Possible Pfsense get Hacked by ISP
-
@stephenw10 said in Possible Pfsense get Hacked by ISP:
Sounds more like a sticky button on the remote.
Or the app crashed and default back to like a "home" screen. Or the dog laid on the remote on the couch. Or the voice activation glitched when it "heard" something.
Or someone in another room did something on a remote that controls both, or can - or they were on the wrong device when they hit a button on the say like the roku app on their phone.. I can control any of my roku's from my phone - but have to select which one, etc.
There are like a billion things I could think of on why something like that happened - before I thought oh my gosh my isp is hacking me ;) Tracking you sure - the device itself is likely sending everything you do back up to the mother ship, what shows you watched, did swap channels when a commercial came on, etc.
My roku tv sometimes just shuts off on its own - maybe my isp is hacking me?? ;) There are hundred of threads about it happening, and things to try and get it to stop, etc. But maybe its just the ISP hacking away on them ;)
-
@stephenw10 Yes, It is a 3 party Android TV box connected to pfsense WIFI.
-
Yeah almost certainly not the result of hacking. Far more likely to be a software glitch or sticky button.
But, if we were to look at this from a security standpoint, a random ebay Android TV box is exactly the sort of device that should be isolated from your network. You probably have no idea what code it's running or where it's pulling updates from. The manufacturers may not know or care either. An exploit here might be someone hacking the update servers for that box and inserting their own code. Next time it updates, you're in a bot net. Or mining crypto for someone etc.
Steve
-
@stephenw10 said in Possible Pfsense get Hacked by ISP:
Yeah almost certainly not the result of hacking. Far more likely to be a software glitch or sticky button.
But, if we were to look at this from a security standpoint, a random ebay Android TV box is exactly the sort of device that should be isolated from your network. You probably have no idea what code it's running or where it's pulling updates from. The manufacturers may not know or care either. An exploit here might be someone hacking the update servers for that box and inserting their own code. Next time it updates, you're in a bot net. Or mining crypto for someone etc.
Steve
OK,Thanks for your explanation.
-
I found out the root cause of hacking activity. I have a laptop which distribute by my ISP and it has backdoor which uses to surveillance the user network activity. I understand i can format the PC but for precatious steps i want to harden the network security level.
How to block LAN to other same subnet computer only allow LAN to gateway?
-
You cannot do that at the firewall. Traffic between hosts in the same subnet doesn't go through the firewall. You would need a switch that has port isolation. Or use a new interface to create a new subnet and put the laptop in that.
But if you really suspect that someone has been hacking your network from your laptop (unlikely) then just don't connect it at all.
Steve
-
@peter_apiit said in Possible Pfsense get Hacked by ISP:
has backdoor which uses to surveillance the user network activity.
Dude lay off the HERB.. Or go with a different strain that doesn't cause your tinfoil hat to constrict.. What your saying is just nuts..
Your isp gave you a laptop with a backdoor installed so they can hack your TV? And put it back on the home store screen, and your other pc doesn't kick in screensaver?
Come on dude... Lay off the Mr Robot episodes for a bit maybe.
-
@stephenw10 said in Possible Pfsense get Hacked by ISP:
Or use a new interface to create a new subnet and put the laptop in that.
Perhaps I could use aother NIC for that since i got one spare NIC.
-
Yes, you could. That way it can be isolated from the other interfaces.
-
@stephenw10 I have tried to do a fresh installation of pfsense, after install snort and its ruleset. It good for a while but after that the snort ruleset get flush out and display as Not downloaded. I 100% confirm that the ruleset is downloaded previously. How my ISP able to do that? Please enlighten me.
-
@peter_apiit said in Possible Pfsense get Hacked by ISP:
How my ISP able to do that?
They are not. What makes you think they are?
-
@stephenw10 said in Possible Pfsense get Hacked by ISP:
@peter_apiit said in Possible Pfsense get Hacked by ISP:
How my ISP able to do that?
They are not. What makes you think they are?
Then why my Snort rule set get flush out.
-
@peter_apiit said in Possible Pfsense get Hacked by ISP:
Then why my Snort rule set get flush out.
It sure isn't your "isp" hacking you.. Maybe its the MIB, or the NSA - but it sure isn't your isp ;)
Does your refrigerator light stay on when you close the door - I would check that, that is clear sign of NSA hacking..
You need to drill a hole in the door - but its well worth it to know if your being hacked or not - I'm kidding btw.. Please do not drill a hole in your refrigerator door..
-
There are any number of reasons why your Snort rules could (appear to be) cleared. Check the Snort and System logs.
It being the result of hacking is extremely unlikely. Apart from anything else it would serve no purpose and be a very obvious change. What hacker would do that? None.Steve
-
@stephenw10 I am starting to think he has taken the birds are not real conspiracy theory to heart vs understanding its a satirical comment ;)
-
Humorous thread with an evil ISP, indeed.
