Greetings!
I am hoping someone on this forum can help me understand what went wrong.
I recently set up a PC at home for my security camera system, the system runs windows 10 and a DVR application. The network is connected to an ASUS-RTAC68U, which is in turn connected to a Comcast modem. Since I want to monitor the cameras remotely, I set up a VPN because I do not want to deal with security issues related to port forwarding. In order to get it to work I had to bridge the Asus and the Comcast modem (I use the DDNS service built inside the ASUS router.)
.
I use OPENVPN on my iphone and it worked great for a few days. I MUST have done something wrong because last night I was no longer able to connect via VPN (while I was away from home)- when I got back home I found out that my VPN settings had changed and the login/passwords were changed. I downloaded the log from the router (see attached).
I replaced the "intruder's" IP address with "RUSSIANIP" and I replaced mine with "MYIP".
Since then I have made the following changes to the ASUS configuration:
1. Disabled SSH
2. Disabled UpnP
Any idea on what happened based on the log? I would like to understand what the hacker did? I have been studying this forum and found it very helpful but I am a newbie & I really need help/guidance. Any help would be greatly appreciated... What can I do to improve the security of my firewall?
I am hoping someone on this forum can help me understand what went wrong.
I recently set up a PC at home for my security camera system, the system runs windows 10 and a DVR application. The network is connected to an ASUS-RTAC68U, which is in turn connected to a Comcast modem. Since I want to monitor the cameras remotely, I set up a VPN because I do not want to deal with security issues related to port forwarding. In order to get it to work I had to bridge the Asus and the Comcast modem (I use the DDNS service built inside the ASUS router.)
I use OPENVPN on my iphone and it worked great for a few days. I MUST have done something wrong because last night I was no longer able to connect via VPN (while I was away from home)- when I got back home I found out that my VPN settings had changed and the login/passwords were changed. I downloaded the log from the router (see attached).
I replaced the "intruder's" IP address with "RUSSIANIP" and I replaced mine with "MYIP".
Since then I have made the following changes to the ASUS configuration:
1. Disabled SSH
2. Disabled UpnP
Any idea on what happened based on the log? I would like to understand what the hacker did? I have been studying this forum and found it very helpful but I am a newbie & I really need help/guidance. Any help would be greatly appreciated... What can I do to improve the security of my firewall?