[SOLVED] Is it possible to monitor/scan a device that is connected to my router for malware/viruses ?

Toggle sidebar Toggle sidebar
O

onemoretimex

Distinguished
Jun 29, 2015
213
4
18,595
I have a device that is used for mining and have been receiving letters from my ISP that gamut a piece of malware was present on one of my devices.

I would like to be able to monitor this device plus run a malware/virus scan on it just to see whats going on... but as the device itself has no GUI I would need to do this from my PC to it.

Is wireshark what i'd be looking for ?

Thanks
 
Solution
kanewolf
onemoretimex said:
Oh I have no idea I believe its one made by the device manufacturers.

Bobcatminer300

www.bobcatminer.com
Click to expand...
You aren't going to be running wireshark on that. What it looks like to me is an ethernet device that converts to a 900Mhz radio signal. So ANY device that connects to that hotspot and therefore uses your internet could be the problem.
Basically YOU are trading your internet bandwidth to anyone that wants to use it via the Helium network. And therefore YOU are responsible for any illegal activities.
The documentation for the bobcat miner 300 is HORRIBLE. It basically says "trust us" after plugging this device into your home network. This seems even sketchier than other crypto mining because it is...
Sort by date Sort by votes
kanewolf

kanewolf

Titan
Moderator
May 29, 2013
37,303
3,272
156,790
onemoretimex said:
I have a device that is used for mining and have been receiving letters from my ISP that gamut a piece of malware was present on one of my devices.

I would like to be able to monitor this device plus run a malware/virus scan on it just to see whats going on... but as the device itself has no GUI I would need to do this from my PC to it.

Is wireshark what i'd be looking for ?

Thanks
Click to expand...
What OS does this mining device run? Can you SSH into it?
Wireshark has to run on the device you are capturing, unless you have a switch which can mirror a port. That would require a managed switch.
 
Upvote 0 Downvote
kanewolf

kanewolf

Titan
Moderator
May 29, 2013
37,303
3,272
156,790
onemoretimex said:
Oh I have no idea I believe its one made by the device manufacturers.

Bobcatminer300

www.bobcatminer.com
Click to expand...
You aren't going to be running wireshark on that. What it looks like to me is an ethernet device that converts to a 900Mhz radio signal. So ANY device that connects to that hotspot and therefore uses your internet could be the problem.
Basically YOU are trading your internet bandwidth to anyone that wants to use it via the Helium network. And therefore YOU are responsible for any illegal activities.
The documentation for the bobcat miner 300 is HORRIBLE. It basically says "trust us" after plugging this device into your home network. This seems even sketchier than other crypto mining because it is allowing random users on your home network, which you are 100% legally responsible.
I wouldn't touch that with a REALLY long pole.
One thing that might save you is that Helium is supposed to be encrypted for the entire path. If that IS the case then your ISP would not be able to see the potentially illegal traffic from that hotspot. And you would have to look elsewhere on your network.
 
Last edited:
Upvote 0 Downvote
Solution
O

onemoretimex

Distinguished
Jun 29, 2015
213
4
18,595
kanewolf said:
You aren't going to be running wireshark on that. What it looks like to me is an ethernet device that converts to a 900Mhz radio signal. So ANY device that connects to that hotspot and therefore uses your internet could be the problem.
Basically YOU are trading your internet bandwidth to anyone that wants to use it via the Helium network. And therefore YOU are responsible for any illegal activities.
The documentation for the bobcat miner 300 is HORRIBLE. It basically says "trust us" after plugging this device into your home network. This seems even sketchier than other crypto mining because it is allowing random users on your home network, which you are 100% legally responsible.
I wouldn't touch that with a REALLY long pole.
One thing that might save you is that Helium is supposed to be encrypted for the entire path. If that IS the case then your ISP would not be able to see the potentially illegal traffic from that hotspot. And you would have to look elsewhere on your network.
Click to expand...


Not my ISP but another member with same device but different ISP reported that they had received a letter that they had been sending spam Viagra mail from the device so not even sure its encrypted either,

I believe they had the port 22 port forwarded at the time which is only meant to be for outbound so this might explain why they had any issues.?
 
Last edited:
Upvote 0 Downvote
kanewolf

kanewolf

Titan
Moderator
May 29, 2013
37,303
3,272
156,790
onemoretimex said:
Not my ISP but another member with same device but different ISP reported that they had received a letter that they had been sending spam Viagra mail from the device so not even sure its encrypted either,

I believe they had the port 22 port forwarded at the time which is only meant to be for outbound so this might explain why they had any issues.?
Click to expand...
Port 22 is typically the SSH port. I would not forward port 22 either. That is just ASKING somebody to trespass into your network.
Spam e-mail could potentially be traced back to an IP address if the originator used something from the public IP address the hotspot was associated with when building the spam. Again, this just seems WAY to insecure to allow on your home network.
 
Upvote 0 Downvote
S

Stephanie_Sy

Prominent
Mar 1, 2021
39
3
535
It is possible for certain types of malware (i.e. worms) to spread on a local LAN behind a router and for some types of malware to infect router firmware and change the router settings.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom