I have a Problem, I use a MT RB750GL 5.24 and today I got an email from my ISP which told me, that someone in my LAN use my I-Net Connection for hacking attacks.
I cannot find anything on my devices, the androids and windows clients were scanned today, 100% no infection or something else.
Is there someone who can explain me, how to find out the infected client?
I found one connection in my connection-list which scares me a little...
and above see my firewall settings...
Code: Select all
2 ;;; Accept established connections
chain=input action=accept connection-state=established
3 ;;; Accept related connections
chain=input action=accept connection-state=related
4 ;;; Drop invalid connections
chain=input action=drop connection-state=invalid
5 ;;; Allow limited pings
chain=input action=accept protocol=icmp limit=50/5s,2
6 ;;; Drop excess pings
chain=input action=drop protocol=icmp
7 ;;; From our LAN
chain=input action=accept src-address=192.168.100.0/24 in-interface=ether2
12 ;;; Log everything else
chain=input action=log log-prefix="DROP INPUT"
13 ;;; Drop everything else
chain=input action=drop