VPNFilter router virus.
Thu, 07/05/2018 - 12:04pm
  13 years
|
There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/
Interesting. We don't use a
Interesting. We don't use a router per say, but rather sophos utm home edition. According to the symantec test, the device is infected. Not sure how accurate that is¿?
sophos utm home edition is a
sophos utm home edition is a FireWall, you still have a router, that modem thingy attached to your phone or cable line.
Frank DriveSmart55 37.322760, -79.511267
VPNFilter malware discussion
VPNFilter malware discussion started over a month ago at the following:
http://www.poi-factory.com/node/48525
rooters/routers/firewalls
sophos utm home edition is a FireWall, you still have a router, that modem thingy attached to your phone or cable line.
The sophos box/software handles the routing too. I don't have a phone or cable line actually. I have fiber coming into the house. This goes into something called an ONT. My understanding is this is nothing more than a media converter - converts fiber to ethernet. That goes into a dumb switch. Another port on the same dumb switch goes to a port designated as WAN on the sophos box. Another port on the sophos box feeds a number of switches and AP on the LAN side of the network.
For clarity, I should add, before the sophos box receives internet, the ONT has to be authenticated. This is done by connecting the gateway att provides to another port on the dumb switch while the sophos's WAN is disconnected. Once the gateway is happy (all green lights), it gets disconnected/powered down and the sophos WAN is connected (to the dumb switch). The sophos's WAN port's MAC is spoofed to that of the gateway.
Just did the check
There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/
That was real fast and I'm clean.
Nuvi 2797LMT, DriveSmart 50 LMT-HD, Using Windows 10. DashCam A108C with GPS.
Thanks
There has been a lot of talk about the VPNFilter router virus recently. There was request to reboot your router. But that did not remove the core of the virus. Only a factory reset would. So to help with that decision of what steps you could take. It would be handy if you actually knew if your router had the virus. Here is a test from Symantec that is quick easy and free. http://www.symantec.com/filtercheck/
That was real fast and I'm clean.
I'm glad I read your reply as I missed the link earlier. Yes indeed, real fast is the correct word to use.
The link also offered another link to a list of routers that can be affected by the problem and it appears that my router is not in danger. Whew.
https://www.symantec.com/blogs/threat-intelligence/vpnfilter...
Router check utility
I don't know if my old D-Link router is vulnerable to this virus or not, but I was able run the utility and verify that it is not infected. Thanks for posting it.
Alan - Android Auto, DriveLuxe 51LMT-S, DriveLuxe 50LMTHD, Nuvi 3597LMTHD, Oregon 550T, Nuvi 855, Nuvi 755T, Lowrance Endura Sierra, Bosch Nyon
False positive as I
False positive as I thought.
https://community.sophos.com/products/unified-threat-managem...
.
Fortunately, I have an Asus RT-N66U.
Michael (Nuvi 2639LMT)
Checked ours
Our router tested Negative.
Metricman DriveSmart 76 Williamsburg, VA