Skip to main content

    Support

    Offers

CORiverRat's profile
CORiverRat
1st Reply
1st Topic
Conversationalist

Frequent Visitor

 • 

10 Messages

Monday, May 4th, 2020 5:00 PM

Closed

IP Reputation Attacks and Unauthorized Access Attempts

I recently got an updated router and when it was installed the rep said he had converted all my settings over to the new router.  Within a day or two, I was suddenly unauthorized access attempts and IP Reputation attacks.  I hadn't noticed them at first, but once I did I started digging around and found that the new router's password was left at the default, and I immediately changed it but that did not help.  I should have checked it, but when he said everything was ported over from the old router I thought he meant everything, including the password.  Your reps should remind people to change that password immediately when they come online in the future.  The issue is whenever my Desktop comes online I will start getting these attacks.  I disconnected from the wired port and went wireless, no love.  I even went through one of my Dlink Access Points and then that started getting attacked.  I have run MALWAREBYTES, Norton, and MS MALWARE and anti-virus scans for the entire weekend, which found nothing, and still within minutes of going online I start getting messages.  I am trying to find anything that may be pinging out the IP address of the desktop but RESMON shows nothing that is not an expected program.  Any ideas?

Question

 • 

Updated 

5 years ago

2.5K

2

0

0

This conversation is no longer open for comments or replies and is no longer visible to community members.

EG

Expert

 • 

111.5K Messages

5 years ago

Try disabling the Xfi Advanced Security feature as a work-around for now and see. It's buggy ! And there is currently no way for an end-user to be able to whitelist anything;


https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security

 

0

0

CORiverRat

Frequent Visitor

 • 

10 Messages

5 years ago

I would expect to see these attacks to other devices rather than just following the Desktop as it seems to be doing.  Is there a way I can see is being sent out from the router to specific IP addresses?  I have a feeling, even though the MALWARE and Virus scanners are not picking anything up that there is something sending out messages that this computer is on the network and that is being used to try and attack it. 

0

0

forum icon

New to the Community?

Start Here