Miserable broadband router or web attack?

[robilong]

Sometimes web browsing hangs while bit torrent and browser download continues with normal speed.
Router restart fixes it usually (while shouldn't stop DOS if target IP remains unchanged) or else problem passes by itself after 40-50 minutes (without router restart)

What kind of flaw this might be - a miserable router of web attack to browser port 80? If last, then what kind attack and how to protect against?

I have a an old Thomson TG784 router for 3-4 computers in household, which has earned well for many years. I have a dynamic IP from ISP but in fact IP doesn't change never after router restart.
Usually DOS attacks is overflooding an IP and restarting broadband router shouldn't have any effect as after restart attack continues to the given IP.

I checked also Thomson log but there are only last 20 entries and nothing interesting. When problem occurs Thomson router browser GUI isn't accessible to view instant log.

Any suggestions how to troubleshoot?

 

[jimbo45]

Hi there
once you start using Bit torrent -- all bets are off --who knows what's being downloaded / has already been downloaded . Your machine could be infected with any possible sort of malware - who knows.

I'd WIPE that entire machine, re-install the OS and THEN check if the router was OK.

(If you must go on to torrent sites always do it in a Virtual machine - then if it gets infected just delete it and fire up another one).

Cheers
jimbo

 

[robilong]

Hi there
once you start using Bit torrent -- all bets are off --who knows what's being downloaded / has already been downloaded . Your machine could be infected with any possible sort of malware - who knows.

I'd WIPE that entire machine, re-install the OS and THEN check if the router was OK.

(If you must go on to torrent sites always do it in a Virtual machine - then if it gets infected just delete it and fire up another one).

Cheers
jimbo

Thanks for supporting me. All household PC-s aren't under my full control and reinstalling always all PCs either is a real burden. Thats why I thought first to gather some ideas how to get closer to the culprit.

Is there any suggested local network traffic tools to find the problematic PC?

PS. all PC's have Norton Antivirus or Norton Internet Security.

 

[jimbo45]

Hi there
The only thing you can reasonably do easily is to control access to the Internet via some designated PC as "The Gatekeeper". Establish it as a Proxy server.

Now you can log each Internet request and what computer is issuing the request.

You could also then log any SIGNIFICANT change in response time from the Internet. Might be a simple problem like one of your computers is simply watching HD movies from a streaming service -- and if your ISP caps your bandwidth it has slowed you down for a while.

Input the data into a Spread sheet and the cause should soon be clear.

I'd still be very leery of things downloaded from torrents though on any PHYSICAL machine connected to your LAN especially when the PC's aren't under your direct control.

Cheers
jimbo

 

[Layback Bear]

I wonder why someone using a torrent has Enterprise installed.
I would suggest doing this.

http://www.sevenforums.com/windows-...ne-activation-issue-posting-instructions.html

 

[robilong]

1. I have been reasonably careful with security and I have some advanced security experiences, which unfortunately aren't sufficient ... else there wouldn't be reason to post this thread. When browser traffic in all computers halts, still all other traffic, including POP3 mail and browser downloads continues normally. So I understand the problem is about 80 port only.
Why should any vulnerability need to attack port 80? Is there some specific vulnerability with such behaviour to hack into system? I have used Shields up to test my broadband router successfully. https://www.grc.com/x/ne.dll?bh0bkyd2
2. How to obtain from Thomson TG784 router longer logs the 20 entries? There might be the answer but I couldn't find any suitable instructions of this unit log file capabilities and access to it.

 

[Layback Bear]

Please post this.

Windows Genuine and Activation Issue Posting Instructions

 

[robilong]

Please post this.

Windows Genuine and Activation Issue Posting Instructions

Hi
Thank for your info.
I don't understand how the link you have provided repeatedly can be in connection to network problems of multiple computers? Is the purpose to limit forum usage somehow?

your link states:

"This is a set of posting instructions to use so that you can get better help here at SevenForums.com when you have a Windows non-genuine and/or activation issue"

As I understand it's related only to non-genuine and/or activation issues.

 

[Layback Bear]

Windows Enterprise is a very special operating system that is use by business and educational institution.
Unless it activated properly it will not work properly.

With the log requested we have very qualified people that will be able to see if their is a problem and give you guidance to solve the problem.
Information below to help explain.

Windows 7 Enterprise - Windows Enterprise

Windows 7 Enterprise can only be activated with a Volume License MAK or KMS key if it is not activated against a local KMS server. Enterprise requires a VL KMS/MAK out of the box or activation against a local KMS server. It can be rearmed up to 3 times.

http://www.microsoft.com/en-us/showcase/channeldetails.aspx?channelid=windows7enterprise
http://social.technet.microsoft.com.../thread/bbf8edc6-6380-4f84-af7d-9244b8f103e3/

 

[robilong]

Windows Enterprise is a very special operating system that is use by business and educational institution.
Unless it activated properly it will not work properly.

With the log requested we have very qualified people that will be able to see if their is a problem and give you guidance to solve the problem.
Information below to help explain.

Windows 7 Enterprise - Windows Enterprise

Windows 7 Enterprise can only be activated with a Volume License MAK or KMS key if it is not activated against a local KMS server. Enterprise requires a VL KMS/MAK out of the box or activation against a local KMS server. It can be rearmed up to 3 times.

http://social.technet.microsoft.com.../thread/bbf8edc6-6380-4f84-af7d-9244b8f103e3/

I have a MAK key and about activation I don't know anything, except that after installation there was a Microsoft dialogue to activate Windows now over Internet.
Do you suspect that this MAK keys provided by local MS and an activation dialogue may have been fake?
Else it doesn't feel good for privacy to forward any key or activation related info to third parties and therefore it's weird request, when talk isn't about activation problems.

 

[bobafetthotmail]

PS. all PC's have Norton Antivirus or Norton Internet Security.

That is a very bad choice imho. Norton is very well-known for causing network issues (and being to trigger-happy), and it was the cause for at least 3 full network lockdowns (3 different networks of 3 different customers). I suggest to install a good free antivirus, like Avira and get rid of Norton.

And yes, windows Enterprise is a rare sight for a private owner (or someone that does not have an IT department at his disposal anyway). It's normal to suspect that you have pirated it.

once you start using Bit torrent -- all bets are off --who knows what's being downloaded / has already been downloaded . Your machine could be infected with any possible sort of malware - who knows.

Bit torrent is one of the safest download client I've ever seen, there is no way someone could inject stuff that wasn't already there in your download. It's downloading pirated stuff that is unsafe, regardless of how you pull it off.

 

[robilong]

PS. all PC's have Norton Antivirus or Norton Internet Security.

That is a very bad choice imho. Norton is very well-known for causing network issues (and being to trigger-happy), and it was the cause for at least 3 full network lockdowns (3 different networks of 3 different customers). I suggest to install a good free antivirus, like Avira and get rid of Norton.

Thanks for suggesting. I have a lot of customers running NAV or NIS for last 5 years and there never hasn't been any Norton only specific antivirus problems.

And yes, windows Enterprise is a rare sight for a private owner (or someone that does not have an IT department at his disposal anyway). It's normal to suspect that you have pirated it.

It's simple, I work for organisation, where this Windows version is ruling. All other versions I see rarely and therefore consider suspicious.

once you start using Bit torrent -- all bets are off --who knows what's being downloaded / has already been downloaded . Your machine could be infected with any possible sort of malware - who knows.

Bit torrent is one of the safest download client I've ever seen, there is no way someone could inject stuff that wasn't already there in your download. It's downloading pirated stuff that is unsafe, regardless of how you pull it off.

Actually I don't know why bit torrent was involved into this thread at all. But I haven't heard about torrent client vulnerabilities. But perhaps these exist.

 

[Layback Bear]

Worth a good read.

http://www.sevenforums.com/security...peer-peer-communications-researchers-say.html

Op post #1

Sometimes web browsing hangs while bit torrent and browser download continues with normal speed.