dear forum members,
my room-mate is accusing me for trying to access his account. He received an email from Google alerting that an unknown device tried to gain access. It indicates the public IP address, Linux OS and Chrome browser.
The public IP is the one from our ISP, so inside of this network. I am the only person using a Linux OS and i also have Chrome browser installed, although i rarely use it. Can someone help me understand what that could mean or not mean? Does this mean that my local network was used for the attack? An attacker within the reach of our Wifi is possible but unlikely. Perhaps my PC is infected with a virus. Could it also be that the router itself has been compromised?
unauthorized access from my own public IP?
-
ChangeYourPassword
- New Member
- Posts: 3
- Joined: Wed Feb 24, 2021 6:03 pm
-
ChangeYourPassword
- New Member
- Posts: 3
- Joined: Wed Feb 24, 2021 6:03 pm
Anyone within range of your wifi can gain access to the router, or any PC on your network. They don't need to be close, just within range. They could use an antenna with a range of a couple of miles, sometimes more.ChangeYourPassword wrote:said room-mate keeps resetting the router to factory default so it always runs with default user / pass. I configured it properly multiple times but he doesn't trust me so i gave up.
It appears either you ARE the culprit, or your computer has been compromised, or your transmissions or your room mates or both have been intercepted and used to attempt to gain access to your room mates google account.
Being on Linux, it's more likely your room mate has had his transmissions intercepted, but not necessarily.
The absolute dumbest thing a person could do is to leave a router with factory defaults. All or most router factory defaults are publicly available to anyone who wants them. It is so easy to gain access to or intercept packets from a router with no security (like one with factory settings/passwords etc) that a child could do it, and they DO.
Your room mate needs someone other than you to discuss this with, since he doesn't trust you.
-
ChangeYourPassword
- New Member
- Posts: 3
- Joined: Wed Feb 24, 2021 6:03 pm
If your computer is compromised, yes, you do have to worry. You can always do a virus scan, rootkit check, etc.
Some linux tools are helpful, like: rkhunter, clamav, chkrootkit, LMD (Linux Malware Detect)
That said, it's probably as Norm said - resetting the router to a default state is a big gaping hole in your security that should be addressed first. You can always do a security portscan (from the main site) to see if there are any backdoors open to your internet-facing IP.
Some linux tools are helpful, like: rkhunter, clamav, chkrootkit, LMD (Linux Malware Detect)
That said, it's probably as Norm said - resetting the router to a default state is a big gaping hole in your security that should be addressed first. You can always do a security portscan (from the main site) to see if there are any backdoors open to your internet-facing IP.
Linux is user friendly, it's just picky about its friends...
Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits). I also eat whatever crayons are put in front of me.
๑۩۞۩๑
Disclaimer: Please use caution when opening messages, my grasp on reality may have shaken loose during transmission (going on rusty memory circuits). I also eat whatever crayons are put in front of me.
๑۩۞۩๑
