Has your router been hijacked? How to check its settings

Check your router often to make sure it is safe to use

Your computer and your router can be attacked by hackers and malware and they can cause havoc with your internet connection. You need to check your router asap to see if you have been compromised.

Has your router been hijacked and your DNS servers been altered? - rawinfopages.com

The Domain Name System

When we want to visit a website, such as Google, we type google.com into the address box of a web browser. Browsers and computers do not use domain names like google.com and instead, they use IP addresses.

An IP address consists of four numbers between 0 and 255 like this: 216.58.198.110. In order to go to the Google website when you type google.com into the address box of a browser, it communicates with a DNS (Domain Name System) server, which supplies the IP address. The browser can then access the web server using this IP number and get the Google home page.

The computer needs to know the address of a DNS server in order to query it when it needs to know the IP address of a website. It can get this information from the router. If you do not manually specify which DNS servers to use, and most people don't, the ones stored in the router are used.

Changing DNS servers

Now imagine malware or a hacker got into the router or computer settings and changed the DNS server addresses to its own. These will be used by the computer and web browser and then all internet traffic will be directed through the servers provided by the malware or hacker.

This would mean instead of going to websites you think are safe, such as your online bank, eBay, PayPal, and other places, you are redirected without you knowing to a site operated by the malware or hacker. Login details could then be stolen.

DNS hijacking could also be used to change the content in web pages, such as adverts. This would then earn money for the perpetrators.

This is a serious security problem called DNS poisoning or DNS hijacking and it has been known to happen. It isn't just theoretical.

We looked at manually changing DNS servers in a previous article, and malware can do this too, although not for speed and performance. Quite the opposite.

Check your router

You can easily check that your router is OK and that safe DNS servers are being used using Router Checker from the security company, F-Secure.

Open a web browser and go to the site: campaigns.f-secure.com/router-checker/en_global/

Click the Check your router button. The result is displayed after a few seconds and it should not report any problems.

 F-Secure router checker tests your router to see if it has been hijacked

Click See technical details of the results to get information about your DNS servers and internet connection.

 The technical details of F-Secure Router Checker

What if your DNS has been hijacked?

Suppose your DNS servers have been altered to something malicious. What do you do?

  1. Stop using the internet
  2. Change your DNS servers

You can manually enter the DNS servers to use and this overrides whatever is supplied by the router or your ISP. Here’s how to do it in Windows 10. Older versions of Windows are very similar.

Router hijacking affects not only your PC, but also every computer, phone, tablet and device that connects to the router.

Change DNS servers

1. Right click the network/Wi-Fi icon at the right side of the taskbar and select Open Network and Sharing Centre.

2. Click the link next to Connections (it probably says your router name).

 Windows Network and Sharing Centre properties

3. Click Properties in the Wi-Fi status window.

 Network properties in Windows

4. Double click Internet Protocol Version 4 (TCP/IPv4) in the list.

 Wi-Fi properties in Windows

5. In the lower part of the next window, select Use the following DNS server addresses. Enter 8.8.8.8 and 8.8.4.4 then click OK, OK, Close

 Set the DNS servers in Windows

Those IP addresses are Google’s DNS servers. Not everyone likes Google, but at least you’re not going to get malware.

An alternative to these is OpenDNS. Use 208.67.222.222 and 208.67.220.220.

If you are concerned about the security of your PC, here's how to speed up scanning with Malwarebytes Anti-Malware.


notepadGet the tips, guides and courses you need to make your blog or website a success! Go to: RAW Guides (rawinfopages.co.uk)

 


 

Leave a comment

Your email address will not be published.


*