Sounds like it was reset to factory defaults, this seems out of the ordinary but could indicate the router is failing.
None of the things you have done have made it any harder for someone with the knowledge to break into your router, instead it makes it harder on you.
Most wireless attacks revolve around WPS attacks so disabling that and keeping a good strong key is necessary for a secure setup. In some cases disabling WPS only disables the button and not the function. It’s hard to know without testing it yourself.
I wouldn’t trust anything Linksys has to say on this. Nothing against them but you likely aren’t talking to anyone actually from Linksys, but rather a contracted out call center. The techs there don’t have the kind of knowledge and training they need to make such an assessment as you have been definitively hacked.
They can’t, and neither can any of us TBH.
The only way you could some how prove it is to mitm your own wireless traffic and to know what you were looking for. I’m going to tell you now, without extensive knowledge of said hacking you would never be able to catch them in the act unless you were standing there watching them do it.
I don’t believe you were hacked though, and I will explain why.
I’m not an expert on wireless ap hacking, but I did pick it up as a hobby for a while. If one is going to try to leverage access to a wireless network the last thing you would want is to be noticed. So why remove the PSK and go to a unsecured setup? It doesn’t make sense if you’re trying to go undetected. If your neighbor had hacked your router he wouldn’t need to go unsecured. He should have your WiFi passcode the same as you, and with that he has the same access as you.
What seems more likely is a firmware update or even nvram reset caused the router to factory default. I’ve seen this kind of thing happen on routers gone bad. They won’t keep settings long term.
It’s possible to view the DHCP tables to see who’s connected and their uniquely identifiable Mac addresses. my bet is your devices will be the only ones listed there.
Official support isn’t always a sure sign. A lot of routers have unofficial builds that work just fine but you’ll have to crawl the ddwrt forums for that.
I wouldn’t recommend it because it’s often a noticeable hit in speed running ddwrt.
Yeah you’re right, I don’t have the extensive knowledge in networking and security. Ive had my suspicions about my neighbor for a while now. It seems every time I connect to my wifi he seems to go to his computer. I know this because he lives right above me and the acoustics are excellent, I can hear him rolling in his computer chair. One of the first things Ive done is try to down play and reassure my self saying “oh hes just being strange, or I’m being paranoid.” but since this new issue with my router has arisen, I’m starting to have serious doubts. If worse comes to worse I’ll have to invest in a new router but that will be a while. I just was hoping if there was a way to catch him that it could be implemented.
airmon-ng/airodump-ng in Linux will show you all access points and clients associated. If you have the will to learn and a capable wireless card you can see who is connected to what given you’re in range.
OK thank you Ill look into it. I’m also curious if he could be using something called a KRACK attack. I use linux on my netbook and wpa supplicant I guess has some vulnerabilities and I 'm not too sure that my router is even updated even though I have automatic updates enabled. this one post that someone put up had me worried.https://forum.level1techs.com/t/linksys-smart-router-vulnerability/115135 my router model is on that list unfortunately.
This might be why the router factory defaulted. Have you checked the config to see if any unique setting have persisted? Why jump to the conclusion you were hacked?
I’m all for being paranoid but there’s nothing here that indicates a breach.
That will let someone listen to your WiFi traffic. If you browse with HTTPS then they can’t see your traffic. Krack only lets the cracker listen to un-encrypted traffic.
You could use a VPN on wireless devices and krack would be worthless.
yes Ive have checked to see if any unique settings have stayed the same. for example I had my SSID not broadcasting, I enabled MAC filtering but then disabled it after I found out it’s not fool proof, I only have 2ghz channel going not the 5ghz, disabled guest network, and have wpa2 personal only with mixed signal.
So the configuration is completely clean (back to factory default)? If so as @Adubs it probably factory defaulted itself. I tend to agree that its more than likely not someone hacking you.
Yeah I though about getting A VPN everyone recommends it. I’m probably going to have to just to be safe. My neighbor though, is a strange bird. He hammers all the time and claims that he is putting up pictures, but it sounds like he is pulling up the floor boards, I know sounds strange but hes whisper quiet when he wants to be or normal loud. I knocked on his door several times and he never answers the door, he always talks through the door. one day he was so loud I was about ready to call the police but instead I went and banged on his door and of course he didn’t open so I pulled open his mail slot which is in the door to look him in the face and he has a bed sheet in front of his door!?
Im confused when you say completely clean (back to factory default), none of those settings are default those are all custom settings that I have set. Idk, one thing I do all the time is unplug it when im not using it because i read online that wifi isn’t exactly good for your health. is that what you mean by factory default because I’ve logged into the router several times and it doesn’t ever change, meaning all my settings stay the same.
well It’s a joke but not a joke lol. but I don’t keep my wifi on for fear of people hacking into it. Ive always known of how vulnerable wifi is compared to a good ole’ fashioned Ethernet cable, but I like to listen to asmr and watch videos on youtube on my netbook and my kindle in my bedroom.
Well guys I gotta go and get ready for work so if I don’t reply to any of your post then you know why. I really appreciate the input as I’m not well versed in the tek as probably most of you are but that being said, I hope you guys have a great new Years and If there is way of telling if my neighbor is doing something malicious then please tell me, and again many thanks!
do check that WPS is off. that is a very fast/easy “hack”
SSID hidden only hides the human name, nothing in the way of security.
MAC filtering is also nothing useful as attacker will spoof your MAC(s) after seeing them connect
the physical side of things makes no difference, might as well have 5ghz on.
personally i would factory default it. check WPS / set up wireless and make a backup of that config.
if anything happens you can upload the config and restore to working, change password and backup new config.
Not the worst idea from a security perspective, many routers can even do that on their own for the times you set.
However, the frequencies used by wireless routers are not harmful (no ionizing radiation) and the overall energy is very low too. All it does is warm your body by fractions of a watt. Walking a couple of minutes in the sun is worse for your body and that seems to be mostly fine.
Regarding your actual problem, changing the admin password to something more secure, turning off WPS and updating the firmware if possible, most of the time is enough. Overall, excellent advise here, I should probably take a look at my own setup. It’s been a year now since I touched it.
Random thought for ya. Have you tried bringing your router away from your apartment to a friend’s, family memeber’s house or work and plug it in to see if it broadcasts the double network. If your neighbor was running some kind of rouge access point, it wouldn’t show up if you physically moved the router away from the area.
Seeing as others have graciously helped you, I’d just like to point out that calling your police department (even using the non emergency number) in a case like this is a tad obstructive. Security is critical, yes, but I could only imagine the people out there with critical issues not receiving the help they need immediately. If you have an actual concern with the legal nature of an issue, most lawyers will answer basic questions like that for free.
I can understand how something like this is troublesome, but I know how busy police departments get at times tackling immediate issues, emergency or not.
I hope you get this issue resolved and wish you the best. It might even be worth confronting the neighbor about it in a passive way but then you risk looking a fool if they actually weren’t doing anything.