[App_rpt-users] Got a strange error in my AT&T gateway

Bryan D. Boyle bdboyle at bdboyle.com
Sun Jul 30 09:24:08 EDT 2017


if you are on the public net with an open port...you will be found.  

--
Bryan
Sent from my iPhone 6S...No electrons were harmed in the sending of this message.



> On Jul 30, 2017, at 02:42, Andy KB7B <andy_kb7b at yahoo.com> wrote:
> 
> Would changing the Allstar port number help, or would the bad guys just discover this in short order?
> 
> -Andy
> KB7B
> 42432
> 
>> On Jul 30, 2017, at 2:29 AM, David Shaw <shawpbx at gmail.com> wrote:
>> 
>> I saw your post from the att forum dated back in Sept 2016. So your router detected a php hijacking and blocked the packet. That's ok.  But.. I would guess your getting attacked all around and over loading your router. If you have a consumer-grade router. I would call att and see if they have anyway of looking to see if your being attacked. Getting a new IP address should help. Login to your router check to see what your WAN/Public IP address.
>> 
>> 
>> Try powering off your Router and ASL Node for 3-5 minutes.
>> 
>> Some hackers testing your IP address and router.
>> 
>> The power off is to hopefully get a new IP address.
>> 
>> Google online port scanner. Find one a scan your router to see if any of your ports our open. It should show no port. Filtered ports are bad as well.
>> 
>> David KE6UPI
>> 
>> PS: If your into playing with routers and making your own. Try OPNsense.
>> https://opnsense.org/
>> 
>> I use Sophos with a free home lic.
>> 
>> 
>> 
>> --
>> Thanks, David
>> 
>> "Laws that forbid the carrying of arms...disarm only those who are neither inclined nor determined to commit crimes. Such laws make things worse for the assaulted and better for the assailants; they serve rather to encourage than prevent homicides, for an unarmed man may be attacked with greater confidence than an armed one."
>> Thomas Jefferson
>> 
>>> On Sat, Jul 29, 2017 at 10:29 AM, George Csahanin <george at dyb.com> wrote:
>>> Hi all. I've been seeing a daily reboot of my AT&T gateway, has done it three times now. Looked at the logs in the AT&T box and I see several:
>>> 
>>> host=stats.allstarlink.org url=/uhandler.php hijacked
>>> 
>>> Anybody know what this might mean?
>>> 
>>> GeorgeC
>>> 
>>> 
>>> -- 
>>> George Csahanin
>>> 10100 Carson Ranch Rd.
>>> Crowley, TX 76036
>>> 682-708-5716 home
>>> 401-338-0568 cel
>>> http://dyb.com
>>> PLEASE NOTE: Effective January 1, 2018 george at dyb.com will no longer function
>>> USE george at w2db.com
>>> 
>>> _______________________________________________
>>> App_rpt-users mailing list
>>> App_rpt-users at lists.allstarlink.org
>>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>>> 
>>> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
>>> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
>> 
>> _______________________________________________
>> App_rpt-users mailing list
>> App_rpt-users at lists.allstarlink.org
>> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>> 
>> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
>> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
> 
> To unsubscribe from this list please visit http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.allstarlink.org/pipermail/app_rpt-users/attachments/20170730/0efc0b59/attachment.html>


More information about the App_rpt-users mailing list