Results 1 to 14 of 14
  1. #1
    Junior Member

    Join Date
    Aug 2016
    Posts
    14
    Thanks
    3
    Thanked 0 Times in 0 Posts

    Someone hacking my VU

    Hi Guys

    Someone is remotely accessing my VU

    from

    ppp109-252-72-225.pppoe.ru

    I've blocked the ports on my WAN but can some tell me how they found me?

  2. #2
    Forum Supporter
    Donated Member
    ccs's Avatar

    Join Date
    Sep 2014
    Posts
    1,949
    Thanks
    176
    Thanked 408 Times in 360 Posts
    They just scan all ports until they find what they're looking for. Everyone who leaves ports open is vulnerable.

    Every WAN IP address will be targeted at some time.
    Last edited by ccs; 14-03-18 at 23:30.

  3. #3
    Junior Member

    Join Date
    Aug 2016
    Posts
    14
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Can we set the streaming ports to using an encrypted port eg. https?

  4. #4
    Forum Supporter
    Donated Member
    ccs's Avatar

    Join Date
    Sep 2014
    Posts
    1,949
    Thanks
    176
    Thanked 408 Times in 360 Posts
    You need to set up a VPN.

  5. #5
    Junior Member

    Join Date
    Aug 2016
    Posts
    14
    Thanks
    3
    Thanked 0 Times in 0 Posts
    i'm gonna flash my receiver from scratch just in case they have setup any f*** up cron job.

  6. #6
    ViX Beta Tester birdman's Avatar

    Join Date
    Sep 2014
    Location
    Hitchin, UK
    Posts
    4,486
    Thanks
    90
    Thanked 945 Times in 760 Posts
    Quote Originally Posted by amarjit_dhillon View Post
    i'm gonna flash my receiver from scratch just in case they have setup any f*** up cron job.
    If they are accessing your box then it is more likely your router which needs to be reconfigured.
    One person on here apparently discovered that their box was, somehow, in the DMZ.
    MiracleBox Prem Twin HD - 2@DVB-T2 + Xtrend et8000 - 5(incl. 2 different USBs)@DVB-T2[terrestrial - UK Freeview HD, Sandy Heath] - LAN/USB-stick/HDD

  7. #7
    ViX Beta Tester birdman's Avatar

    Join Date
    Sep 2014
    Location
    Hitchin, UK
    Posts
    4,486
    Thanks
    90
    Thanked 945 Times in 760 Posts
    Quote Originally Posted by amarjit_dhillon View Post
    Can we set the streaming ports to using an encrypted port eg. https?
    That wouldn't stop anything. They'd just accept the certificate and keep streaming....
    MiracleBox Prem Twin HD - 2@DVB-T2 + Xtrend et8000 - 5(incl. 2 different USBs)@DVB-T2[terrestrial - UK Freeview HD, Sandy Heath] - LAN/USB-stick/HDD

  8. #8
    Junior Member

    Join Date
    Aug 2016
    Posts
    14
    Thanks
    3
    Thanked 0 Times in 0 Posts
    this box was not in the DMZ but i did open the ports, my fault completely.

    Lesson learnt i suppose, still in the process of flashing box, lol

  9. #9
    Member

    Join Date
    Apr 2016
    Location
    Helsinki
    Posts
    53
    Thanks
    14
    Thanked 10 Times in 7 Posts
    Quote Originally Posted by amarjit_dhillon View Post
    Can we set the streaming ports to using an encrypted port eg. https?
    I would be more worried of some hacker messing up my configuration or otherwise damaging the system (and possibly using it for some distributed attacks) than just somebody being able to stream some content from tv or recordings..

  10. #10
    Forum Supporter
    Donated Member


    Join Date
    Jun 2013
    Posts
    935
    Thanks
    23
    Thanked 68 Times in 63 Posts
    But i still do not understand how someone can hack you if you have your ports open. Now, when you open your ports you have to set credentials and (username nad password). So even if someone scans your ports or whatever, how would they guess the username or password?

  11. #11
    Junior Member

    Join Date
    Aug 2016
    Posts
    14
    Thanks
    3
    Thanked 0 Times in 0 Posts
    In OPENWEBIF, there is a setting to enable "HTTP AUTHENTICATION FOR STREAMING" and that was switched off so even though the guy could not access port 80, he could access port 8001-8002 without any username or password.

    If you enable "HTTP AUTHENTICATION FOR STREAMING" for streaming, the CLIENT MODE feature on my vu zeros stopped working.

  12. #12
    Senior Member

    Join Date
    Mar 2011
    Location
    Barking
    Posts
    149
    Thanks
    8
    Thanked 5 Times in 5 Posts
    close your ports, I set up for remote access to my receiver in the past year and was hacked in no time. Recordings on both my VU receivers were wiped by the hacker, going back several years, you can imagine how pissed I was

  13. #13
    Senior Member

    Join Date
    Sep 2013
    Posts
    586
    Thanks
    192
    Thanked 60 Times in 50 Posts
    Amazing how many boxed show up with a quick google search.....

    Its hardly a hack it you leave the door wide open.

  14. #14
    Senior Member

    Join Date
    Mar 2011
    Location
    Barking
    Posts
    149
    Thanks
    8
    Thanked 5 Times in 5 Posts
    Quote Originally Posted by imish View Post
    Amazing how many boxed show up with a quick google search.....

    Its hardly a hack it you leave the door wide open.
    what exactly do you write in google to see these?

  15. The Following User Says Thank You to jassie For This Useful Post:

    Ford1 (13-06-18)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •