744 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:53
[LAN access from remote] from 83.87.58.156:18211 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:52
[LAN access from remote] from 62.243.87.9:58286 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:52
[LAN access from remote] from 92.4.170.8:29920 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:52
[LAN access from remote] from 86.218.20.28:28351 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:51
[LAN access from remote] from 85.26.232.227:12998 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:49
[LAN access from remote] from 178.47.122.103:18861 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:48
[LAN access from remote] from 173.252.41.211:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:48
[LAN access from remote] from 67.253.214.78:1908 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:48
[LAN access from remote] from 88.147.134.124:37986 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:48
[LAN access from remote] from 24.204.196.130:45292 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:47
[LAN access from remote] from 85.26.206.177:64448 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:47
[LAN access from remote] from 188.49.8.14:39793 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:47
[LAN access from remote] from 95.61.67.142:16888 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:47
[LAN access from remote] from 116.86.199.83:32594 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:46
[LAN access from remote] from 142.167.28.19:1167 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:46
[LAN access from remote] from 62.150.117.251:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:46
[LAN access from remote] from 76.249.226.73:46519 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:46
[LAN access from remote] from 173.35.36.105:41451 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:45
[LAN access from remote] from 213.87.135.75:62656 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:44
[LAN access from remote] from 176.96.228.15:54380 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:44
[LAN access from remote] from 88.200.219.155:42773 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:44
[LAN access from remote] from 108.181.94.241:10209 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:43
[LAN access from remote] from 2.177.131.138:58313 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:42
[LAN access from remote] from 5.140.42.53:12480 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:41
[LAN access from remote] from 85.195.32.99:34048 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:41
[LAN access from remote] from 67.2.43.194:33156 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:41
[LAN access from remote] from 213.87.131.5:64450 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:40
[LAN access from remote] from 77.245.112.210:20070 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:40
[LAN access from remote] from 213.87.143.66:40263 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:39
[LAN access from remote] from 41.182.167.94:12984 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:39
[LAN access from remote] from 67.183.40.84:46280 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:39
[LAN access from remote] from 70.30.127.191:45123 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:38
[LAN access from remote] from 95.24.85.187:41602 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:38
[LAN access from remote] from 46.200.54.108:18613 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:36
[LAN access from remote] from 188.17.93.122:49486 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:36
[LAN access from remote] from 180.74.68.137:37477 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:35
[LAN access from remote] from 94.153.23.66:27319 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:34
[LAN access from remote] from 208.97.64.251:3668 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:33
[LAN access from remote] from 50.105.132.119:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:33
[LAN access from remote] from 95.215.87.2:49529 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:33
[LAN access from remote] from 213.10.73.163:63324 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:31
[LAN access from remote] from 108.26.73.66:14294 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:29
[LAN access from remote] from 31.202.17.63:64894 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:29
[LAN access from remote] from 178.122.194.199:24242 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 92.115.131.222:10882 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 83.217.159.137:61905 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 128.72.149.79:38273 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 159.224.93.253:20879 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 213.138.87.104:31403 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:28
[LAN access from remote] from 130.0.13.211:27796 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:27
[LAN access from remote] from 108.198.134.111:11039 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:27
[LAN access from remote] from 99.248.8.22:61274 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:27
[LAN access from remote] from 83.149.48.72:25477 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:25
[LAN access from remote] from 79.126.8.35:53290 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:25
[LAN access from remote] from 178.140.241.199:32902 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:25
[LAN access from remote] from 108.254.67.22:45879 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:25
[LAN access from remote] from 216.249.201.162:52795 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:25
[LAN access from remote] from 99.240.77.144:14957 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:24
[LAN access from remote] from 80.245.118.190:37370 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:23
[LAN access from remote] from 82.41.59.26:46924 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:23
[LAN access from remote] from 216.232.169.55:15923 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:23
[LAN access from remote] from 173.57.165.147:56906 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:22
[LAN access from remote] from 24.122.155.232:28821 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:22
[LAN access from remote] from 2.135.10.137:27282 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:21
[LAN access from remote] from 178.234.98.253:65023 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:21
[LAN access from remote] from 108.77.145.79:62537 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:21
[LAN access from remote] from 124.171.40.171:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:20
[LAN access from remote] from 84.121.39.147:51000 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:19
[LAN access from remote] from 99.166.168.90:56167 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:19
[LAN access from remote] from 188.32.108.108:37455 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:19
[LAN access from remote] from 188.43.5.145:16808 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:19
[LAN access from remote] from 61.6.195.178:25580 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:18
[LAN access from remote] from 188.65.69.242:64439 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:17
[LAN access from remote] from 86.140.160.62:31390 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:17
[LAN access from remote] from 188.65.69.201:10740 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:17
[LAN access from remote] from 94.143.50.93:23430 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:17
[LAN access from remote] from 95.72.218.164:52888 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:16
[LAN access from remote] from 79.45.83.86:14158 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:16
[LAN access from remote] from 89.178.223.17:34403 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:15
[LAN access from remote] from 77.106.228.186:59655 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:15
[LAN access from remote] from 207.161.27.24:36458 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:14
[LAN access from remote] from 82.73.20.184:49810 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:14
[LAN access from remote] from 92.113.255.153:49146 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:14
[LAN access from remote] from 71.42.218.55:20376 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:14
[LAN access from remote] from 109.184.28.116:11837 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:13
[LAN access from remote] from 176.63.81.41:13696 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:13
[LAN access from remote] from 180.191.160.236:1048 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:13
[LAN access from remote] from 176.106.69.199:34070 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:12
[LAN access from remote] from 89.232.118.11:59114 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:11
[LAN access from remote] from 178.127.94.99:23031 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:11
[LAN access from remote] from 84.87.18.141:61194 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:10
[LAN access from remote] from 46.39.230.156:59300 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:10
[LAN access from remote] from 82.170.166.110:19933 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:09
[LAN access from remote] from 200.88.251.21:29146 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:08
[LAN access from remote] from 109.15.57.109:25232 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:07
[LAN access from remote] from 60.242.8.44:54141 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:07
[LAN access from remote] from 46.73.29.21:57536 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:06
[LAN access from remote] from 80.92.237.155:1242 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:06
[LAN access from remote] from 81.200.28.86:57135 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:05
[LAN access from remote] from 178.175.252.178:29051 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:05
[LAN access from remote] from 58.165.214.18:60523 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:05
[LAN access from remote] from 176.25.254.118:16696 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:04
[LAN access from remote] from 92.248.218.216:40981 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:04
[LAN access from remote] from 128.73.28.90:29128 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:04
[LAN access from remote] from 101.103.200.191:16334 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:03
[LAN access from remote] from 178.45.12.196:30446 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:03
[LAN access from remote] from 78.57.176.84:54310 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:03
[LAN access from remote] from 78.108.79.46:56821 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:01
[LAN access from remote] from 148.228.214.120:52826 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:01
[LAN access from remote] from 5.139.53.78:64399 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:01
[LAN access from remote] from 80.6.239.8:57619 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:01
[LAN access from remote] from 78.26.134.170:62014 to 192.168.1.5:45337 Friday, Jun 21,2013 18:47:01
[LAN access from remote] from 176.121.203.12:59782 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:59
[LAN access from remote] from 46.119.183.212:35626 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:54
[LAN access from remote] from 81.39.180.254:14864 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:53
[LAN access from remote] from 89.189.191.31:15039 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:53
[LAN access from remote] from 82.38.239.25:62240 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:52
[LAN access from remote] from 80.245.117.59:35671 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:51
[LAN access from remote] from 82.174.122.74:26461 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:50
[LAN access from remote] from 37.6.145.39:53498 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:49
[LAN access from remote] from 92.234.194.104:16700 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:49
[LAN access from remote] from 75.189.204.202:40690 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:48
[LAN access from remote] from 79.165.245.84:23082 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:48
[LAN access from remote] from 77.52.77.40:14499 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:48
[LAN access from remote] from 41.141.243.205:51073 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:46
[LAN access from remote] from 46.200.189.120:58638 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:46
[LAN access from remote] from 31.41.49.249:41282 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:45
[LAN access from remote] from 95.53.33.194:14435 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:45
[LAN access from remote] from 98.211.226.231:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:44
[LAN access from remote] from 72.70.45.64:65408 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:42
[LAN access from remote] from 72.22.139.14:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:41
[LAN access from remote] from 71.22.50.191:50064 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:41
[LAN access from remote] from 78.182.155.156:16368 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:41
[LAN access from remote] from 92.148.121.40:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:40
[LAN access from remote] from 95.58.85.136:10033 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:40
[LAN access from remote] from 194.12.74.186:31113 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:40
[LAN access from remote] from 122.150.54.0:58645 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:39
[LAN access from remote] from 99.73.133.95:1024 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:39
[LAN access from remote] from 65.128.30.219:64745 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:39
[LAN access from remote] from 68.147.188.26:14977 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:38
[LAN access from remote] from 71.125.42.7:48795 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:38
[LAN access from remote] from 76.167.218.5:42705 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:37
[LAN access from remote] from 70.178.13.151:36611 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:37
[LAN access from remote] from 68.11.98.241:59780 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:35
[LAN access from remote] from 92.47.33.113:10337 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:35
[LAN access from remote] from 120.145.163.117:54838 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:35
[LAN access from remote] from 95.58.21.161:29725 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:35
[LAN access from remote] from 77.236.206.138:39711 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:34
[LAN access from remote] from 75.133.73.30:6881 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:32
[LAN access from remote] from 117.241.74.41:58277 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:32
[LAN access from remote] from 193.107.99.210:45069 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:30
[LAN access from remote] from 98.195.23.121:34728 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:29
[LAN access from remote] from 92.113.76.69:37624 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:29
[LAN access from remote] from 109.158.234.211:62301 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:27
[LAN access from remote] from 78.245.234.60:14400 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:26
[LAN access from remote] from 85.58.48.23:45595 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:26
[LAN access from remote] from 46.162.225.76:53464 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:26
[LAN access from remote] from 178.127.94.99:22639 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:26
[LAN access from remote] from 79.103.70.223:29246 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:25
[LAN access from remote] from 94.154.34.184:21876 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:24
[LAN access from remote] from 77.169.198.4:57358 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:24
[LAN access from remote] from 95.152.43.85:47494 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:23
[LAN access from remote] from 31.135.57.90:10424 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:23
[LAN access from remote] from 94.179.56.27:41323 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:22
[LAN access from remote] from 88.81.137.161:23890 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:21
[LAN access from remote] from 91.234.24.55:35448 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:21
[LAN access from remote] from 46.71.171.55:13334 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:20
[LAN access from remote] from 186.176.253.77:47318 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:20
[LAN access from remote] from 68.148.160.36:63928 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:19
[LAN access from remote] from 101.103.40.44:65189 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:19
[LAN access from remote] from 41.182.165.61:14223 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:18
[LAN access from remote] from 83.149.21.81:15664 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:18
[LAN access from remote] from 190.158.171.155:46671 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:17
[LAN access from remote] from 195.242.115.150:18057 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:17
[LAN access from remote] from 37.79.92.146:24346 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:16
[LAN access from remote] from 218.212.93.27:37804 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:16
[LAN access from remote] from 37.235.226.0:65061 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:15
[LAN access from remote] from 90.145.156.44:10630 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:15
[LAN access from remote] from 99.95.53.166:1500 to 192.168.1.5:45337 Friday, Jun 21,2013 18:46:15
16 REPLIES 16
bradw
Grafter
Posts: 105
Registered: ‎21-05-2013

Re: Router keeps getting hacked :( help

What's running on 192.168.1.5 port 45337? Is that setup with upnp or manually (something you know about)?
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Router keeps getting hacked :( help

All I see in that log is a load of probably bittorrent (the "LAN access from remote") and an ipad MAC address. Maybe the actual ipad connecting even when it's "off" (i.e. it's not really off).
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

Thanks for info guys, im very greatfull .
45337 is my vuze.
54808 is ? dno
My lan pc using ipconfig/all  and router devices says my physical address is 68:60:00:a3:14:8b
Mr's iphone is 4C:B1:99:CB:3F:34
The mac address of Guesswho who has been in my attached devices and none of our devices have that mac changed the device name to Staceyipad and still had the same mac, when I turned our ipad on it ws its mac address and staceys-ipad so we have 100% been hacked.
I also set my guest network name as C+ntface and this changed to Blackfiesta.
What about the ddos attacks?
Now i'm running airodump on a netbook iI should be able to see ANYTHING? that associates with my router over wireless ?
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Router keeps getting hacked :( help

You can see anything in the range that can be received by the netbook's wireless.
Besides looking around outside for anyone sitting in a car, maybe update the router firmware? Guessing based on the version number it might be a Netgear WNR1000?
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

Sorry I forgot to include the router, its a Wireless n 150 wnr1000v3, it is indeed on old firmware so that's updating through itself to latest.
Now testing with Backtrack and Fern Wifi wps cracker.
It's showing my router  as YELLOW for wps still being active so i'm sitting here trying to crack my own on a crappy netbook even though its sposed tobe off ?
I have turned guest network off which I believe is the wps network ?
So how do I completely turn off wps on this router ?
Ta
Please see http://www.backtrack-linux.org/forums/showthread.php?t=52266
Notice how the wps is yellow, my router now states after disabling the settngs in its gui that wps is indeed turned off, I am hacking myself right now with software in link using wps hacking and apparently it should be completed by morning if im lucky with no need for a dictionary file.
Jaggies
Aspiring Pro
Posts: 1,700
Thanks: 34
Fixes: 2
Registered: ‎29-06-2010

Re: Router keeps getting hacked :( help

Can't you use MAC filtering on the router to block the rogue device?
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

Indeed I can but its nothing more than a false security and does nothing to protect the network as all hacker needs todo is spoof one of our devices mac address's which is as simple as 1.2.3 once you google these things.
I've even changed my router name yesterday to "UrDeadWhenFindU" and  then managed to get a netbook lol so the mac they was using hasn't been seen at all today so they are either spoofing there mac or.....
I could of pinpointed the hacker if I hadn't done this as I had the mac, they was in my router and I just needed to walk round with backtrack using airodump and using signal power id find there front door but alas I changed the routers name in hast lol
According to router wps list the 1000v3 is off when it says its off but i'm on 0.03% of hacking t with fern, I wont really know anything until ts done but so far it looks as if it is indeed being hacked.
dick:quote
Pyrii
Grafter
Posts: 87
Registered: ‎06-06-2013

Re: Router keeps getting hacked :( help

Why would you need to hack the device for the password, you could just do a factory reset and then it'd be back to default settings that should be on the back of the device.
I don't know anything about the latest Netgear products, I won't touch another Netgear device again. Especially after I had to deal with their support when one of my netgear broadband routers went bust.
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

Because it doesn't matter what the password is the wps pin or signal? will reveal the password without the se of a dictionary file I believe from what I read on google.
I can think this or that but until I can or cannot hack my own router then i'll not know if im safe or not.
From my half a day of airodump I see 2 ma address's that have connected to  multiple locked routers so they are 100% hackers as the multiple associations tell me this if im correct , im short on knowledge as only started this mission yesterday.
jim:quote
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: Router keeps getting hacked :( help

Unauthorised access is a criminal offence under the Computer Misuse Act, although I'm not sure what kind of a response you'd get from the local police station.
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

The mr's is going to do me some printouts so I can drop off to neighbors, I was thikg about just including the roters that have been hacked and stating they need to google there fix, this morning I took my netbook out and indeed  had a very strong signal at a specific front door with one of the mac's that has been connected to multiple locked routers.
As I called police and they wont do much as apparently the isp has to initiate police procceedings?
So at 7.30 am this morning I knocked gently on a door followed by a louder knock followed by a bang bang bang, I presumed the dude with the bandana was behind the door looking through his spyhole looking at me and a open netbook, after a good old rant about what i'd do and kick his door in next time cos I know your behind the door ect I came back up and that mac address was gone, I've also had neigbours now out back talking about  about me ranting at 7.30 am lol.
He was seen with a laptop and a large phone  in the gardens other day and as signal was strongest outside his door we are 99% sure it was him, lol the lynching begins
When you break in and steal from multiple neighbors you have  the chance some1 will find u.
As for me hacking myself, on my old netbook it took around 3 hours togo from 0.00 progress to 0.01 so I sacked it and left airodump scanning all night, looking for a pc wifistick nw as I have a 3770k cpu which shod lap up the progress time, in mean time I left ruter as is with the standard wps setting off and I fond nobody associated with me this mrning
apjashley1
Grafter
Posts: 307
Registered: ‎31-07-2012

Re: Router keeps getting hacked :( help

Police are wrong in this case - possible you got a call handler that doesn't understand the technology. Ring back on 101 and don't take no for an answer.
YOU are the victim of the crime, and even if you weren't they should take the report - anybody can report a crime, victim, third party, even the perpetrator sometimes!
(I'm a Police call handler)
Mocca
Grafter
Posts: 38
Registered: ‎30-09-2010

Re: Router keeps getting hacked :( help

Thanks apjashley1, i'll walk into the local on Monday and have some face to face tchat then and take my usb stck with all the info and evidence, I've basicly done most of the work for them or at least I have enough info for a good start.
I spoke to police over phone and they gave me Action 4's number and it was these that said compliant had to come from isp and not me and they gave me crime number.
Thanks for good info apjashley1
apjashley1
Grafter
Posts: 307
Registered: ‎31-07-2012

Re: Router keeps getting hacked :( help

Oh, if they've referred you to Action Fraud and you have a crime number, that's a bit different. I thought they were refusing to take the report at all! I guess you now should be dealing with Action Fraud and it's their call if they want to investigate any further.