- Jul 14, 2016
- 1
- 0
- 1,510
Am i in the right forum? If i'm not, apologies, it's my first time posting here 
Here's my problem.
I have a Prolink H5004n ADSL router that i got from my ISP (PLDT), and it has been working great for about 3 years now. Since last year, i changed its DNS servers to OpenDNS and so far it's been great - until this monday. I've been at the house all day, and by evening my iPad and phone suddenly lost connection to the router. When i accessed the router's web config, it's SSID has been changed to 09125919707PW76 (it's supposed to be PLDTMyDSL). It's security settings were modified also - same password, but different encryption algorithm. From WPA2 (AES) it became WPA2 (Mixed). The router's bands have been changed also - i always set it to N, but it became B+G+N. DNS servers were also no exception - From OpenDNS servers it became 103.253.25.209 and 8.8.8.8. These were not my ISP's servers since theirs usually start with 124, and also these were manually set DNS servers, not automatically obtained from ISP
So i reset the router and configured everything again - only to find out that my configurations were changed 5 minutes later! I was really puzzled. I checked the logs and some of the entries say "admin telnet login successfully" and other failed attempts to logon to the web config page. Being the security freak i am, i changed the wifi password to a more complex one. But my configuration was still being changed.
I am really puzzled. I already tried suggestions from the internet - changing my router's ip address, mac address blocking, made sure router's firmware is up to date, disabling telnet, ftp, and other services that may expose my home network on the WAN side, changing my web config page's password, changing my wifi's password, virus scans on every gadget on our home (none found).
I ruled out every possible thing that could have changed my router's settings - uPnP, secondary router at the home's ground floor, CCTV's internet settings, etc.
It couldn't be my family since they don't know the web config page's password.
What do you guys think could be the problem?
Here's my problem.
I have a Prolink H5004n ADSL router that i got from my ISP (PLDT), and it has been working great for about 3 years now. Since last year, i changed its DNS servers to OpenDNS and so far it's been great - until this monday. I've been at the house all day, and by evening my iPad and phone suddenly lost connection to the router. When i accessed the router's web config, it's SSID has been changed to 09125919707PW76 (it's supposed to be PLDTMyDSL). It's security settings were modified also - same password, but different encryption algorithm. From WPA2 (AES) it became WPA2 (Mixed). The router's bands have been changed also - i always set it to N, but it became B+G+N. DNS servers were also no exception - From OpenDNS servers it became 103.253.25.209 and 8.8.8.8. These were not my ISP's servers since theirs usually start with 124, and also these were manually set DNS servers, not automatically obtained from ISP
So i reset the router and configured everything again - only to find out that my configurations were changed 5 minutes later! I was really puzzled. I checked the logs and some of the entries say "admin telnet login successfully" and other failed attempts to logon to the web config page. Being the security freak i am, i changed the wifi password to a more complex one. But my configuration was still being changed.
I am really puzzled. I already tried suggestions from the internet - changing my router's ip address, mac address blocking, made sure router's firmware is up to date, disabling telnet, ftp, and other services that may expose my home network on the WAN side, changing my web config page's password, changing my wifi's password, virus scans on every gadget on our home (none found).
I ruled out every possible thing that could have changed my router's settings - uPnP, secondary router at the home's ground floor, CCTV's internet settings, etc.
It couldn't be my family since they don't know the web config page's password.
What do you guys think could be the problem?
Facebook
Twitter