Have my GS1900 switches been hacked?

PersonX
PersonX Posts: 5
First Comment Friend Collector Second Anniversary

Some strange things are going on with my Zyxel Switches.

A few months back I discovered I could no longer login on my GS1900-8HP. It refused my login/password.

I did a factory reset to solve it (and of course put again a custom login/password).

Now a few months later its static IP has been changed into a dynamic one and I could no longer log-in but could log in with the default admin / 1234 combination.

And now my GS1900-24E is also behaving strangely. It is still on its static IP but I can't login anymore using my login/password. So I'll probably have to factory reset that one.

This all makes me wonder whether someone has hacked my switches somehow?

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 1,271
    Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
     Zyxel Employee

    Hi @PersonX,

    It might be because someone in your network tried to access your switches and he guessed your password correctly.

    It is recommended to use "Remote Access Control" to allow a specific IP range to access your switch. It can prevent unauthorized clients in other IP subnets from accessing. Please navigate to Menu > Configuration > Management > Remote Access Control > Global to set up and monitor if this problem occurs again.

    Untitled Image

    Click here to start: https://bit.ly/46UJJCE

    Zyxel Melen
  • PersonX
    PersonX Posts: 5
    First Comment Friend Collector Second Anniversary
    edited November 2

    Thanks Melen,

    My password looks like this "zpgNPQtz5fOzld4" so it would be amazing if someone was able to guess it.

    Also I'm in a residential set-up with 2 small kids who don't know how to work with a computer and my wife who is IT-agnostic.

    I had a look at your suggestion, but I must admit it looks quite daunting to set-up this remote access control correctly.

  • Hi @personX,

    According to your reply for Melen, there's only you and two kids as far as you know who have acces to your environment. In this case I belive it means that If your switches are been hacked, your intire network has been hacked. So there is another player fooling around…. he can only acces your environment form the outside I presume.

    Perhaps you should review your security on a larger scale.