Recent content by firecracker

Since I disabled AiCloud, changed my DDNS registry, and rebooted my router I have not seen the issue again. It's only been 24 hours or so though. I also disconnected the HDD that I had attached and gave it a deep scan with Avira and Malwarebytes. No detections. I'm guessing that the malware...

No SSD here. Spinning rust attached to mine.

Good that they changed it. Ever since I've been using ASUS routers that feature was enabled when I first set them up. EDIT: See my previous(above) post

They were enabled by default and I have disabled them while troubleshooting. Didn't matter much to me as I had never actually used them. We have found that this issue is quite widespread at this point and due to malware. EDIT: I don't know how it was enabled since I don't remember doing it...

It's not solved until ASUS patches the hole allowing reinfection. I've been posting in that thread as well.

This is from June and I was already running that firmware.

I'm running stock ASUS firmware, not Merlin. Yes, it's enabled by default. EDIT: I don't know how it was enabled since I don't remember doing it myself. I've only ever seen it enabled on this router and the last 2 ASUS routers I've had during the previous 12+ years. Everyone else seems to not...

My "System" page does not have that option. Running stock firmware, not merlin if that helps.

I did this and nothing was returned. Simply moved to the next line with another prompt.

No problem. I wasn't using AiCloud, but I just disabled it as well as AiProtection. SSH or anything else was not forwarded all along.

Here you go.

I can vouch for Mikrotik. We use them for all of our clients in my day job. A bit of a learning curve to get comfortable with the RouterOS(Mikrotik) though.

It hasn't happened again since about 10AM today. I found a strange entry in the log file though. Any idea what "Tainted" means in this context? Also, first time I've seen "sshd" in the log file as well.

Hi Jon, Good to hear! How long have you gone without the issue reoccurring?

The output was too long for the post. I have attached the output in a text file.