Connected over Wifi, but can't access router's configuration!

[RRIP]

Hello,

I hope I'm doing this right, it's my first time posting something on a forum, so I apologize if I'm in the wrong place...

 

I have a strange problem with my D-Link Modem/Router and looking for some Tech-support... I googled 'tech-support chat' hoping I can find an immediate answer and explanation, at 2 A.M, but didn't find 'chat'...

 

I've always had problems with it, keeps dropping the connection, but lately it's been a mind-f**k... really can't explain it. 

Last week it turned OFF my wifi, and 'locked' me out... I don't use Ethernet, so it was a hassle having to connect to it over cable, just to set it up again... I did reset it, but my wifi was still off, and it's weird because I know in the past I've done the same thing, and by Default, Wifi was ON, like it should be, ready to use... password on the back, or WPS etc...

 

Now however, either it's possessed or my ISP is seriously hacking me!

I found myself disconnected again, and I notice my Wifi SSID names are changed... from "F my ISP!" and "My ISP is sh*t! - 5G" to the default... I immediately go to my gateway, 192.168.1.1, try to log in, and I can't... my 'Admin' and 'F-my-ISP' password don't work anymore!! I press the RESET button on the back, connect to it again, and now the default credentials (admin - admin) don't work either!!! WTF!?

 

Seriously, what now? If I paid a technician to fix it, I don't see what else he'd do... what else is there?

I'm on the router's GUI page, 192.168.1.1, type in the default user/password... and user/password ERROR... I reset it a million times, which should've fixed it... but it doesn't...  what does this mean? The default settings are SET on a CMOS or ROM, right? well... how can that change? can some hack into it remotely... and flash it?? why are my SSID's still default, but my credentials not? whether I connect over wifi or cable, I'm locked out of it! 

 

Can someone temper with it and make it act this way? I mean 'Factory Settings', out of the box! ROM, can't be changed... so why can't I log in with the user & password written in the manual?? I know the credentials as I've used them several times to configure my network, and reconfigured after resetting the unit a bunch of times... 

I seriously don't know what kind of expert support I can get from this... other than get a new router... which is in my shopping cart, been meaning to get a separate router... but then I'd still need to access this ISP garbage to disable its routing functionality and bridge it...

 

 

Thank you for your attention!

[TetraSky]

Press the reset button for a minute.
Sometimes, simply pressing Reset doesn't do a full reset. Pressing it for longer sometimes does "more".

Which router in particular do you have?

Is it provided by your ISP like your post makes it out to be? If so, you'll have to call them to get the credential for it. Because yes, your ISP can change your credentials and wifi access point if they deem it "unacceptable" at their own whim if this is their modem/router combo (they don't like that kind of wifi SSID).

They can do anything they want with it, including issuing an update.

They may have also disabled Wifi config access in an update, for added security (which makes a lot of sense) especially if the default credentials is "admin/admin" and not "admin/randompassword42069.

 

Paying for a tech will do nothing if this is your ISP's modem/router combo. You will have to call them if you want access to it again, if doing a hard reset doesn't work.

What you could do, is simply wire up your own router to the modem, for full control of your own stuff. Your ISP won't be able to touch that.

[RRIP]

Thank you for the prompt reply!

 

1st, I powered off the unit for 1 minute... kept the reset button pressed while I was powering it on... and no lights started to blink until I released it 30 seconds later... I know how to reset it, done it plenty of times.

 

2. Yes, it's the modem/router provided by my ISP... a D-Link something 1600AC... I know the provided combo units are typically cheap/garbage, but never had any need for performance... I don't game, don't stream 4K, just typical browsing, and I only have 2 laptops in the house, so my network is not crowded either, to explain why it would congest and drop the connection...

 

 

WOW, it's shocking to hear that my ISP can do that... I mean... WTF!!

How do I know they haven't hacked into my computers? Stole my online banking/shopping data??  

 

And still, let's say they did that, they changed my SSID so it doesn't broadcast to the whole neighborhood that 'My ISP sucks! I assume there's some Automated command pinged to my device to make it default to the factory settings, or are they accessing the gateway remotely? If so, how are they logging in since I changed the default admin-admin? 

 

And let's say they sent some ping/EMP to reset it, logged in with default credentials, changed them and locked me out...  If I reset the modem again, it should take me to default! Why doesn't it??

 

So, my question... can they change the root/CMOS config?? let's say I disconnect the line to my ISP, and I'm the only one connected to it... I can't get in...

 

 

My ISP doesn't care about my security... I've complained about it plenty... my unit is from 2017, the interface sucks, the last Firmware update was in 2017, no newer ones... and the Wifi password was 10 digits, like '53485973967'... I've changed it to something like H$%&Gd34ge.-/34^#.... 

 

 

[TetraSky]

54 minutes ago, MQL said:

How do I know they haven't hacked into my computers? Stole my online banking/shopping data??  

Theoretically, they could.
Practically, they'd be opening themselves to a massive lawsuit.

 

54 minutes ago, MQL said:

If so, how are they logging in since I changed the default admin-admin? 

ISPs can remote into the modem since they literally own the "keys" to it. They can also push updates to it without much trouble.

What probably happened, is that they were updating it remotely and their script picked up the malicious SSID, so what they do is essentially reset the settings and remove your access to it, to prevent you from putting that SSID again... Proving it right. The update doesn't necessary have to be visible to you. The "router" firmware, which is what you could access, is technically separated from the modem firmware, which you can't see. They likely updated the modem and checked the router firmware at the same time to see if you did something to it.

 

54 minutes ago, MQL said:

If I reset the modem again, it should take me to default! Why doesn't it??

Because they changed the defaults.

 

54 minutes ago, MQL said:

can they change the root/CMOS config?

Yes. They can.

 

 

If you want access to the router again, call your ISP and tell them you can no longer access the GUI of the router because you want to change some settings. It is possible that they will tell you they can do it for you, while trying to avoid giving you the credentials. Insist. Call upon your inner Karen if needs be.

 

[RRIP]

Thank you for your support!

 

What if I bought my own router... and modem, two separate devices, and discard my ISP's unit.

Can they hack into that too, if I set my Wifi to an even more disturbing SSID? Of course they can!

How do I stop them? I can't! ...  ok, I'll bend over then...

An episode of Southpark comes to mind, where Cartman doesn't get an I-pad... and now that makes me think of all the 'User Agreements' I didn't and no one else ever reads... =)) Evolved from apes, into human-centipads!   

 

 

Damn, how do people trust their ISPs?!? I guess they don't really... they don't think about it or just hope they're in good hands or they don't get screwed... or just suck it up, gamble I guess... can't avoid it, if someone with an evil agenda wants to plot something, who's to stop them? 

 

F me, no one is safe if you want something to be paranoid about... aside the government, Apple, Microsoft spying and whatnot, they intercept everything!!! This cyber war is timeless... how do experts/hackers protect themselves from their ISPs?

 

I mean, that's a VPN? Isn't your first connection going to your ISP? Let's say I connect from NY to Russia... my traffic gets routed through a bunch of countries/servers... but isn't the first contact still through the ISP? I'm getting a migraine just thinking about it...

 

If I had to think of an evil plan, an ISP employee could collect the banking details of millions of customers, plan to steal all their money in one week, sell their data to indian scammers and whatnot, make it so the CEO looks guilty and then disappear, new identity, buy themselves a tropical island where they could spend their last years before burning in hell...

 

Aaaarrrghhh!!!!  

I'm helpless, hopeless... Ron Swanson tried to warn/teach us!

Thing is, I don't depend on the internet that much, but I don't keep my money under the mattress... 

 

So, if I learned anything today, is that ISP's are Men-In-The-Middle... just waiting to attack and take everything you've got.

 

 

This case is closed! It's too much to digest...

 

Thank you very much for your assistance... problem not solved, but learned a valuable lesson... not that I haven't thought of it... my mind is exploding with conspiracies every second...  

 

Respect, TetraSky...

All the best! Thank you!

 

 

[Skiiwee29]

<-- Moved to Networking -->