Hi anybody know what is happening to my gigablue box as it has just come up with a box in the middle of the screen saying 'You are being hacked' with a countdown clock..
I have turned it off and am a bit worried to turn it back on..
Any help will be greatly appreciated..

Have you got any ports open on your router?

sounds like you have your box connected to the outside world by opening port 80 and 8001 on your router.

If thats the case then you are advertising your box inviting trouble.

Hi anybody know what is happening to my gigablue box as it has just come up with a box in the middle of the screen saying 'You are being hacked' with a countdown clock..
I have turned it off and am a bit worried to turn it back on..
Any help will be greatly appreciated..

Has anyone in your household have access to the web interface for your box. If so they can send you a message and set the timeout period. This will appear in box on your TV screen with a time countdown.

If you box is connected to your home network on your computer type the IP address of the box in the address bar of your browser to bring up the web interface. The send message option is on the left hand side menu.

Alternatively you have left a port open and someone has hacked into your home network and is doing the same remotely from their location. if this is the case its your router configuration and not the gigablue box.

Thanks for all of your replies I will investigate further tomorrow and try and check all the suggestions..
John..

I sent a message to the wife via the TV once, she sh!t herself turned it off. Then went mad at mad when i told it was me.

as for any ports open - how do you check. I have a BT router, and have some ports forwarded to different things, and use UPNP which i think autatically does stuff with ports. Woudl this class as being open?

I sent a message to the wife via the TV once, she sh!t herself turned it off. Then went mad at mad when i told it was me.

as for any ports open - how do you check. I have a BT router, and have some ports forwarded to different things, and use UPNP which i think autatically does stuff with ports. Woudl this class as being open?

Try shields up.



https://www.grc.com/x/ne.dll?bh0bkyd2
https://www.grc.com/


On the first page hit the 'proceed' button
On the second page select scan all service ports option - and any of the other options
You will get an indication of which ports are responding and elsewhere on the site a description what the ports are used for.

I've been using this (free) service for 10+ years to check my router/firewall and the site claims that 98 million scan check requests have been made.

as for any ports open - how do you check. I have a BT router, and have some ports forwarded to different things, and use UPNP which i think autatically does stuff with ports. Woudl this class as being open?

UPnP would not be auto forward ports in this case - you would have to manually open them on the router.

I've been on sites where guys are actually laughing and joking in the chat box that they are doing this to people's E2 boxes.
You are lucky that is all they are saying, some of it unrepeatable, not to mention that it is all disgraceful.

I sent a message to the wife via the TV once, she sh!t herself turned it off. Then went mad at mad when i told it was me.

as for any ports open - how do you check. I have a BT router, and have some ports forwarded to different things, and use UPNP which i think autatically does stuff with ports. Woudl this class as being open?

If you don't know how to turn off ports, start by turning off webif in the box, the read how to turn ports off. It isn't hard how they do it.

UPnP would not be auto forward ports in this case - you would have to manually open them on the router.
UPnP (on a router) is the very thing that would allow applications inside a LAN to open ports to the outside. Unfortunately, uPnP is often enabled by default on ISP modem/routers to allow "easier" automatic configuration by applications of special port mappings or openings in the NAT. Some of these applications (say like CCTV or remotely accessible thermostats or other home automation devices) depend on uPnP being enabled on the router so that they can open ports so you can operate them from your mobile phone or laptop or whatever on t'internet. Therefore, the issue is if the device inside your LAN is poorly secured and can be accessed from the web by the hacker your whole LAN is at risk. This method was used recently to create a botnet of compromised webcams which had been installed using the default passwords. They were accessed from the web and made to generate a denial of service attack (DDOS) on major servers in the US. Implementation of uPnP in modem/routers is generally very insecure.

I always ensure uPnP is turned off in my routers and configure any pinholes or port forwarding manually. Having uPnP turned off in the router shouldn't affect devices like media servers within your LAN discovering each other and being able to share data. uPnP in a router is used for port forwarding by programs and shouldn't be enabled unless you have no other option.

UPnP (on a router) is the very thing that would allow applications inside a LAN to open ports to the outside. Unfortunately, uPnP is often enabled by default on ISP modem/routers to allow "easier" automatic configuration by applications of special port mappings or openings in the NAT. Some of these applications (say like CCTV or remotely accessible thermostats or other home automation devices) depend on uPnP being enabled on the router so that they can open ports so you can operate them from your mobile phone or laptop or whatever on t'internet. Therefore, the issue is if the device inside your LAN is poorly secured and can be accessed from the web by the hacker your whole LAN is at risk. This method was used recently to create a botnet of compromised webcams which had been installed using the default passwords. They were accessed from the web and made to generate a denial of service attack (DDOS) on major servers in the US. Implementation of uPnP in modem/routers is generally very insecure.

I always ensure uPnP is turned off in my routers and configure any pinholes or port forwarding manually. Having uPnP turned off in the router shouldn't affect devices like media servers within your LAN discovering each other and being able to share data. uPnP in a router is used for port forwarding by programs and shouldn't be enabled unless you have no other option.

I have uPNP enabled on my router and the STB is not accessible from outside - care to explain?

He is saying that uPNP devices do open ports by default, it is easy for someone 'scanning' as tony said for streaming traffic such as cctv to net the open port, you really should see the stuff that ordinary bored folk can do sat at a computer.

I have uPNP enabled on my router and the STB is not accessible from outside - care to explain?
That's because the STB itself is not opening ports on your router. Other applications (like webcams, remote thermostats etc.) may use uPnP to open ports. The standard ViX image doesn't contain the facility to open ports, but there may be a plug-in to do just that. Otherwise, you have to do it manually. The risk (when you have uPnP enabled on the router) is you download a malicious application on your PC or a rogue add-in from some device or service that you are running and then it uses uPnP to quietly open a port on your router.

That's because the STB itself is not opening ports on your router. Other applications (like webcams, remote thermostats etc.) may use uPnP to open ports. The standard ViX image doesn't contain the facility to open ports, but there may be a plug-in to do just that. Otherwise, you have to do it manually. The risk (when you have uPnP enabled on the router) is you download a malicious application on your PC or a rogue add-in from some device or service that you are running and then it uses uPnP to quietly open a port on your router.

Exactly - which is what my point was with the following post of mine (http://www.world-of-satellite.com/showthread.php?54112-You-are-being-hacked-!!&p=424897&viewfull=1#post424897)

uPNP is not the culprit when used correctly.