1 |
On Feb 3, 2014 10:02 PM, "walt" <w41ter@×××××.com> wrote: |
2 |
> |
3 |
> On 02/03/2014 10:25 AM, Alexander Kapshuk wrote: |
4 |
> > Howdy, |
5 |
> > |
6 |
> > I connect to the Internet via a TP-LINK TD-W8101G Wireles ADSL2+ model |
7 |
> > router. It has been set up to acquire IP addresses via DHCP. My |
8 |
> > '/etc/resolve.conf' has been getting populated like so from the word go: |
9 |
> > cat /etc/resolv.conf |
10 |
> > # Generated by dhcpcd from enp4s0 |
11 |
> > # /etc/resolv.conf.head can replace this line |
12 |
> > nameserver 192.168.1.1 |
13 |
> > # /etc/resolv.conf.tail can replace this line |
14 |
> > |
15 |
> > This morning, I discovered that the nameserver IP address in my |
16 |
> > '/etc/resolve.conf' had changed: |
17 |
> > cat /etc/resolv.conf |
18 |
> > # Generated by dhcpcd from enp4s0 |
19 |
> > # /etc/resolv.conf.head can replace this line |
20 |
> > nameserver 5.45.75.11 |
21 |
> > # /etc/resolv.conf.tail can replace this line |
22 |
> > |
23 |
> > I contacted my ISP about it. They said the nameserver in question was |
24 |
> > not theirs. |
25 |
> > |
26 |
> > The whole thing began to smell fishy. |
27 |
> > |
28 |
> > What I've done so far is, I've reset my router to the default settings |
29 |
> > and set it up again. |
30 |
> > I've also changed the admin console password, as well as the WiFi access |
31 |
> > point password. |
32 |
> > |
33 |
> > As a result, my nameserver IP address has been defined as 192.168.1.1. |
34 |
> > |
35 |
> > Anything else I can do to ensure my system has not been compromised? |
36 |
> |
37 |
> Google the number 32764 and you'll find a lot of info on a particular |
38 |
> router bug. You'll see a link to Steve Gibson's grc.com, where you can |
39 |
> scan for port 32764 on your router to see if it's listening. |
40 |
> |
41 |
> |
42 |
> |
43 |
Thanks. I'll look into that. |