CORiverRat's profile

Frequent Visitor

 • 

7 Messages

Mon, May 4, 2020 5:00 PM

IP Reputation Attacks and Unauthorized Access Attempts

I recently got an updated router and when it was installed the rep said he had converted all my settings over to the new router.  Within a day or two, I was suddenly unauthorized access attempts and IP Reputation attacks.  I hadn't noticed them at first, but once I did I started digging around and found that the new router's password was left at the default, and I immediately changed it but that did not help.  I should have checked it, but when he said everything was ported over from the old router I thought he meant everything, including the password.  Your reps should remind people to change that password immediately when they come online in the future.  The issue is whenever my Desktop comes online I will start getting these attacks.  I disconnected from the wired port and went wireless, no love.  I even went through one of my Dlink Access Points and then that started getting attacked.  I have run MALWAREBYTES, Norton, and MS MALWARE and anti-virus scans for the entire weekend, which found nothing, and still within minutes of going online I start getting messages.  I am trying to find anything that may be pinging out the IP address of the desktop but RESMON shows nothing that is not an expected program.  Any ideas?

Responses

EG

Expert

 • 

87.2K Messages

1 y ago

Try disabling the Xfi Advanced Security feature as a work-around for now and see. It's buggy ! And there is currently no way for an end-user to be able to whitelist anything;


https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security

 

Frequent Visitor

 • 

7 Messages

1 y ago

I would expect to see these attacks to other devices rather than just following the Desktop as it seems to be doing.  Is there a way I can see is being sent out from the router to specific IP addresses?  I have a feeling, even though the MALWARE and Virus scanners are not picking anything up that there is something sending out messages that this computer is on the network and that is being used to try and attack it. 

New to the Community?

Start Here