Return to Level1Techs.com

How did my ISP zombify my router?

#1

So this month I forgot to pay my ISP. Normally they pop up a nag screen when that happens, and I pay the bill online. This month something different happened.

I got a message that I needed to go to a “network login page” when I tried to open Firefox. I’ve seen this message on my laptop when I have to login to a captive wifi portal. So far this is no surprise.

What was a surprise was that I couldn’t access any web resource on my local network. Not my router, nor my VMWare server. Even manually typing in the IP address redirected me to my ISP’s “web portal” login.

I paid the bill and now the problem is gone. But it concerns me that my ISP can restrict access on my internal LAN. How is this accomplished and how can I prevent them from doing this again?

I have a Netgear AC1450 wifi router that’s been flashed with DD-WRT.

0 Likes

#2

DNS poisoning is usually how they do that. It shouldn’t be possible if you accessed your other devices by IP address, but is possible if you use localhostnames.

Don’t use your ISPs DNS servers. Also check to make sure that local name resolution bypasses your WAN.

2 Likes

#3

A captive portal can prevent you from accessing anything via wifi on your local network.

If you are also using the wired port(s) and DHCP server from your ISP router, they can also put you in a captive portal on the ethernet as well.

they could also have done this via DNS on your router (which it obtains from the ISP most likely and hands over to dhcp clients). Any name lookup using said DNS = they send you to a login page.

0 Likes

#4

That’s the weird part. I use IP addresses (not hostnames) to access those local resources, and tried to access them via LAN and wifi. I wasn’t using any kind of name resolution (DNS, host files, etc.) But they still somehow managed to redirect those addresses to the “web portal.”

I am not using an ISP router, but I am using one of their modems. I have been using their DNS with my router as a relay (I think), and DHCP to configure the WAN port. But the LAN-side DHCP is on my personal router that I supposedly have complete control over. Kinda freaky…

1 Like

#5

Have you watched PCMag video on YouTube? I think you must watch it for this.
Useful Resource: https://192-168-1-1ip.info/

0 Likes

#6

Could you link that please? I’d like to see it.

2 Likes