Router's settings keep getting changed without my knowledge

johnderick_32

Commendable
Jul 14, 2016
1
0
1,510
Am i in the right forum? If i'm not, apologies, it's my first time posting here :)

Here's my problem.

I have a Prolink H5004n ADSL router that i got from my ISP (PLDT), and it has been working great for about 3 years now. Since last year, i changed its DNS servers to OpenDNS and so far it's been great - until this monday. I've been at the house all day, and by evening my iPad and phone suddenly lost connection to the router. When i accessed the router's web config, it's SSID has been changed to 09125919707PW76 (it's supposed to be PLDTMyDSL). It's security settings were modified also - same password, but different encryption algorithm. From WPA2 (AES) it became WPA2 (Mixed). The router's bands have been changed also - i always set it to N, but it became B+G+N. DNS servers were also no exception - From OpenDNS servers it became 103.253.25.209 and 8.8.8.8. These were not my ISP's servers since theirs usually start with 124, and also these were manually set DNS servers, not automatically obtained from ISP

So i reset the router and configured everything again - only to find out that my configurations were changed 5 minutes later! I was really puzzled. I checked the logs and some of the entries say "admin telnet login successfully" and other failed attempts to logon to the web config page. Being the security freak i am, i changed the wifi password to a more complex one. But my configuration was still being changed.

I am really puzzled. I already tried suggestions from the internet - changing my router's ip address, mac address blocking, made sure router's firmware is up to date, disabling telnet, ftp, and other services that may expose my home network on the WAN side, changing my web config page's password, changing my wifi's password, virus scans on every gadget on our home (none found).

I ruled out every possible thing that could have changed my router's settings - uPnP, secondary router at the home's ground floor, CCTV's internet settings, etc.

It couldn't be my family since they don't know the web config page's password.

What do you guys think could be the problem?
 
Solution
Use WPA2 encryption for the wireless key if possible (and if all your WiFi devices support WPA2) as that's much more difficult to crack. The old WEP encryption, if that's what you're currently using, is child's play to crack these days with easily obtainable hacking software.

If it's an ISP-supplied router I would consider buying a third-party replacement. I don't use any ISP-supplied equipment, prefer to buy my own, mainly because the free stuff lacks advanced configuration options and most have a weak hardware firewall or even no FW at all.
Use WPA2 encryption for the wireless key if possible (and if all your WiFi devices support WPA2) as that's much more difficult to crack. The old WEP encryption, if that's what you're currently using, is child's play to crack these days with easily obtainable hacking software.

If it's an ISP-supplied router I would consider buying a third-party replacement. I don't use any ISP-supplied equipment, prefer to buy my own, mainly because the free stuff lacks advanced configuration options and most have a weak hardware firewall or even no FW at all.
 
Solution