okay /g/, shit just got real.
About 30 minutes ago i noticed my internet connection was starting to get really shitty (massive speed drops etc.)
I did the usual, reset router (even reboot) but nothing changed.
Just out of curiosity I deactivated wifi and boom I was back to full speed (my desktop is connect over LAN).
The only thing connect via wifi was my phone.
Did I truly become part of the botnet ?
change your router admin password and the access password
>>51266937
>NOT USING A RADIUS SERVER AT HOME
WPA2 with a complex password is hard to crack with brute force. Turn off WPS pairing to limit your attack surface.
Use a mac address whitelist if you are paranoid. It's kind of redundant to run one though since anyone technically sophisticated enough to break into your network could just spoof their address to match one of the mac addresses that was already connected to your network.
>>51266959
I did
>>51267037
WPS has been turned off from the beginning
>>51266937
Use the task manager to see the Network traffic up and down, if they were clever enough to bypass this then follow the advice of the other Anons here.
>>51267037
How would the attacker know what MAC are whitelisted tho?
Unless router security is so shit the router itself transmits them
>>51267087
op here
the router interface listed only my desktop, phone and my sister's laptop as connected at the time.
Might be some shit malware on her machine causing this
>>51267057
If you have changed your password to a complex WPA2 password and are not running WPS then it's unlikely your router is being broken into.
WPA2 is very hard to brute force. It would probably take a while before the attack could reconnect since they would have to recapture your connection handshake and crack your password from the captured handshake. Assuming your password has a strong mixture of varying case as well as numbers and symbols it would be extremely computationally intense to break that via brute force.
>>51267087
Wifi clients broadcast the network they are connect to and their client MAC address.
Aircrack-ng easily does this.
Macspoofers are widely available for Linux.
>>51267170
Try turning your phone off, especially if it's an android botnet.
I had to go fix my mothers net that was completely fucked, wireless had access lists on I'd set up but her phone was just going full botnet.
After I realised what was going on I hard reset her phone and it was fine since.
If its an iphone, it was backing up to icloud. usually causes net slowdown
>>51266937
Someone probably jacked your connection and starting downloading torrents. Select a stronger password, use WPA2, disable WPS.
>2015
>not living in isolated Amazon cave for maximum security
>using wifi
>calling it "wifi"
>g is not tech support
>>51266937
Might be chinks port scanning your router. I had a spell where this was going on for weeks. Made me paranoid as all hell.
Reset router
Set security to WPA2 with strong pass
Turn off WPS
Change network name
Don't broadcast network name
>>51268559
/end thread
>>51267269
you don't need aircrack family
ip link set dev <interface> down && ip link set dev <interface> address NE:WM:AC:AD:DR:ES && ip link set dev <interface> up
disable dhcp on your router and connect your computer to a LAN port on the router, change the router ip to x.x.x.254 set your pc to x.x.x.1, run a dhcp server on your pc and watch packets with with wireshark. figure out where shit's trying to go and where it's coming from.
>>51267269
Macspoofers? This can be done directly via systemd.
>>51268134
I had this too on some point. I was so baffled watching those countless blocked attacks on the router log.
>>51266937
If your router has QOS (which it probably does) turn that on and just have it on default, that should help.
It could be your phone so when its happening try turning your phone off.
I have a similar thing happen whenever my brother comes home and his phone connects to our wifi network. I'm on shitty New Zealand internet and have a shitty offbrand modem/router so that could be why but its worth a shot.
The QOS thing will certainly help and yeah do everything everyone else says i.e change passwords, mac address whitelist if paranoid
>>51268559
>Don't broadcast network name
that just slows shit down, enjoy your drops and skiddie mcgee figures out the name
You're probably not getting hacked it's probably just your ISP throttling your ass.
https://en.wikipedia.org/wiki/Bandwidth_throttling
Have you ruled out the possibility that your router CPU/ram aren't up to snuff?
