VPNFilter router virus.

 

There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/

Interesting. We don't use a

Interesting. We don't use a router per say, but rather sophos utm home edition. According to the symantec test, the device is infected. Not sure how accurate that is¿?

sophos utm home edition is a

sophos utm home edition is a FireWall, you still have a router, that modem thingy attached to your phone or cable line.

--
Frank Nuvi 3597LMT 37.322760, -79.511267

VPNFilter malware discussion

VPNFilter malware discussion started over a month ago at the following:

http://www.poi-factory.com/node/48525

rooters/routers/firewalls

phranc wrote:

sophos utm home edition is a FireWall, you still have a router, that modem thingy attached to your phone or cable line.

The sophos box/software handles the routing too. I don't have a phone or cable line actually. I have fiber coming into the house. This goes into something called an ONT. My understanding is this is nothing more than a media converter - converts fiber to ethernet. That goes into a dumb switch. Another port on the same dumb switch goes to a port designated as WAN on the sophos box. Another port on the sophos box feeds a number of switches and AP on the LAN side of the network.

For clarity, I should add, before the sophos box receives internet, the ONT has to be authenticated. This is done by connecting the gateway att provides to another port on the dumb switch while the sophos's WAN is disconnected. Once the gateway is happy (all green lights), it gets disconnected/powered down and the sophos WAN is connected (to the dumb switch). The sophos's WAN port's MAC is spoofed to that of the gateway.

Just did the check

billybovine wrote:

There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/

That was real fast and I'm clean.

--
Nuvi 350 long gone, Nuvi 855LMT, Nuvi 2797LMT, 3790LMT passed on to my daughter. Using Windows 10. DashCam with GPS.

Thanks

Melaqueman wrote:
billybovine wrote:

There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/

That was real fast and I'm clean.

I'm glad I read your reply as I missed the link earlier. Yes indeed, real fast is the correct word to use. cool

The link also offered another link to a list of routers that can be affected by the problem and it appears that my router is not in danger. Whew.

https://www.symantec.com/blogs/threat-intelligence/vpnfilter...

Router check utility

I don't know if my old D-Link router is vulnerable to this virus or not, but I was able run the utility and verify that it is not infected. Thanks for posting it.

--
Alan - Android Auto, Nuvi 3597LMTHD, Oregon 550T, Nuvi 855, Nuvi 755T, Lowrance Endura Sierra

False positive as I

.

Fortunately, I have an Asus RT-N66U.

--
Michael (Nuvi 2639LMT)

Checked ours

Our router tested Negative.

--
Metricman Nuvi 660, GTM-20 Traffic Receiver Nuvi 3597 GTM-60 Traffic Receiver Williamsburg, VA