Disclaimer: I am not a coder. It all reads like Chinese to me. This is my first day here and first post.
But I am a victim of repeated hacking. I will be moving onto router 7 since the last 6 months.
(1 Arris G34, 2x Arris G36, 1 Gryphon AX, now 2x Opal 1200 Gli.Net).
They initially targeted features like Parental Controls, now they are moving into my security cam systems, phones and laptops.
Current setup: 2 Opal 1200, daisy-chained, running 4.7.2 firmware. One as a VPN client for ioT devices, the other no-VPN for regular stuff (I have personal VPN on my computer), but with WPA3 security. I love the OpenWRT system. Makes me feel like I have a fighting chance, rather than have my hands tied together like with a closed system.
But, I understand not much. The terminology is alien, and people assume way too much background knowledge.
In a nutshell my question is "how many ways are there into a router, and how do I close those doors so only I can get in?"
So far for SSH entry I have (1) deleted Dropbear, (2) moved port 22 entry to a different number, (3) hopefully shut down SSH through a number of ways (a) The LuCI GUI, (b) a puny attempt at coding I got from the internet, basically to turn off SSH, close the interface, and mask SSH completely. I put that code in the "init" startup boot box thingy (in LuCI) so it goes through it every time (just in case).
For Telnet all I could do was tell the router to drop any communications to/from those ports involved. I also did that with a whole bunch of ports for various external entrypoints (e.g. Samba4) I read about online.
I also downloaded Snort. However, have no idea how to turn it on or configure it. There seems to be no web-based way to do that.
I also blocked zero Mac-IDs (00:00:00:00:00:00) on my SSID interfaces which can be used for ARP-poisoning (I am an IpV4 user. Cannot use IpV6 with VPNs). And turned off WDS access ponts, choosing regular Access Points. And randomize the MacIDs of the SSIDs with every power restart (which happens daily).
However, they seem to have activated WPS on my routers (it normally lays dormant in Opal), which I know is a hacker's dream. I have literally no idea how to turn it off. If anyone can make a step-by-step YouTube for beginners that would be cool). And I think they are editing my system logs now to try and cover their tracks (I try to fight back. I moved the port from 514 elsewhere, and switched to TCP rather than UDP, and increased the size 10-fold to 640kb). I also just downloaded "syslog-ng" today for more in-depth log reports. But have literally no idea how to get the logs out of it. Like, where to go or what to type where.
I also deleted the Repeater module, and shut down SMS modules, and the Cloud modules. If it has anything to do with remote entry, I want it gone.
I also create alphanumeric passwords around 30 characters long. I save them nowhere but a little book I take with me everywhere. Books cannot be hacked. I only enter the web GUI on a wire to avoid putting passwords out there over WiFi.
But I keep reading about more ways in all the time. Now there is something called JSON-RPC which I have no idea how to stop, as the module for that is a kernel one.
And I read that CLI can still happen, even without SSH. Darn. How to stop that?
Some tips you may be able to give, also:
• How to turn off promiscuous mode (in case I am being Wiresharked)?
• How to turn off WPS once it is on? There is no web-interface for that on firmware I have.
If it is code, where do I type that? (talk to me as if I am a baby, rather than assume too much knowledge). All I know is the Gli.net interfaces and that is about it. I can perhaps do SSH on Mac Terminal (but would need to switch SSH back on for that).
I am being totally hammered by hackers. That was why I got the Opals. They are 1/10th the price of other routers (like, 30 bucks each) so I could toss them easily without any financial sting.
But I want to move up to stronger ones like Flint 3, or Slate 7. Opal WiFi is too weak to get outside, and no way am I using repeaters or access points. I want 1 single access point - the router. And nothing else.
Thanks for your time reading this. Sorry it went on a bit. I am desperate.