Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Did I get hacked?

    Scheduled Pinned Locked Moved General pfSense Questions
    10 Posts 8 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      richierichim
      last edited by

      Well, I'm surfing along and when all of a sudden my cdrom drive pops open.  Is it possible that someone hacked in to my pfsense?  I freaked out and pulled everything and shutdown the server.  Before doing that, I looked at my snort, it was still running.  The only ports open are  openvpn related.  I would like to go back to using pfsense if I can get piece of mind.  Thanks.

      1 Reply Last reply Reply Quote 0
      • M
        matumbo
        last edited by

        I think it's more likely that you clicked some bad link or downloaded some shit than someone hacking PFsense and then hacking your computer through PFsense. Although it sounds strange that someone or something would get into your computer just to open the CD-ROM Tray. Maybe it was just some bug in the OS.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          haha  If that wasn't some application gone nuts and actually was indicative of some kind of "hack"/malware/virus, it certainly wouldn't have come via a compromise of your firewall. The entire point of virtually all malware today is to stay hidden, not be stupid and open your CD-ROM, as they want to either record your keystrokes and steal your account logins, or use your machine as a DDoS bot or spam relay or similar, etc. Hence I very seriously doubt if that was malware.

          1 Reply Last reply Reply Quote 0
          • R
            richierichim
            last edited by

            The intriguing part of this is that I didn't have any computers on except a few Android phones and one iphone.  None of which were rooted. I have rules that the only access is the firewall is via my laptop; all other computers are limited to dns request.  I did click a news article from my Android phone when the tray opened so I have to lean toward matumbo's explanation but I do agree with cmb as for the major of malware.  I do find it strange too.  So the conclusion is that it may not be malware and may be some bug.

            It's nice to keep me grounded and not think the whole world is against me.  I just a guy trying to keep the family safe.  Thanks for your replies.

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              I think I misunderstood this first time round. So the tray opened on your pfSense machine?

              I agree with what's already been said, no hacker or malware wants to draw attention to themselves, opening the CD tray would be a stupid move. In fact last time I checked the command to open the tray, cdcontrol, wasn't included in pfSense anyway.

              Steve

              1 Reply Last reply Reply Quote 0
              • I
                iMouse
                last edited by

                I have the same problem.  It doesn't appear to be a hack, but rather an intermittent issue with hardware or bug in pfSense.

                I have a Dell OptiPlex GX150 SFF that keeps popping open the laptop-style tray at random intervals.  I had this issue in pfSense 2.0 RC3 something or other and it went away after I powered down to replace a bad CPU fan.  Since then, everything was fine until after a reboot for the 2.0.2 update.  Now the tray pops open at random intervals again.

                I'm not planning on powering down pfSense to fix a stupid issue like this, but I'll keep an eye on things next time I have to bring it down.

                1 Reply Last reply Reply Quote 0
                • N
                  NOYB
                  last edited by

                  Did you web search?  Seems like I heard or read something about drives opening inadvertently but don't recall for sure.  Don't think it was anything to worry about though.

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    Anyone else remember COKEGIFT.EXE?  ;D

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • J
                      jasonlitka
                      last edited by

                      @jimp:

                      Anyone else remember COKEGIFT.EXE?  ;D

                      Yes, in fact I do.  Unfortunately, it's caught by many AV programs these days.

                      I can break anything.

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        Sadly, AV companies can't take a joke…  :P

                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.