How to prevent hacker hacking into computer thru X-box

Happy Hopping

Happy Hopping

Supreme [H]ardness
Joined
Jul 1, 2004
Messages
7,848
i have seen more and more cases of people playing online games, and these co. posts the users IP addr., then hacker grabbed those IP addr., hacked into the wireless router, and as we know, the password is "admin" and you guess what happens next.

So besides changing the password of the router, is there a pre-emptive way to stop this from happening in the 1st place?

Is there a web site that has a check list on prevention?
 
Ummmm, 1st off I`d go with changing the default user/pass combo on the router.:confused:

Also, by default, from the models I`ve had anything to do with, even the default firmware has an option in there to block WAN side admin, I think that is set by default too, also there`s usually an option to not respond to ping on WAN.
 
Happy Hopping said:
i have seen more and more cases of people playing online games, and these co. posts the users IP addr., then hacker grabbed those IP addr., hacked into the wireless router, and as we know, the password is "admin" and you guess what happens next.

So besides changing the password of the router, is there a pre-emptive way to stop this from happening in the 1st place?

Is there a web site that has a check list on prevention?
Click to expand...
1st, wtf kind of site are you going to that is posting your IP?
2nd, wtf is so valuable on your machine that a hacker might know about that would prompt him to hack you in the first place? Most hackers hack something for either money or notoriety, which means some big name site or a store front where they can steal credit card numbers.
3rd, I haven't ever seen or heard of any hacker worthy to be called a hacker even bother with a home machine. If a home machine gets hacked, it is usually done with a virus that the home user has to download in the first place (making it part of a larger botnet), or its their script-kiddie teenage neighbor learning to hack WEP WiFi encryption so they can look at some porn.
 
That's because a lot of retards don't want to learn how to properly do port forwarding...so they put a computer or gaming console in the "DMZ" of the router. Which is suicidal! All 65,000 plus ports of the computer are exposed to the internet. And whatever ports the XBox's have.

It's much smarter and safer to learn what minimal ports you need to make the services (such as a game) available on the public side..and do proper port forwarding. Thus only those ports are exposed.

I've not read of many exploits which directly attack and break into game consoles. From what I've read...the VAAAAAST majority of hacked systems are...because the kid went and found cracked games somewhere..downloaded em..and used them. Yup..."poisoned content"..just like getting stuff from p2p/torrents...those free songs, free movies, free software...lol...gotcha!
 
this is just a home network w/ linksys wireless router, and 3 machines, plus that xbox.
 
Errrr I would go with changing the password, and FOR SURE the WAN admin port...

Not changing the default password is suicidle. And so is having the admin interface on the outside. Even with a strong password, it will eventually get guessed.

If the Xbox has any exploits that allow someone to connect to one of the ports and gain access to your network, I would also look at putting the xbox on a separate vlan.
 
I can't help but think this type of attack is extremely rare and almost never happens. Having a router with admin interface on the WAN by default is rare by itself. Almost no manufacturer allows this.

Also, even setting an Xbox as a DMZ host is probably pretty harmless. As far as I know the Xbox networking/OS or its software's netcode have never been exploited.

Getting an IP and doing a DoS with bandwidth/states is the limits of your usual Xbox script kiddie.
 
As I have to tell most of my customers 'overly' concerned with security....

"Ermmm look, you really don't have the type of data that Tom Cruise is going to come through a skylight on a wire to get!"

After that they realise and we setup the basic measures to make a safe environment.
 
Very unlikely.
People who report these xbox hacks are most likely hacking games and getting their systems messed up because of this.

Also why DMZ an xbox?
 
thedocta45 said:
Very unlikely.
People who report these xbox hacks are most likely hacking games and getting their systems messed up because of this.

Also why DMZ an xbox?
Click to expand...

because you dont know how port forwarding works.

i have never heard of anyone hacking into a xbox, to hack into your computer. you know how easy it is to hack into a computer, why bother trying to hack into the xbox to get to the computer?

say your trying to break into a place. one door has one lock and the other door has two locks. what door are you going to try to open?
 
When I had an xbox I just put it on the DMZ. Was never really concerned about it :D
 
tricky0502 said:
i have never heard of anyone hacking into a xbox, to hack into your computer. you know how easy it is to hack into a computer, why bother trying to hack into the xbox to get to the computer?
Click to expand...

it's not the Xbox itself. From what I gather, a lot of online Xbox game web sites posted the alias name of the user, and his/her corresponding IP addr. So now the concealed router IP addr. is exposed.

The hacker then simply go to that IP addr., login by typing "admin" as user name or as password
 
Happy,

The vast majority of home routers do not allow the type of exploit you are describing. For this to work, the admin interface of the router would have to be on the WAN (Internet for simplicitys sakes) side, and frankly, no one makes routers configured like that by default. Yes, there are options to allow it, but anyone turning that on and then NOT changing the default username and password of the router.... well basically they deserve everything they get.....
 
What reason would you have to port forward anything on an xbox?

Also what everyone else said you would have to have the remote administration turned on for your router. That or the person would have to know you ISPs daily login to access your network.

In either event very very unlikely. This thread makes me lol because my gf son is constantly complaining about hackers on xbox live.
 
hey, at the end of the day, I don't have any game console, this is just a few of the clients that I see lately, as recent as Wed., and in ea. case, online games of kids in the house are involved.
 
The best way to protect the rest of the network from the xbox is to put it into a separate vlan (and subnet) and block any access from that subnet to the rest of the network and to the router itself and ony allow traffic from/to the internet. This is actually refered to as DMZ, but the default settings on a lot of routers are poorly set. Usually the machines in the DMZ can be accessed from the normal zone, but in this case even that access can be disabled. What should be avoided is the "exposed host" setting on the router, which routes any port from the WAN interface of the router that is not used otherwise directly to that host. VLANs are problematic for a lot of home networks as only smart/managed switches sopport them. Alternatively a separate ethernet port on the router can be used. Only using a different subnet is not safe, as the intruder can change the IP of the xbox to place it in the normal zone.
 
Happy Hopping said:
hey, at the end of the day, I don't have any game console, this is just a few of the clients that I see lately, as recent as Wed., and in ea. case, online games of kids in the house are involved.
Click to expand...

How do you know they are being hacked through the XBOX or router itself and not just their infected Windows machine?
 
Red Falcon said:
How do you know they are being hacked through the XBOX or router itself and not just their infected Windows machine?
Click to expand...

it's not a virus infection. My client actually see the mouse moving, clicking things on the screen, but my client's hand is not on the mouse.
 
omniscence said:
The best way to protect the rest of the network from the xbox is to put it into a separate vlan (and subnet) and block any access from that subnet to the rest of the network and to the router itself and ony allow traffic from/to the internet. This is actually refered to as DMZ, but the default settings on a lot of routers are poorly set. Usually the machines in the DMZ can be accessed from the normal zone, but in this case even that access can be disabled. What should be avoided is the "exposed host" setting on the router, which routes any port from the WAN interface of the router that is not used otherwise directly to that host. VLANs are problematic for a lot of home networks as only smart/managed switches sopport them. Alternatively a separate ethernet port on the router can be used. Only using a different subnet is not safe, as the intruder can change the IP of the xbox to place it in the normal zone.
Click to expand...

I change the login password of the router (It's a Linksys WRT54G). I change the no. of IP address allow range to 5 instead of 50 being the default.

I don't know how to set up a "separate ethernet port"? Are you talking about hard code a manual set IP addr. from the xbox to the wireless router?
 
Happy Hopping said:
it's not a virus infection. My client actually see the mouse moving, clicking things on the screen, but my client's hand is not on the mouse.
Click to expand...

So the "hacker" took control via bot or malware, opened the necessary port(s) and protocols, and now controls the user's system.
It doesn't have to be a virus to take control of someone's system.

That also doesn't mean it's being controlled through the XBOX, I'm sorry but that's a bit silly for anyone, especially a hacker, to go through all of that trouble.

Also, if this is happening while the XBOX is turned off, I've got news for you...
 
Happy Hopping said:
I change the no. of IP address allow range to 5 instead of 50 being the default.
Click to expand...
That makes little, if any, difference at all.
If the hacker is going through the LAN via wifi, then I highly suggest enabling MAC address filtering + WPA2 encryption.


I don't know how to set up a "separate ethernet port"? Are you talking about hard code a manual set IP addr. from the xbox to the wireless router?
Click to expand...
It's called a 'static IP', and yes, you can do that, but again, it makes little difference.
If their desktop is infected with malware/bot/virus/etc, then moving around IP addresses, especially with the XBOX, is going to make zero difference.

You need to focus less on the router now and more on the infected system.
It's really not that hard to take control of a Windows-based system through port 80 or 8080, so blocking other ports on the router may not necessarily make a difference; assuming this is the port the 'hacker' is using.

Seriously look into what AV and anti-malware software their system is running, and then we can go from there.
 
Most users does not have static IP, as that costs extra $ on a monthly internet bill. So even if it makes a difference, they are not going to do it. They rather have people like us fixing the problem.

When I downsize to 5 IP addr., and they have 2 laptop, 1 desktop, 1 Xbox, and 1 ??, should fill up exactly 5, so even if there is some1 try to hack it, he has no IP addr. to get access to.

Anyhoo, having that new router password, does that block access thru port 80 or 8080? I don't know how to do any hacking, so I can't guess what the hacker have done
 
1. If the mouse is moving on its own. You have some sort of malware or infection. Scan the system with malwarebytes, and TDSkiller. ComboFix if you really want to.
2. If you don't find anything reformat.
3. Knock out the router and reset it to factory defaults.
4. Set up the router make sure remote access is disabled. Change the password for admin. Use a password like: Horsecarbatteryapple or some such nonsense that is easy to remember but hard to hack.

You could check firewall rules on the infected computer, and block all access.

IMO reformat to be safe.
 
Hrmm you might want to get someone with some base networking skills to come in to help them.
 
Happy Hopping said:
Most users does not have static IP, as that costs extra $ on a monthly internet bill. So even if it makes a difference, they are not going to do it. They rather have people like us fixing the problem.

When I downsize to 5 IP addr., and they have 2 laptop, 1 desktop, 1 Xbox, and 1 ??, should fill up exactly 5, so even if there is some1 try to hack it, he has no IP addr. to get access to.

Anyhoo, having that new router password, does that block access thru port 80 or 8080? I don't know how to do any hacking, so I can't guess what the hacker have done
Click to expand...

OMG...

I wasn't talking about the WAN Port or modem having a static IP, I was talking about the devices on the LAN ports and answering your "set them to a manual address" question.
Setting up static IP addresses on the LAN does not cost additional money, but in answering your question from before, it also does nothing to help the situation.

Yes, an outsider can still access their router and their systems, even without additional IP addresses, so setting them up with just five IP addresses is absolutely ridiculous and they will have problems later on if they try to connect any more devices; you need to use MAC filtering + WPA2 encryption on the wifi/wireless, as I stated before, if you want to prevent this with some degree of certainty; the LAN ports do not require this.
Once again, as I said before, this does nothing to help the situation and changes nothing; if an outsider really wants to get on the router, they most certainly can by simply bumping one of the other connections; one does not need to be a 1337 haxor to do this, it is fairly simple. :rolleyes:

No, having a new password on the router does not block access through port 80 or 8080, those are the ports for HTTP and HTTP Web Caching or proxy servers.
Do you even understand what setting that password does? Or even anything we have been saying to you???


Not to be mean, but I seriously suggest you hire out to a 3rd party who knows something about basic networking and system security, considering even the most basic info we have given you is obviously way above your head.
 
Last edited:
You must log in or register to reply here.
Back
Top