SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > ASUS N Routers & Adapters

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 02-28-2013, 01:00 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default How to check if my n66u is sending SPAM

Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

Currently I have no SMTP installed and I only use online Hotmail & Gmail.
I also did a full malware check, virus check, defender check, etc. Found nothing. I can de-list, but it will really suck if I got listed again and don't know why.

So, the point is, if ANY email is being sent out of my WAN IP address for ANY reason, it should be in some router log. In a N66u, how do I find this and read it?

thanks!
Reply With Quote
  #2  
Old 02-28-2013, 01:25 PM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 11,577
Thanks: 62
Thanked 6,554 Times in 2,664 Posts
RMerlin is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

Currently I have no SMTP installed and I only use online Hotmail & Gmail.
I also did a full malware check, virus check, defender check, etc. Found nothing. I can de-list, but it will really suck if I got listed again and don't know why.

So, the point is, if ANY email is being sent out of my WAN IP address for ANY reason, it should be in some router log. In a N66u, how do I find this and read it?

thanks!
You could always enable full packet logging, but chances are you won't be able to figure out what is truly going on through the log spam.

If you are 100% positive your computers are malware-free, then make sure your wireless is configured with WPA2 and a secure wireless key. To be sure, also change that wireless key.

Do NOT use WEP under any circumstances. And if possible use WPA2-AES instead of WPA-TKIP.

Make sure to check both 2.4 GHz and 5 GHz bands.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #3  
Old 02-28-2013, 01:39 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Yes, I am 100% sure I'm malware free - so the scanners say.

I also have WPA2-AES with a very secure password.
Actually, I'm more worried about the millions of anonymous attacks coming from the DSL line than the granny next door hacking my wifi wireless connection.

Maybe I need to log every port (full packet logging) and create a huge log text file I can search for keywords later. What are the keywords??

I'm using DSL with a dynamic WAN IP from a pool of addresses. Maybe the problem is someone and the is nothing I can do.

Last edited by enewmen; 02-28-2013 at 01:48 PM.
Reply With Quote
  #4  
Old 02-28-2013, 02:29 PM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 11,577
Thanks: 62
Thanked 6,554 Times in 2,664 Posts
RMerlin is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Yes, I am 100% sure I'm malware free - so the scanners say.

I also have WPA2-AES with a very secure password.
Actually, I'm more worried about the millions of anonymous attacks coming from the DSL line than the granny next door hacking my wifi wireless connection.

Maybe I need to log every port (full packet logging) and create a huge log text file I can search for keywords later. What are the keywords??

I'm using DSL with a dynamic WAN IP from a pool of addresses. Maybe the problem is someone and the is nothing I can do.
All the log will tell you is which IP communicated with which port, and the timestamp.

Could also be that you are using an IP that previously belonged to someone who had malware. Try turning off your Internet access for 5-10 mins and turn it back on, with hopefully a new public IP. (Assuming you do have a dynamic IP).
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #5  
Old 02-28-2013, 02:35 PM
huotg01's Avatar
huotg01 huotg01 is offline
Very Senior Member
 
Join Date: Feb 2013
Posts: 243
Thanks: 105
Thanked 20 Times in 18 Posts
huotg01 is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Hi all.

I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
How to check if there is some virus sending out emails?

...
Could you tell us more about your situation ? Who is in fact informing you that you are blacklisted ? What are the messages ? What are the things you cannot do because you "are blacklisted" ? Just to start...

GH
__________________
RT-AC68U with RMerlin's FW
ps: don't take my "senior member" title too seriously...
Reply With Quote
  #6  
Old 02-28-2013, 10:10 PM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Quote:
Originally Posted by huotg01 View Post
Could you tell us more about your situation ? Who is in fact informing you that you are blacklisted ? What are the messages ? What are the things you cannot do because you "are blacklisted" ? Just to start...

GH
Here you go: from http://whatismyipaddress.com/blacklist-check
What I can't do is use many Forums - the Admins told me I my IP is blacklisted. Luckily I don't have trouble on this Forum.
Thanks for the help!

-->The screenshot

Last edited by enewmen; 02-28-2013 at 10:20 PM.
Reply With Quote
  #7  
Old 03-01-2013, 12:18 AM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 11,577
Thanks: 62
Thanked 6,554 Times in 2,664 Posts
RMerlin is just starting out
Default

Just change your IP like I mentionned. Chances are a previous user of that IP got it blacklisted, and your ISP isn't very proactive in getting their IPs delisted.

A lot of those blacklists will tell you the date and time of the blacklisting BTW. That would confirm whether it was blacklisted by you, or a previous user.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #8  
Old 03-01-2013, 08:32 AM
huotg01's Avatar
huotg01 huotg01 is offline
Very Senior Member
 
Join Date: Feb 2013
Posts: 243
Thanks: 105
Thanked 20 Times in 18 Posts
huotg01 is just starting out
Default

Quote:
Originally Posted by enewmen View Post
Here you go: from http://whatismyipaddress.com/blacklist-check
What I can't do is use many Forums - the Admins told me I my IP is blacklisted. Luckily I don't have trouble on this Forum.
Thanks for the help!

-->The screenshot
Better to do what RMerlin suggests, but "for fun", using http://whatismyipaddress.com/blacklist-check
try to change the last 2-3 digits of the IP address listed in the CheckBlacklists field. You will then see if your ISP is laszy and has a bigger problem...
__________________
RT-AC68U with RMerlin's FW
ps: don't take my "senior member" title too seriously...

Last edited by huotg01; 03-01-2013 at 08:40 AM.
Reply With Quote
  #9  
Old 03-03-2013, 09:04 AM
enewmen enewmen is offline
Member
 
Join Date: Aug 2012
Posts: 33
Thanks: 10
Thanked 0 Times in 0 Posts
enewmen is just starting out
Default

Again thanks for the help guys, even though this thread is loosely related to the n66u.
People seem confident that if the malware & virus scanners can not find anything, my PC should be clean.
I'm guessing the guys that are making trouble have at one time used every IP in the pool and there is nothing I can do about it and my ISP is lazy- I can just leave.
So I'll just do nothing for now and check to be sure my blacklist doesn't get worse.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 12:28 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  362
jegesq  117
L&LD  113
john9527  97
huotg01  87
stevech  87
azazel1024  82
htismaqe  69
watusi  65
ColinTaylor  47
RMerlin  6553
john9527  526
stevech  358
ryzhov_al  298
TeHashX  263
L&LD  256
RogerSC  207
sinshiva  150
sfx2000  138
hggomes  137
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  21678
Old Why not...  9303
Old ASUS RT-N66U...  7251
Old Why ASUS?  2697
Old Remote...  1857
Old OpenVPN...  1843
Old Whats going...  1570
Old The future...  1556
Old Trouble...  1447
Old CUSTOM/FORK...  1366
Old Asuswrt-Merli...  159
Old Why not...  81
Old Remote...  50
Old Whats going...  37
Old CUSTOM/FORK...  27
Old ASUS RT-N66U...  26
Old The future...  26
Old RT-N66U...  26
Old Extension...  26
Old OpenVPN...  25


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.