Is it possible to have maliciously changed router software/settings without seemingly using internet without any problems?

cellbm

Commendable
Sep 20, 2016
5
0
1,510
I am not very good at tech stuff, but I am worried that my router could have been compromised since I never had any password on it.

How can I be sure that my router doesnt have any malware or some malware hasnt changed any settings?
 

kanewolf

Judicious
Moderator
When you say "never had any password" do you mean WIFI password or admin login password? If it is WIFI password, then someone could have accessed your network. That is potentially bad because it allows unknown devices behind your router firewall.
Not having an admin password is bad, but someone still has to have access to your network to take advantage of it.
 

cellbm

Commendable
Sep 20, 2016
5
0
1,510

I had some infected files when i used Ubuntu, then installed windows.

I checked, that primary dns and secondary were ones belonging to my isp. But i wonder if router still could be hijacked without showing any symptoms. Is that possible?
 

kanewolf

Judicious
Moderator
It is highly unlikely. There just isn't enough benefit for someone to craft harmful firmware. There are too many different routers. Unless you really make somebody mad, there is little risk. Even then you are more likely to be attacked by a DDOS.
 

cellbm

Commendable
Sep 20, 2016
5
0
1,510
What pieces of information I actually have to look up to make sure the router is untouched?

I know the primary and secondary dns, but what else I need to look for?
 

kanewolf

Judicious
Moderator
Random open ports, UPNP enabled when you don't want it, remote administration enabled. If you are this paranoid, then flash the router with manufacturer firmware and do a factory reset. Then secure it before connecting it to any WAN. Or buy a new one, secure it, and throw this one out. I don't have any magic words to lessen your suspicions.
 

cellbm

Commendable
Sep 20, 2016
5
0
1,510
If i buy new one, whats the risk of being hacked through the new one if its the same manufacturer and model? Since have to assume that any possible spyware would have gotten the machine informations and hence would know all the exploits.