Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
My OPNSense box get hacked by ISP
« previous
next »
Print
Pages: [
1
]
Author
Topic: My OPNSense box get hacked by ISP (Read 3014 times)
peterwkc
Full Member
Posts: 112
Karma: 0
My OPNSense box get hacked by ISP
«
on:
May 25, 2022, 08:08:54 am »
Dear all forumer,
I had installed OPNSense version 22 to my latest Dell Inspiron 3020 desktop, after few hours all my settings get mess up already.
I had disable ssh remote login services.
This is the sign of hacked by someone. How they could do it? I don't understand. Please enlighten me. Thanks.
Logged
Supermule
Full Member
Posts: 235
Karma: 15
Re: My OPNSense box get hacked by ISP
«
Reply #1 on:
May 25, 2022, 08:22:46 am »
HAHAHAHAHAHAHAHAHAHAHAHAHAHAAHHAHA
You gotta be kidding us.....
Logged
Grossartig
Jr. Member
Posts: 76
Karma: 4
Re: My OPNSense box get hacked by ISP
«
Reply #2 on:
May 25, 2022, 12:17:52 pm »
Peter, this isn't much to go by. Do you have more specifics of what happened and what settings got messed up?
Logged
peterwkc
Full Member
Posts: 112
Karma: 0
Re: My OPNSense box get hacked by ISP
«
Reply #3 on:
May 25, 2022, 01:54:50 pm »
These are the three settings that I remember:
I enable the DHCP server to serve specific Mac address - - deny unknown clients but the check box is unchecked
Lan unable to browse internet need reset to factory defaults
I can observe that they open multiple console by pressing Alt + F2/F3 etc
No SSH login enabled
Limited open port
Please provide some guidance to me how to further harden my opnsense box. Appreciate your help. Thanks
Logged
Patrick M. Hausen
Hero Member
Posts: 6797
Karma: 571
Re: My OPNSense box get hacked by ISP
«
Reply #4 on:
May 25, 2022, 02:17:54 pm »
Quote from: peterwkc on May 25, 2022, 01:54:50 pm
I can observe that they open multiple console by pressing Alt + F2/F3 etc
So somebody had physical access to your OPNsense box?
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
peterwkc
Full Member
Posts: 112
Karma: 0
Re: My OPNSense box get hacked by ISP
«
Reply #5 on:
May 25, 2022, 02:37:41 pm »
No my ISP doesn't have physical access to my opnsense box. I try to limit the console by edit the /etc/ttys but it will restore to default after reboot.
What is serial console??
How to further protect the console???
Logged
franco
Administrator
Hero Member
Posts: 17656
Karma: 1610
Re: My OPNSense box get hacked by ISP
«
Reply #6 on:
May 25, 2022, 02:59:25 pm »
Usually you can close and lock the door of a server rack or server room. However, I'm unsure what "I can observe that they open multiple console" means. Are they OPEN or have they been USED? Because there is such a thing as auto-login you can enable from the GUI...
Cheers,
Franco
Logged
peterwkc
Full Member
Posts: 112
Karma: 0
Re: My OPNSense box get hacked by ISP
«
Reply #7 on:
May 25, 2022, 03:07:38 pm »
Where to disable the auto login from GUI??
Thanks for your help..
Logged
franco
Administrator
Hero Member
Posts: 17656
Karma: 1610
Re: My OPNSense box get hacked by ISP
«
Reply #8 on:
May 25, 2022, 03:09:54 pm »
System: Settings: Administration: Password protect the console menu, but it's on by default for exactly this reason.
Cheers,
Franco
Logged
peterwkc
Full Member
Posts: 112
Karma: 0
Re: My OPNSense box get hacked by ISP
«
Reply #9 on:
May 26, 2022, 04:39:34 am »
Anyone have idea how my ISP hacked me??
Questions
1. How to enforce no remote terminal is use?
2. How to further harden the IPS??
Please help. Thanks
Logged
bunchofreeds
Full Member
Posts: 203
Karma: 11
Re: My OPNSense box get hacked by ISP
«
Reply #10 on:
May 26, 2022, 04:45:26 am »
What experience do you have in setting up firewalls and routers?
This may help us to answer your questions...
«
Last Edit: May 26, 2022, 04:58:31 am by bunchofreeds
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.1 Legacy Series
»
My OPNSense box get hacked by ISP