Everyone requires to reboot your Gateway/modem/router!

Discussion in 'TiVo Coffee House - TiVo Discussion' started by ThAbtO, May 30, 2018.

  1. ThAbtO

    ThAbtO TiVoholic by the bay TCF Club

    12,282
    1,060
    Apr 6, 2000
    SF Bay Area

    Advertisements

    You need to pull the power to your Gateway/Router & modem on your network.

    This is to clear out malware called VPNFilter which seems to be very hard to detect. It can take from 1 to 5 minutes for it to be operational again.
     
  2. krkaufman

    krkaufman TDL shepherd

    15,979
    2,979
    Nov 25, 2003
  3. gigaquad

    gigaquad Tivo Image Master

    226
    127
    Oct 25, 2004
    That's what they WANT you to think!

    [​IMG]
     
    apsarkis, dlfl and JoeKustra like this.
  4. UCLABB

    UCLABB Well-Known Member

    5,454
    1,460
    May 29, 2012
    Riverside, CA

    Advertisements

    Had a brief power outage today. A guess that did it for me.
     
  5. tenthplanet

    tenthplanet Well-Known Member

    1,607
    478
    Mar 5, 2004
    Deadpool demands you reset your router :D
     
  6. davidscarter

    davidscarter Active Member

    214
    59
    Sep 28, 2015
    dianebrat likes this.
  7. dlfl

    dlfl Cranky old novice

    9,015
    775
    Jul 6, 2006
    Dayton OH
    The cat looks bored .... silly human servant stuff, tolerated as long as food and water are provided.
     
  8. jlb

    jlb Go Pats!

    9,227
    357
    Dec 13, 2001
    Burlington, VT
    I also updated the firmware on my nighthawk r7000. a new one was put out, presumably related to the malware?
     
  9. JoeKustra

    JoeKustra in the other Alabama TCF Club

    20,096
    3,706
    Dec 7, 2012
    Ashland, PA...
  10. Sheffield Steve

    Sheffield Steve Member

    106
    17
    Jun 11, 2010
    So what will rebooting do?

    From the article referenced above:

    "The VPNFilter malware is a multi-stage, modular platform with versatile capabilities to support both intelligence-collection and destructive cyber attack operations.

    The stage 1 malware persists through a reboot, which sets it apart from most other malware that targets internet-of-things devices because malware normally does not survive a reboot of the device. The main purpose of stage 1 is to gain a persistent foothold and enable the deployment of the stage 2 malware. Stage 1 utilizes multiple redundant command and control (C2) mechanisms to discover the IP address of the current stage 2 deployment server, making this malware extremely robust and capable of dealing with unpredictable C2 infrastructure changes."
     
  11. NorthAlabama

    NorthAlabama tabasco rules

    11,535
    3,105
    Apr 19, 2012
    sweet home, al
    that's not the way i read the fbi notice, they didn't suggest the reboot as a fix, instead specifically stating it was advised to "temporarily disrupt" and "aid the potential identification of infected devices":
     
    krkaufman likes this.
  12. ManeJon

    ManeJon Active Member

    214
    55
    Apr 14, 2018
    I read that the reboot doesn't eliminate the threat but slows down its impact - router can get infected again. Should do but not a permanent fix
     
  13. tim_m

    tim_m Active Member

    793
    187
    Mar 8, 2017
    More then anything the reboot is to help the FBI find out what other router manufacturers are affected. If you listen upgrade security now you should also follow Steve's advice and upgrade the firmware if any is available to rid the router of malware. If there's no update he suggests if you can to reflash the most current available.
     
    photoshopgrl likes this.
  14. tomhorsley

    tomhorsley Well-Known Member

    1,740
    249
    Jul 22, 2010
    OK, this was a good excuse to upgrade the firmware on my Asus router with the latest asuswrt/merlin version. It is a new major version, so I had to factory reset and it took most of the afternoon to get it reconfigured again, but now I'm finally up to the latest version. Seems to be working, haven't noticed anything that got better or worse.
     

Share This Page

spam firewall

Advertisements