One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

1Patriciann · ‎08-26-2010

I have been working for weeks to undo what I have done to my router/laptop settings. The FBI issued a warning how we, the 'average', everyday, 'no-nothing' computer user hooked up the WWW was at risk as most of us are unaware of the security issues. I am trying to educate myself on these issues, which was as close to non-existent as is possible without actually being in the negative rage. I learned how to access my 2wire 3800HGV-B router from my Windows 7 Home Premium 64 bit computer and to actually resent a custom security key along with setting up the more advanced WPA2 security along with entering in a custom system password. I ventured on over to the Firewall settings and had a look around. On the, "Applications, Pinholes and DMZ" under the "1) Select a computer" with my Ethernet along with my wireless listed. I 'thought', and this appears to be the issue, that I was supposed to select a computer for this, NOT KNOWING WHAT 'THIS' WAS or anything about it. Nothing was selected before I clicked on my computer listed and that is when my life changed and I have been attempting to learn what I did and how to UNDO it ever since. I understand my router has set my laptop to DHCP/NAT mode and I am 'attempting' to learn about this and what it means. I have only my laptop running Windows 7 Home Premium to connect to the 2wire router to use as a wireless connection to the WWW - and nothing more. How do I 'back out' of this selection and go back to my 'simple' life of being 'non-selected' for this DHCP/NAT configuration and just what changes did the router map/make to my computer where when I reset the router, SEVERAL TIMES, it READS the settings it wrote to my laptop back into the routher and re-establishes the DHCP/NAT selection. AT&T uverse high speed internet support even thought perhaps it was the router which was the issue and sent me a replacement router which READ the exact same settings and set me up as what was WRITTEN to my computer by the other router.

Sorry I'm such a 'no-so-little-trying-to-learn-more' user but here I am attempting to educate myself and move from the 'DARK AGES' into the light of internet connectivity and SAFETY. It sometimes feels as if I am attempting to disabled a 'bomb' as my laptop is used for email and banking and if HACKED could be a real issue. Lack of sleep and a really bad case of weeks of exhaustion from trying to teach myself the 'what, why, and how' of all of this - YIKES - I'm exhausted!!!

Thank you for any help/education provided. I, at least, no longer feel as if I have accidently activated the 'end-of-the-world' sequence from pressing the 'dooms-day' button. Newbie’s learning from scratch is 'interesting' and I hope to one day, VERY SOON, look back and have a good laugh at all of this. I even reformatted my hard drive four times thinking it was some kind of software change - just really sad at this stage.

:-)

Computer-Joe · ‎09-19-2008

Well, you were doing good up to the point you started mucking with the firewall and DMZ.

DMZ basically bypasses most of the routers security and exposes your laptop directly to the internet.

Do a "factory reset" on your router (push and hold the reset button for 20 seconds), then set up (resecure) your wireless by changing it to WPA2 with AES encryption, changing the SSID (name of your wireless network) and wireless key (password for wireless network). After saving the settings for the wireless, change the router access password.

You can also turn off the SSID broadcast as an extra measure, but you will have to manually configure your laptop to connlect to your router. When you see the pop-up on your laptop that says there are available networks and you open it, there will be a list of available networks. Your close neighbors will see the same list. If you turn off your SSID broadcast, your network will not show up on those lists.

__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

1Patriciann · ‎08-26-2010

The AT&T tech fellow just left a bit ago. We reset the router, as I have already done more than 20 times, and when it rebooted it READ the changes it made to my computer and set everything back up the way it was without any input from me or the AT&T technician. He understood the situation even less than I did but I will continue to learn about this. I'm in contact with the manufacture of the unit to find out their thoughts.

As painful as it is at times to make mistakes as part of the learning process the learning is going well. When I was asked to select my computer under the 'Applications, Pinholes and DMZ' page 1) Select a computer, I simply followed what I was asked to do and except for that one 'glitch', without a way to deselect that choice, it has worked out very well. I'm beginning to get over my fear of learning about all of this and even have had some good experiences. The FBI warning about our safety forced me to have the willingness to give up the comfort of being a 'passive end user' where I was left to 'hope' that my safety was not at risk when this was not the reality. Many AT&T customers were part of the DNS NameChanger scam and many are not even aware their computers have been infected but the FBI is going to shut down the servers that they put into place to handle the internet traffic that had been misdirected to the criminals and many of those 'end users' are not aware of the situation and when the servers are shut down they will lose internet access and not understand 'why'. I rather risk the mistakes that are a part of the learning process than to remain as a passive end user trusting others with my safety as I don't think that is practical choice any longer.

We will get to the bottom of this and figure it out. :-)

1Patriciann · ‎08-26-2010

Persistence wins the day!!!

I am learning 'netstat' along with 'ipconfig' to allow me to look 'behind the scenes' of what is going on. I even learned how to do a DNS-flush as well as the ipconfig reset. I am even beginning to learn MS 'Powershell' to 'communicate' with my computer as one of the benefits of this 'welcome to reality' experience.

If there is anyone reading this that would help in my effort to diagnose some of these issues and begin to resolve them -- jump in and let us advance my education and arrive at real solutions. There is no going back to my being a 'passive end user' attempting to survive with the false delusions that remaining there would be 'safe' and when the AT&T technician was here knowing less about the situation than I did where resetting the 2wire 3800HGV-B, only repeated what I had done at least twenty times, where it then read the settings it gave to my computer back in setting up everything as it had been before the the reset making it painfully obvious that 'reset' is not the solution but the 'why' of that is unknown as a replacement unit, when booted, did the same reading and configured itself as this unit does at reboot based on changes it has made to my computer -- WITHOUT my doing ANYTHING but the fresh reboot. At least the AT&T technician confirmed that I had been rebooting the unit correctly - there was a bit of comfort in this confirmation and a good first step to finding solutions.

I'm willing to 'learn' were the painful truth is we ALL start off as 'newbies' but who would want to stay a 'newbie' and not learn -- especially knowing the dangers of living in the 'dark ages'? :-)

Computer-Joe · ‎09-19-2008

DHCP and NAT is what your supposed to see. DHCP is how your computer gets it's IP address. The router is a DHCP server, your computer is a DHCP client, your computer asks for an IP address, and the router hands one out. NAT is how your router "hides" your computer from other computers on the internet.

If you did a factory reset as I instructed, and reconfigured the wireless, without touching anything on the "firewall/pinhole/DMZ", you should be as secure as your going to get. Your computer shows up on the list on the "firewall/pinhole/DMZ" page as a computer that can be selected if you wanted to create a special firewall rule to allow traffic through that the router normally blocks. If you had more than one computer, it they would be on that list as well.

__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

1Patriciann · ‎08-26-2010

Here is the picture from the FRESH REBOOT of the router - no adjustments or selection of a computer was made by me and this was automatically selected by the router at reboot:

Fresh router reboot - no selections made by me

Computer-Joe · ‎09-19-2008

1Patriciann wrote:
Here is the picture from the FRESH REBOOT of the router - no adjustments or selection of a computer was made by me and this was automatically selected by the router at reboot:

As I said, because your computer (OHWOW) is the only one on the network, it automatically fills that field because there are no other choices.

Notice below where it has "Maximum protection" selected. As long as you do not change that selection, all should be good.

If you decide, at a later date, to run some software on your computer that requires specialized internet communications (games, bitorrent, etc.), you may have to come back to this page and select a different setting to open the specific ports.

__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

1Patriciann · ‎08-26-2010

When I first went to this page it had listed both my wireless as well as my Ethernet connections. Nothing was selected for the two previous years before I learned the importance of setting a custom password as well as a security key and upgrading the encryption from the WEP that was the default to the WPA-PSK (TKIP) and WPA2-PSK (AES). It was at this time I ventured over to the firewall to learn more about this feature and when I came upon the 'Applications, Pinholes and DMZ' where it requested the selection of a computer. Nothing was selected prior to this for the previous two years and when it requested the selection of the computer and I selected mine I don't know what changed. It is as if I went from a static IP address, perhaps, for my computer to none where the router then began issuing a leased IP address to my computer and this became the default setting for whenever the router is rebooted and communicates with my computer. This is the mystery I have been attempting to understand as to ‘what’ changed between the router and my laptop when I selected my computer as NOTHING had been selected for the two years previous to this event. I’m interested in seeing what happens when I upgrade to a new computer -- when I reboot the router prior to establishing an internet connection and what this selection under the ‘Applications, Pinholes and DMZ’ will read at that time – if it will default back to nothing selected as it had been for the two years prior to my selecting this laptop under that section. I’m just curious as to what changed when I made that selection.

1Patriciann · ‎08-26-2010

I have been learning the netsh commands and did a netsh dump:

This txt file shows the Interface Configuration - which was NOT done by me. What information is contained in this txt file and is this normal and am I safe? Was this created by the router or what created this txt file? I am deleting the ID information for protection reasons.

#======================== # Interface configuration #======================== pushd interface

popd # End of interface configuration

# ---------------------------------- # IPHTTPS Configuration # ---------------------------------- pushd interface httpstunnel

reset

popd # End of IPHTTPS configuration

# ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4

reset

popd # End of IPv4 configuration

# ---------------------------------- # IPv6 Configuration # ---------------------------------- pushd interface ipv6

reset set interface interface="Teredo Tunneling Pseudo-Interface" forwarding=disabled advertise=disabled mtu=1280 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled

popd # End of IPv6 configuration

# ---------------------------------- # ISATAP Configuration # ---------------------------------- pushd interface isatap

popd # End of ISATAP configuration

# ---------------------------------- # 6to4 Configuration # ---------------------------------- pushd interface 6to4

reset

popd # End of 6to4 configuration

# ---------------------------------- # ISATAP Configuration # ---------------------------------- pushd interface isatap

popd # End of ISATAP configuration

#======================== # Port Proxy configuration #======================== pushd interface portproxy

reset

popd

# End of Port Proxy configuration

# ---------------------------------- # TCP Configuration # ---------------------------------- pushd interface tcp

reset

set global rss=enabled chimney=automatic autotuninglevel=normal congestionprovider=none ecncapability=disabled timestamps=disabled netdma=enabled dca=enabled

popd # End of TCP configuration

# ---------------------------------- # Teredo Configuration # ---------------------------------- pushd interface teredo set state type=client servername=teredo.ipv6.microsoft.com. servervirtualip=0.0.0.0

popd # End of Teredo configuration

# ---------------------------------- # 6to4 Configuration # ---------------------------------- pushd interface 6to4

reset

popd # End of 6to4 configuration

# ------------------------------------ # Bridge configuration (not supported) # ------------------------------------

# ------------------------------------ # End of Bridge configuration # ------------------------------------

# ---------------------------------------- # Wired LAN Configuration # ---------------------------------------- pushd lan

popd

# End of Wired LAN Configuration.

Mobile Broadband configuration dump is not supported

# ========================================================== # Health Registration Authority configuration # ========================================================== pushd nap hra

popd # End of NAP HRA configuration

# ========================================================== # Network Access Protection client configuration # ========================================================== pushd nap client

# ---------------------------------------------------------- # Trusted server group configuration # ----------------------------------------------------------

reset trustedservergroup

# ---------------------------------------------------------- # Cryptographic service provider (CSP) configuration # ----------------------------------------------------------

set csp name = "Microsoft RSA SChannel Cryptographic Provider" keylength = "2048"

# ---------------------------------------------------------- # Hash algorithm configuration # ----------------------------------------------------------

set hash oid = "deleted"

# ---------------------------------------------------------- # Enforcement configuration # ----------------------------------------------------------

set enforcement id = "deleted" admin = "disable" id = "deleted" admin = "disable" id = "deleted" admin = "disable" id = "deleted" admin = "disable" # ---------------------------------------------------------- # Tracing configuration # ----------------------------------------------------------

set tracing state = "disable" level = "basic"

# ---------------------------------------------------------- # User interface configuration # ----------------------------------------------------------

reset userinterface

popd # End of NAP client configuration

# ----------------------------------------- # Remote Access Configuration # ----------------------------------------- pushd ras

set authmode mode = standard delete authtype type = PAP delete authtype type = MD5CHAP delete authtype type = MSCHAPv2 delete authtype type = EAP delete authtype type = CERT add authtype type = MSCHAPv2 delete link type = SWC delete link type = LCP add link type = SWC add link type = LCP delete multilink type = MULTI add multilink type = MULTI set conf confstate = disabled set type ipv4rtrtype = lananddd ipv6rtrtype = none rastype = ipv4 set wanports device = "WAN Miniport (SSTP)" rasinonly = enabled ddinout = disabled ddoutonly = disabled maxports = 2 set wanports device = "WAN Miniport (IKEv2)" rasinonly = enabled ddinout = disabled ddoutonly = disabled maxports = 2 set wanports device = "WAN Miniport (L2TP)" rasinonly = enabled ddinout = disabled ddoutonly = disabled maxports = 2 set wanports device = "WAN Miniport (PPTP)" rasinonly = enabled ddinout = disabled ddoutonly = disabled maxports = 2 set wanports device = "WAN Miniport (PPPOE)" ddoutonly = enabled

set user name = deleted dialin = policy cbpolicy = none set user name = deleted dialin = policy cbpolicy = none set user name = deleted dialin = policy cbpolicy = none

popd

# End of Remote Access configuration.

# ----------------------------------------- # Remote Access Diagnostics Configuration # ----------------------------------------- pushd ras diagnostics

set rastracing component = * state = disabled

set modemtracing state = disabled

set cmtracing state = disabled

set securityeventlog state = disabled

set loglevel events = warn

popd

# End of Remote Access Diagnostics Configuration.

# ----------------------------------------- # Remote Access IP Configuration # ----------------------------------------- pushd ras ip

delete pool

set negotiation mode = allow set access mode = all set addrreq mode = deny set broadcastnameresolution mode = enabled set addrassign method = auto set preferredadapter

popd

# End of Remote Access IP configuration.

# ----------------------------------------- # Remote Access IPv6 Configuration # ----------------------------------------- pushd ras ipv6

set negotiation mode = deny set access mode = all set routeradvertise mode = enabled

popd

# End of Remote Access IPv6 configuration.

# ----------------------------------------- # Remote Access AAAA Configuration # ----------------------------------------- pushd ras aaaa

popd

# End of Remote Access AAAA configuration.

# ----------------------------------------- # WinHTTP Proxy Configuration # ----------------------------------------- pushd winhttp

reset proxy

popd

# End of WinHTTP Proxy Configuration

# ---------------------------------------- # Wireless LAN configuration # ---------------------------------------- pushd wlan

# Allow filter list # ----------------------------------------

# Block filter list # ----------------------------------------

popd # End of Wireless LAN Configuration

**************

I'm learning a bit more as I go along.

:-)

1Patriciann · ‎08-26-2010

I've noticed two hidden files on my c drive and wonder if they are suppose to be there and what they are used for?

msdia80.dll

splash.idx

Thanks

mibrnsurg · ‎07-15-2008

Google them to find what they are for.

Edit: http://answers.microsoft.com/en-us/windows/forum/windows_vista-hardware/what-is-msdia80dll-for-and-c...

splash.idx seems to be for Ubantu, not listed anywhere as malware.

Chris

Please NO SD stretch-o-vision or 480 SD HD Channels
Need Help? 1-800-288-2020, After he gets acct info, press # a bunch of times, get a menu from Mr. Voice recognition
Your Results May Vary, In My Humble Opinion
I Call It Like I See It, Simply a U-verse user, nothing more

1Patriciann · ‎08-26-2010

I did Google and came up with loads of answers some confusing and some indicating Malware. That is what made me toss the question out here. Usually Google does it quite well but when nothing is clear and there are conflicting results I am left to wonder and felt it could not hurt bringing it up.

Computer-Joe · ‎09-19-2008

1Patriciann wrote:
I did Google and came up with loads of answers some confusing and some indicating Malware. That is what made me toss the question out here. Usually Google does it quite well but when nothing is clear and there are conflicting results I am left to wonder and felt it could not hurt bringing it up.

If you dig around long enough on your hard drive, you will find thousands of hidden files, (and they're hidden for a reason) and for each of those files you will probably find thousands of hits on google (good and/or bad). If you're running a decent antivirus program with some secondary protection you should not have to freak every time you come across a hidden file.

If your router is configured securely and your operating system and virus/malware protection is up to date, and you use prudent practices when using the web and email you're about as safe as you're gonna get.

Unplug your modem/router and your golden.

__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connection

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio

Re: One laptop; one user (me); one router - 2wire 3800HGV-B - setting up a secure internet connectio