Network analysis

2 minute read

There’s been some malicious seeming traffic on the home network, in this post I go and detail what happened, as it is a long story I will try to keep it brief, and try to explain what happened and what was more likely the cause.

The start

It was December 2020 was doing Advent of Cyber 2 on TryHackMe, then I thought it was fun to scan our home network. I did so, but nmap showed some odd ports open on devices, such as which I hadn’t seen open before. I tried hard to figure out what those ports were for. I also discovered SSH was running on TV set-top-boxes and a bit more, including the superuser login for the home router, but that was longer ago and included some of the steps detailed here, as I had figured some stuff out on my own:

Above mentioned blog with the steps for getting superuser on the router

Also I scanned the whole home network, and running services on my device using Microsoft Sysinternals tools and nmap. Which may have been unnecessary though. Part of the output from that is visible below:

The continuation

However, suddenly I started to see vulnerable devices everywhere, beginning with the solar panel stuff, which was why I disabled network access back in March or April for that device. The family member whom owned the device, wasn’t happy with that and I ultimately turned it on again. But still, the network was vulnerable I thought, I was thinking out doom scenarios, thinking out what ifs, connecting my devices insecurely out of fear. After the connecting out of fear, I reset my devices, but I lost access to 1 email account due to a failure in setting up 2FA.

The Cause

Some time around that time I had an appointment at my psychiatrist, because it’s clear you cannot be into computers and security without being neurodivergent (bad joke, I know). I figured out during an appointment that I was having some mental issues, which I won’t detail about too much. But I found out I tend to become somewhat paranoid as part of one of my mental health struggles when not on the right medication/using medication on time. I dd buy my own router, which segments the home network from my own subset of the network. The network device I bought is an Ubiquity Unifi Dream Machine, and it’s really good so far.

The Dream Machine by Ubiquiti

So all in all, even when I am in some bad situations, good can come out of it. Also I can’t wait until the next post. See you then!