Gathering advice on rebuilding your network following a potential router breach.
Gathering advice on rebuilding your network following a potential router breach.
I’ll share the details of the situation and my goals. My configuration: ISP modem operates in bridge mode; they’ve consistently assigned me a static IP over the years, even after relocations. The connection flows through my router (ASUS RT-AC5300). I’ve followed all previous setup steps for years—static local IPs for my NAS, main PC, and an old repurposed server used for online gaming. Everything seemed secure until recently.
I suspect a breach; past RDP attacks flagged me when accessing my home system remotely. Last month’s power spikes caused the router to switch on and off rapidly within seconds, lasting about 5–6 minutes before I unplugged it. Still think an intruder accessed my network.
My main concern is that someone else may have taken control of my ISP IP and altered my login details. I noticed unusual activity on my main computer after the outages, and the DNS lookalike from a rental server company raised red flags. Now I’m locked out of the router’s login page with incorrect credentials.
My plan: I’ll disconnect everything until I can fix it tonight. It’s frustrating to restart from scratch, but security has changed. I want a more secure setup that still lets me play games online and host servers occasionally. I’m considering switching to Asuswrt-Merlin on my RT-AC5300. I hope it can block malicious IPs via a custom list and let me assign VPN access only to specific devices or groups, not the whole router.
I need guidance on how to secure the GUI login page so outsiders can’t reach it, while keeping port settings safe for gaming traffic. I also want options to cover open ports without exposing them to eavesdropping.
Are you certain the router wasn’t just restarted from the factory due to the power surge? Still, Asuswrt-Merlin seems like a solid choice.
I also tried using the factory credentials on the bottom of the router, but it didn’t work.
Alright, if you can't log in, it could be tough to reset the router. It might also be damaged in some way (not hacked), so you might need to replace it entirely.
It’s functioning properly, though there’s a sense of compromise. My visitor bypassed my static IP until they reached the router. They did whatever they needed—maybe logging in, testing, and then leaving. I’m unsure what they actually did since I can’t log in to see it. It could have been months or longer now. Many users log into their routers regularly after setup, which makes me confident I can restore it and reset everything. The issue isn’t ongoing; it’s a single incident that lasted a while.
I need advice on configuring the system to prevent these kinds of attacks from reaching the login screen, while still allowing occasional use for dedicated gaming. As someone who’s faced multiple Remote Desktop attempts in the past, I trust my ISP’s static IP for years. My guest tries to exploit the ISP range until they compromise a few devices. This wasn’t an RDP attack but a targeted effort to access my network.
I’m forced to factory reset and reconfigure everything after waking up from a night shift. Still, this is just the beginning. The real challenge now is rebuilding a secure network with strong protections—blocking these threats while keeping my gaming servers safe and private. I want recommendations on setting up safeguards, adjusting firewall rules, or tweaking AsusWrt-Merlin settings to ensure only trusted devices connect and that no unauthorized access occurs.
I see. I’m not sure if I’m the best fit for this, but I’m open to assistance. My knowledge in this area is quite narrow. I think getting a new static IP from your ISP would work. You might want to try using rescue mode. Check out this forum thread: https://www.snbforums.com/threads/rt-ac5...ver.76117/ For more details, see the guide here: https://www.asus.com/support/faq/1000814/ Firmware restoration is available at https://www.asus.com/supportonly/rt-ac53...=RT-AC5300. After updating the firmware, you should be able to reach the router settings. Then you can proceed with flashing merlin, possibly directly from rescue mode.
You’re about to clear everything and start fresh. No restoration steps needed—just install the new box when you’re ready. For your ISP, it’s better to skip any questions and focus on configuring your network safely. In Asuswrt-Merlin, set the right security settings and enable firewalls. When opening ports for your game server or other services, restrict them so only the necessary applications can access them, preventing unauthorized use.