SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > ASUS N Routers & Adapters

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 02-28-2013, 12:00 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default How to check if my n66u is sending SPAM

Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

Currently I have no SMTP installed and I only use online Hotmail & Gmail.
I also did a full malware check, virus check, defender check, etc. Found nothing. I can de-list, but it will really suck if I got listed again and don't know why.

So, the point is, if ANY email is being sent out of my WAN IP address for ANY reason, it should be in some router log. In a N66u, how do I find this and read it?

thanks!
Reply With Quote
  #2  
Old 02-28-2013, 12:25 PM
RMerlin's Avatar
RMerlin RMerlin is online now
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 10,749
Thanks: 55
Thanked 6,021 Times in 2,449 Posts
RMerlin is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

Currently I have no SMTP installed and I only use online Hotmail & Gmail.
I also did a full malware check, virus check, defender check, etc. Found nothing. I can de-list, but it will really suck if I got listed again and don't know why.

So, the point is, if ANY email is being sent out of my WAN IP address for ANY reason, it should be in some router log. In a N66u, how do I find this and read it?

thanks!
You could always enable full packet logging, but chances are you won't be able to figure out what is truly going on through the log spam.

If you are 100% positive your computers are malware-free, then make sure your wireless is configured with WPA2 and a secure wireless key. To be sure, also change that wireless key.

Do NOT use WEP under any circumstances. And if possible use WPA2-AES instead of WPA-TKIP.

Make sure to check both 2.4 GHz and 5 GHz bands.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #3  
Old 02-28-2013, 12:39 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Yes, I am 100% sure I'm malware free - so the scanners say.

I also have WPA2-AES with a very secure password.
Actually, I'm more worried about the millions of anonymous attacks coming from the DSL line than the granny next door hacking my wifi wireless connection.

Maybe I need to log every port (full packet logging) and create a huge log text file I can search for keywords later. What are the keywords??

I'm using DSL with a dynamic WAN IP from a pool of addresses. Maybe the problem is someone and the is nothing I can do.

Last edited by enewmen; 02-28-2013 at 12:48 PM.
Reply With Quote
  #4  
Old 02-28-2013, 01:29 PM
RMerlin's Avatar
RMerlin RMerlin is online now
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 10,749
Thanks: 55
Thanked 6,021 Times in 2,449 Posts
RMerlin is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Yes, I am 100% sure I'm malware free - so the scanners say.

I also have WPA2-AES with a very secure password.
Actually, I'm more worried about the millions of anonymous attacks coming from the DSL line than the granny next door hacking my wifi wireless connection.

Maybe I need to log every port (full packet logging) and create a huge log text file I can search for keywords later. What are the keywords??

I'm using DSL with a dynamic WAN IP from a pool of addresses. Maybe the problem is someone and the is nothing I can do.
All the log will tell you is which IP communicated with which port, and the timestamp.

Could also be that you are using an IP that previously belonged to someone who had malware. Try turning off your Internet access for 5-10 mins and turn it back on, with hopefully a new public IP. (Assuming you do have a dynamic IP).
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #5  
Old 02-28-2013, 01:35 PM
huotg01's Avatar
huotg01 huotg01 is offline
Senior Member
 
Join Date: Feb 2013
Posts: 133
Thanks: 65
Thanked 10 Times in 9 Posts
huotg01 is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

...
Could you tell us more about your situation ? Who is in fact informing you that you are blacklisted ? What are the messages ? What are the things you cannot do because you "are blacklisted" ? Just to start...

GH
__________________
RT-AC68U with RMerlin's FW
ps: don't take my "senior member" title too seriously...
Reply With Quote
  #6  
Old 02-28-2013, 09:10 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Quote:
Originally Posted by huotg01 View Post
Could you tell us more about your situation ? Who is in fact informing you that you are blacklisted ? What are the messages ? What are the things you cannot do because you "are blacklisted" ? Just to start...

GH
Here you go: from http://whatismyipaddress.com/blacklist-check
What I can't do is use many Forums - the Admins told me I my IP is blacklisted. Luckily I don't have trouble on this Forum.
Thanks for the help!

-->The screenshot

Last edited by enewmen; 02-28-2013 at 09:20 PM.
Reply With Quote
  #7  
Old 02-28-2013, 11:18 PM
RMerlin's Avatar
RMerlin RMerlin is online now
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 10,749
Thanks: 55
Thanked 6,021 Times in 2,449 Posts
RMerlin is just starting out
Default

Just change your IP like I mentionned. Chances are a previous user of that IP got it blacklisted, and your ISP isn't very proactive in getting their IPs delisted.

A lot of those blacklists will tell you the date and time of the blacklisting BTW. That would confirm whether it was blacklisted by you, or a previous user.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #8  
Old 03-01-2013, 07:32 AM
huotg01's Avatar
huotg01 huotg01 is offline
Senior Member
 
Join Date: Feb 2013
Posts: 133
Thanks: 65
Thanked 10 Times in 9 Posts
huotg01 is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Here you go: from http://whatismyipaddress.com/blacklist-check
What I can't do is use many Forums - the Admins told me I my IP is blacklisted. Luckily I don't have trouble on this Forum.
Thanks for the help!

-->The screenshot
Better to do what RMerlin suggests, but "for fun", using http://whatismyipaddress.com/blacklist-check
try to change the last 2-3 digits of the IP address listed in the CheckBlacklists field. You will then see if your ISP is laszy and has a bigger problem...
__________________
RT-AC68U with RMerlin's FW
ps: don't take my "senior member" title too seriously...

Last edited by huotg01; 03-01-2013 at 07:40 AM.
Reply With Quote
  #9  
Old 03-03-2013, 08:04 AM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Again thanks for the help guys, even though this thread is loosely related to the n66u.
People seem confident that if the malware & virus scanners can not find anything, my PC should be clean.
I'm guessing the guys that are making trouble have at one time used every IP in the pool and there is nothing I can do about it and my ISP is lazy- I can just leave.
So I'll just do nothing for now and check to be sure my blacklist doesn't get worse.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 01:49 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  362
john9527  148
azazel1024  132
stevech  117
htismaqe  103
L&LD  95
sfx2000  78
TonyH  72
AndreyPopov  57
ColinTaylor  52
RMerlin  6020
john9527  375
stevech  349
ryzhov_al  278
TeHashX  233
L&LD  232
RogerSC  199
sinshiva  147
sfx2000  133
joegreat  126
Most Viewed Threads* Hottest Threads*
Old Shellshock...  27589
Old Asuswrt-Merli...  12430
Old Simple NAS...  2453
Old Brainstorming...  2256
Old Looking for...  2028
Old RT-AC68P  1963
Old Advice on...  1698
Old RT-AC68U...  1435
Old Asus...  1393
Old AC-68...  1292
Old Asuswrt-Merli...  104
Old Advice on...  47
Old Brainstorming...  47
Old Simple NAS...  36
Old Looking for...  35
Old Shellshock...  31
Old Stable...  25
Old Issues...  24
Old WiFi Rates  23
Old RT-AC68U...  22


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.