A few months ago we struggled to use the broadband. On the front, the 'internet' light was flashing loads, and I couldn't log into the router admin page. Thinking perhaps someone/something, perhaps a bot, had compromised it and was thrashing it sending DDOS attacks to somewhere or whatever owned routers do.
I factory reset it, changed passwords, and it was fine. But tonight it happened again and I had to do the same thing, with the same result - fixed again.
So is it likely that something's owning my router? It could quite possibly a device owned by a neighbour. How can I check this? When it happens I can't even connect because the router seems so overloaded, so examining the connected device list is a bit tricky.
Router model and ISP? Is it their supplied router or one you bought yourself or used from a previous ISP? Get hold of the ISP and see if they’re aware of issues at their end.
Check this https://www.symantec.com/blogs/threat-intelligence/vpnfilter-iot-malware
More likely there’s interference. Someone “hacking your broadband” wouldn’t cause the internet light on the router to flash; this means that it’s dropped its connection to the exchange or green box nearby. Flooding, damaged cables, trees leaning on the line, dodgy electrics, illegal radios etc etc could all cause these problems. It’s unlikely that someone is doing it deliberately unless you’re Jack Bauer or something.
If you have powerline Ethernet adapters they’re possibly the cause. An AM radio might help you narrow down the cause, if it’s in your home, but your best bet will be to start with your ISP who will escalate to Openreach if necessary.
Does restarting it without doing a factory reset and password change help at all?
Not similar, but similar..
My BB dropped out over Xmas year before last, constant low grade signal with the box lights flashing then it would stabilise then drop and so on..
I called Sky who got BT to check the line and it was simple... the BT guys had overloaded the box down the road so joined a whole group of us into a limited number of sockets..
Roll up to last Xmas and the sodding thing did the same again, only this time it was Sky checking lines out on routine maintenance... sending signals down the line to assess speeds and re-calibration etc.
Could be as simple as the above.
Does sound like something you need to contact the isp about... Good luck with that!! 😆
if it's contention, as described above, not sure how that would block you connecting to the router internally- are you doing that via wifi or wired connection?
Someone “hacking your broadband” wouldn’t cause the internet light on the router to flash; this means that it’s dropped its connection to the exchange or green box nearby.
No, there's a different light for the ADSL connection, that's on solid. Also, when it happens, I can't log onto the admin page. Pieces of it load really slowly exactly as if the router itself is overloaded. Same symptoms if I unplug the phone cable (except for the internet light) so it's nothing to do with the downstream connection.
It also was fixed when I changed the WiFi password...
Can you unplug the phone cable, so there's no internet? This may allow you to log on and see if you can see another connected devices.
It’s unlikely that someone is doing it deliberately unless you’re Jack Bauer or something.
Unless they want free internet access, or access dodgy content they don't want registered on their own IP address.
I would notify your ISP to see if they are doing anything with the line. And you should be able to restrict you router to known mac addresses, which would make it considerably harder if someone was free loading onto your router.
Can you unplug the phone cable, so there’s no internet? This may allow you to log on and see if you can see another connected devices.
It still happens when it's unplugged.
As for likely, my thought was that a neighbour's device has malware which is seeking out local SSIDs, cracking the passwords somehow and then using the router for some sort of DOS activity, thereby DOSing my router in the process.
Can you move it away from everyone else. Just plug it into the mains, and see if it still happens, and if you can see anything when you log on to the router.
Or can you remove the Wi-Fi antenna? Sometimes they unscrew.
Seems old that it's flashing when not connected to the internet. Where's all the data coming from?
Or stick a metal box over it, and connect wire a wire.
Quite a lot of home routers do have vulnerabilities which allow them to be hacked. What model of router is it? Also have you turned off the option for access from the internet side (ISP standard settings often default this to on so that they can sort out non-technical customers)
Switch off the WiFi, connect with a cable, what happens ?
Seems old that it’s flashing when not connected to the internet. Where’s all the data coming from
The light doesn't flash, but it still acts as if overloaded.
connect with a cable
You are assuming that, in 2018, I own a computer with an ethernet port.... It's a bit like asking someone to read a floppy disc in 2008.. 🙂 thought had occurred to me but am unable to try it out currently.
Just wondering if anyone had heard of such a thing. Otherwise it's calling tech support and trying to be escalated through a dozen levels of script readings. It's EE btw and a first gen Brightbox.
Having said that, I have a router from about 2010 upstairs I could try.
My BT router is connected to my computer via Ethernet cable, just because I seldom use it, so it’s pointless having it connect via Wi-fi. It is an eight year old Mac Mini though, but I kind of assumed computers still came with an Ethernet port for installations where Wi-fi isn’t necessary, like mine.
My router does occasionally drop out, and the blue light turns green or amber and flashes a lot, which I assume is some sort of diagnostic/house-keeping function. The new version doesn’t do it as often as the previous model did, though.
Otherwise it’s calling tech support and trying to be escalated through a dozen levels of script readings. It’s EE btw
Im with EE and having line/broadband issues, EE contact is surprisingly painless although that's for openreach appointment, not had to go through a tech support scenario yet
It's possible you have a compromised device that's part of a botnet but pretty unlikely and malware such as VPNFilter is out there but again (unless you're in the Ukraine) it's pretty unlikely to be the case here. More likely just to be a dodgy router (if it's ISP supplied they're basically all cheap trash that come free in crackers...) or possibly one of your devices is trying to do a big update and is running P2P stuff.
As others have said, a lot of routers you can check what's connected and whitelist MAC addresses etc. (still not entirely secure but would block a drive-by type compromise - assuming you've changed the default admin password ofc).
