Router refuses to login thru https (secure) though configured as such

[whippoorwill]

Hi Guys,

Recently my Dell laptop was hacked and my iTunes playlists destroyed, though I have a backup. I don't know whether they accessed my mail or did other things.

My problem is, even though I have configured my RT-AX88U to login to the router settings by https, when I enter the router address with https, I get a warning message saying that it is extremely risky, as it is NOT https but just http, and then after logging in, the 'https' word is struck across. The same thing happens on both chrome and edge (see screenshots). Is there a way to rectify this?

Also is there a setting to disable accessing router settings remotely?

I still have no idea how my computer was hacked.

Please help me. Thanks.

 

[bennor]

What you are seeing is expected and normal behavior in the web browser when the router's security certificate hasn't been installed. Have you installed the the security certificate to your browser which is indicated in your screen capture routerlogin2 image"?

"Download and install SSL certificate on your browser to trust accessing your local domain “www.asusrouter.com” with HTTPS protocol. To export certificate after applying setting. FAQ"

[Troubleshooting] How to fix opening ASUS Router WEB GUI appears “Your connection is not private”

 

[whippoorwill]

Thank you so much. After the attack, I reinstalled Windows on my laptop. I am thinking of resetting my wired AiMesh system as well. It is a herculean task which will only be undertaken after an upcoming wedding that I will have to attend. I will be using my laptop sparingly until that time.

Meanwhile, on the link you posted, it gives two ways of adding encryption, and says that the first one, which is to install the security certificate, is only supported by chrome and edge browsers, which means that someone can hop on safari or firefox and the encryption won't be required? So is it better to use 'Let's Encrypt', which is the second one? Please guide me.

Also, though this might not be the proper forum for this question, but as you are a very senior member, do you know if malware could be planted over the internet in a victim's PC's bios or firmware, as opposed to just Windows, thereby rendering a computer formatting useless for the purpose of eradicating the virus?

Thanks.

 

[glens]

I recall back in the days of W95 (and maybe W98?) that one had a 50/50 chance of falling prey within 10 minutes of connecting a new / default-setup computer to a public network.

A complete wipe of the operating system should leave only the possibility the BIOS was messed with.

At least in my experience, Firefox will accept and remember a new "potentially insecure" HTTPS connection to the router. I suppose it "installs" whatever cert it was presented with, but you have to actively choose to proceed the first time.

 

[Tech9]

Please help me.

This encrypted access to your router's GUI from inside the network is useless. Won't increase any security. Your router is also behind another router/firewall. Someone has to hack the router upstream first to get to yours. Security issues happen 99% from inside your network. Something you already let in. Resetting your routers also is unlikely to help. So far without any identified issue you are just wasting your time. This is what I can help you with. Focus on the issue and stop resetting things randomly.

 

[whippoorwill]

Yes, that's what I was thinking, and I had already canceled my plan to reset the routers even before I read your post. I don't even know whether my PC was hacked or just my Apple account, but I remember that I had seen the mouse pointer moving on its own and clicking a button in a program several months ago.

I have Autoplay disabled, don't install programs from unrecognized sources, scan every USB device I connect, and now I have purchased a Bitdefender subscription.

My Dell laptop shows me an 'MBR' and several other 'Recovery' partitions every time I reinstall Windows, and I don't know if malware is sitting there. I asked Microsoft CoPilot if I could delete these, and it forbade me. I don't know what to do, because I have never been hacked in such an egregious fashion ever since I started using computers 26 years ago. With things changing so swiftly, and I am just a standard user, in no way an advanced user, and still have to google or ask for help for certain tasks even after all these years.

Thank you.

 

[bennor]

My Dell laptop shows me an 'MBR' and several other 'Recovery' partitions every time I reinstall Windows, and I don't know if malware is sitting there.

Many if not most manufacturer's Windows laptops will have "hidden" partition(s) which contains a recovery image of the laptop as it was shipped. It allows the owner to recover their laptop back to default "out of the box" configuration. Its very common and one shouldn't be concerned seeing such a recovery partition.

Restore your Computer Using SupportAssist OS Recovery | Dell US

MBR (aka Master Boot Record) is just the disk structure used on the drive in the laptop. Drives, usually older/smaller drives are typically MBR, larger/newer drives tend to be GPT.

MBR vs GPT: What's the Difference And Which Is Better?

This article presents what MBR vs. GPT are and the differences between them, helping you to choose the most proper partition style for your disk.

www.diskpart.com

If you feel your computer has been compromised the first step, preferably from a separate boot disc/boot flash drive, is to run various anti virus, malware and security scanning programs and scan the drive for viruses, malware, root kits, and other nasties. Make sure to use strong passwords both for router access, router WiFi and PC login access.

PS: Example drive structure for a newer laptop and external USB drive attached to the laptop. Note the various normal/standard partitions each drive has (other laptops/drives will have different numbers of partitions, formats or drive structures).

 

[Tech9]

I remember that I had seen the mouse pointer moving on its own

Just a common household ghost. Don't worry about it. Will play around for a while and move to your neighbor. Harmless.

 

[whippoorwill]

I'm still suspicious about my PC. I am attaching a picture of my pc partitions in the disk management app. At the risk of sounding repetitive, is there any way I can virus-check these partitions? Right now Microsoft Defender and Bitdefender only allow me to scan my lettered drives.

(Tech9: It was anything but funny when I saw the mouse move and click on its own.)

Thanks.

 

[Tech9]

This is rather unusual to have so many recovery partitions. I use mostly HP computers and they have one. I have seen two on Acer, DELL and Lenovo, but never eight. I would download the software on portable media, format this drive clean and reinstall the entire system. It depends on how comfortable you are doing this and what software is available for your model. My home use desktop computers don't even have recovery partitions, for example. Deleted long time ago. I never used it and don't need it.

 

[jerry6]

use windows defender offline scan ? Sorry have not used widows in years , but that is what I used back in the day