Hello, some of my accounts got hacked i start enabling 2FA. i wonder if my Forwarding played a role and if the hacker could access my router and bridge settings and edit/add rules.
Ports 0-65535 TCP and UDP
Best regards.
Update your ROS to latest version and change admin password.
Regards.
change the username too…
Incorrect advice, first we dont know what firmware he had to begin with so its an assumption not fact if his firmware is or is not up to date.
Secondly, if there is hacked firmware the only ‘safe’ method for an update or reset is to dowload a clean copy of the latest firmware and apply it via netinstall!!
As to the setup, it appears you have attempted to create a “DMZ” to one of your PCs. Basically forwarded all ports to one device.
In general thats a urine poor idea for any config. Why was it necessary???
In addition it is not clear if you segmented that computer from accessing any Router Resources (input chain) or any other LAN devices (filter firewall).
Without seeing the whole config, it would just be more speculation which is teat useless.
I didnt dowload a clean copy but i closed trhe ports he cant log in i guess
Why do you think someone hacked in?
Your log shows only failed logins due to your poor firewall. You should rethink your firewall and running services.
To not get anymore these logs, go to IP → Services and limit the access to local network or disable that you don’t need.
Regards.