How to check if my n66u is sending SPAM

Discussion in 'ASUS N Routers & Adapters' started by enewmen, Feb 28, 2013.

  1. enewmen

    enewmen Occasional Visitor

    Joined:
    Aug 19, 2012
    Messages:
    33
    Hi all.

    I got blacklisted in a few places. Maybe because my PC is sending out SPAM (educated guess).
    How to check if there is some virus sending out emails?

    Currently I have no SMTP installed and I only use online Hotmail & Gmail.
    I also did a full malware check, virus check, defender check, etc. Found nothing. I can de-list, but it will really suck if I got listed again and don't know why.

    So, the point is, if ANY email is being sent out of my WAN IP address for ANY reason, it should be in some router log. In a N66u, how do I find this and read it?

    thanks!
     
  2. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    12,683
    Location:
    Canada
    You could always enable full packet logging, but chances are you won't be able to figure out what is truly going on through the log spam.

    If you are 100% positive your computers are malware-free, then make sure your wireless is configured with WPA2 and a secure wireless key. To be sure, also change that wireless key.

    Do NOT use WEP under any circumstances. And if possible use WPA2-AES instead of WPA-TKIP.

    Make sure to check both 2.4 GHz and 5 GHz bands.
     
  3. enewmen

    enewmen Occasional Visitor

    Joined:
    Aug 19, 2012
    Messages:
    33
    Yes, I am 100% sure I'm malware free - so the scanners say.

    I also have WPA2-AES with a very secure password.
    Actually, I'm more worried about the millions of anonymous attacks coming from the DSL line than the granny next door hacking my wifi wireless connection.

    Maybe I need to log every port (full packet logging) and create a huge log text file I can search for keywords later. What are the keywords??

    I'm using DSL with a dynamic WAN IP from a pool of addresses. Maybe the problem is someone and the is nothing I can do.
     
    Last edited: Feb 28, 2013
  4. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    12,683
    Location:
    Canada
    All the log will tell you is which IP communicated with which port, and the timestamp.

    Could also be that you are using an IP that previously belonged to someone who had malware. Try turning off your Internet access for 5-10 mins and turn it back on, with hopefully a new public IP. (Assuming you do have a dynamic IP).
     
  5. huotg01

    huotg01 Senior Member

    Joined:
    Feb 3, 2013
    Messages:
    420
    Location:
    Montreal
    Could you tell us more about your situation ? Who is in fact informing you that you are blacklisted ? What are the messages ? What are the things you cannot do because you "are blacklisted" ? Just to start...

    GH
     
  6. enewmen

    enewmen Occasional Visitor

    Joined:
    Aug 19, 2012
    Messages:
    33
    Here you go: from http://whatismyipaddress.com/blacklist-check
    What I can't do is use many Forums - the Admins told me I my IP is blacklisted. Luckily I don't have trouble on this Forum.
    Thanks for the help!

    -->The screenshot
    [​IMG]
     
    Last edited: Feb 28, 2013
  7. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    12,683
    Location:
    Canada
    Just change your IP like I mentionned. Chances are a previous user of that IP got it blacklisted, and your ISP isn't very proactive in getting their IPs delisted.

    A lot of those blacklists will tell you the date and time of the blacklisting BTW. That would confirm whether it was blacklisted by you, or a previous user.
     
  8. huotg01

    huotg01 Senior Member

    Joined:
    Feb 3, 2013
    Messages:
    420
    Location:
    Montreal
    Better to do what RMerlin suggests, but "for fun", using http://whatismyipaddress.com/blacklist-check
    try to change the last 2-3 digits of the IP address listed in the CheckBlacklists field. You will then see if your ISP is laszy and has a bigger problem...
     
    Last edited: Mar 1, 2013
  9. enewmen

    enewmen Occasional Visitor

    Joined:
    Aug 19, 2012
    Messages:
    33
    Again thanks for the help guys, even though this thread is loosely related to the n66u.
    People seem confident that if the malware & virus scanners can not find anything, my PC should be clean.
    I'm guessing the guys that are making trouble have at one time used every IP in the pool and there is nothing I can do about it and my ISP is lazy- I can just leave.
    So I'll just do nothing for now and check to be sure my blacklist doesn't get worse.
     

Share This Page