| ▲ | tigerlily 9 hours ago | ||||||||||||||||
How can I detect if my router is backdoored, or being used as a residential proxy? | |||||||||||||||||
| ▲ | mzajc 4 hours ago | parent | next [-] | ||||||||||||||||
I'm dealing with such attack, so if you'd like, you can send me IPv4 addresses, and I'll grep my logs for them. Email address is on the website linked on my profile. As for what you can do on your own, it really depends on your network. OpenWRT routers can run tcpdump, so you can check for suspicious connections or DNS requests, but it gets really hard to tell if you have lots of cloud-tethered devices at home. IoT, browser extensions, and smartphone applications are the usual suspects. | |||||||||||||||||
| ▲ | kimos 9 hours ago | parent | prev [-] | ||||||||||||||||
If it’s legit you can ask your ISP if they sell use of your hardware. Or just don’t use the provided hardware and instead BYO router or modem or media converter or whatever. But I think what OP is implying is insecure hardware being infected by malware and access to that hardware sold as a service to disreputable actors. For that buy a good quality router and keep it up to date. | |||||||||||||||||
| |||||||||||||||||