|This is the last time your account was accessed.|
Connect with us
Watch thousands of your favorite TV shows and movies On Demand and Live. Rent or buy your favorites and watch them on any device. Or, check what's on tonight and program your DVR. You can do it all!
Watch Free TV & Movies
Rent or Buy
Set your TV Viewing Experience
10-16-2012 01:37 PM
Initially I found sometimes my connection is slow / no-response.
When I check the security log from router, I found this:
Oct 15 21:31:35 2012
WBM user Unknown (0.0.0.0) has changed security settings[repeated 19 times, last time on Oct 15 21:34:11 2012]
Oct 15 21:30:48 2012
WBM user admin (192.168.1.8) has changed security settings
192.168.1.8 is me, however who is 0,0,0,0?
Actually I found many ports forwarding to my roommate's computer by 'pplive' (online streaming software?)
My roommate said he didn't change anything at router. And he likes watching video with 'pplive'.
So my question is: how can I remove that unknown user and get control of the router?
btw, is here the right sub-forum to looking for answers like my question? thanks~
10-16-2012 02:47 PM - edited 10-16-2012 02:47 PM
When a host requests an IP address it does so via 0.0.0.0 and thus this is related to obtaining an address via DHCP
11-24-2012 11:06 AM
From what I can gather, it looks like a backdoor for verizon. I recently reset my FIOS router and updated my security
settings. Even with remote admin disabled, the security logs shows.
Inbound Traffic: Accepted Traffic - Remote administration: TCP 22.214.171.124:53691->d.d.d.d:4567 on clink1
Inbound Traffic: Accepted Traffic - Remote administration: TCP 126.96.36.199:53693->d.d.d.d:4567 on clink1
Firewall Setup: Configuration change: WBM user Unknown (0.0.0.0) has changed security settings
According to whois, the contact email for the addr is firstname.lastname@example.org. I have since block port 4567. Does anyone know why verizon needs to sneak into the router? Thanks in advance, Mike
11-24-2012 11:21 AM
Yes, 188.8.131.52 is a Verizon network.
TCP port 4567 is Vz's backdoor to their Router.
I setup a Firewall rule a while ago that drops all inbound TCP 4567 requests. I got in the rule early enough. Later versions of ActionTech Router firmware have been found toi deny the ability to create a Firewall rule that drops all inbound TCP 4567 requests.