mac地址被路由器拉黑_我买了一个新路由器，告诉我我被黑了

mac地址被路由器拉黑

重点 (Top highlight)

Last week, I was at the end of my rope with my old router.

上周，我对旧路由器不知所措。

I bought the old clunker, a TP-Link Archer C7, in 2015. It was the Wirecutter pick at the time, which gave me license to tell my roommates that I was going to spend $100 on a router.

我在2015年购买了旧式旧式换向器TP-Link Archer C7。当时是Wirecutter的选择 ，这给了我许可，告诉我的室友我要在路由器上花费100美元。

Now, one apartment later, I have two floors: A first floor and a basement level that acts as my bedroom. The old router’s antennae just couldn’t penetrate into the lower level. It basically meant no Wi-Fi downstairs, which mitigated screens before bed and made my Sanctuary of Slumber Arianna Huffington-approved.

现在，一间公寓后，我有两层：一成为Fi R一楼和充当我的卧室地下室水平。 旧路由器的天线无法穿透到较低级别。 基本上，这意味着楼下没有Wi-Fi，这可以减轻睡觉前的屏幕负担，并让我的Slumber Arianna Huffington保护区获得批准。

But my smooth, mushy brain wanted to stare at the small, glowing rectangle.

但是我那光滑而糊状的大脑想要凝视着那个发光的小矩形。

I tried range extenders, learned that they didn’t relay the signal but just created a new network that confused my phone, and then gave up for a month or two. I set up my desktop downstairs with a MoCA adapter that runs internet through the coaxial cables in my apartment, fitting me with a gigabit LAN in my apartment but still no Wi-Fi downstairs.

我尝试了范围扩展器，得知它们没有中继信号，只是创建了一个使我的手机感到困惑的新网络，然后放弃了一个月或两个月。 我在楼下用MoCA适配器设置了台式机，该适配器通过我公寓的同轴电缆连接互联网，使我可以在我的公寓中安装千兆以太网，但楼下仍然没有Wi-Fi。

For a few years, I’ve lurked on r/UniFi, a subreddit dedicated to home and enterprise networking hardware made by Ubiquiti. Their products have always been touted as reliable and extensible. They also have a beautiful user interface, and there are tons of features that I could poke and prod, like granular deep packet inspection and detailed logging.

几年来，我一直沉迷于r / UniFi ，这是Ubiquiti生产的专用于家庭和企业网络硬件的子目录 。 他们的产品一直被吹捧为可靠和可扩展。 它们还具有漂亮的用户界面，并且我可以戳和生产很多功能，例如精细的深度数据包检查和详细的日志记录。

Then, OneZero’s own Owen Williams wrote about his UniFi setup, and it sent me down the rabbit hole again. A few times. I’d find myself kitting out all the PoE network switches and access points I’d need while eating lunch or during a slow workday. It usually ended with me raising an eyebrow at the price tag and solemnly closing the tab.

然后， OneZero的欧文·威廉姆斯( Owen Williams) 撰写了有关他的UniFi设置的文章 ，它再次将我送下了兔子洞。 几次 我发现自己在吃午饭或工作缓慢时需要所有PoE网络交换机和接入点。 通常，我会以价格标签扬起眉头并庄严地关闭标签。

Last week, after repeatedly trying and failing to send a photo over my phone’s iMessage from my desk downstairs, I gave up. Cost be damned, I ordered a $329 Ubiquiti Dream Machine from a Microcenter down the street.

上周，在反复尝试并且未能从楼下的办公桌通过手机的iMessage发送照片后，我放弃了。 成本太高了，我从街上的微型中心订购了329美元的Ubiquiti Dream Machine。

The Dream Machine is a little all-in-one machine that can act as the brain, network switch, and central wireless router for your Ubiquiti setup. It also has features that I didn’t know would come in handy, like an Intrusion Prevention System. I figured that I could use it as a solo router until I could measure Wi-Fi throughput around my apartment and find the best place to tack on any additional access points that I needed downstairs.

Dream Machine是一款多功能一体机，可以充当Ubiquiti设置的大脑，网络交换机和中央无线路由器。 它还具有我不知道会派上用场的功能，例如入侵防御系统。 我认为我可以将其用作独立路由器，直到可以测量公寓周围的Wi-Fi吞吐量，并找到在楼下需要安装任何其他接入点的最佳位置。

Setup took minutes, and I started to tinker with settings. I flipped on the Intrusion Protection System and endpoint scanning. The former would find potentially malicious traffic, and the latter would scan my devices on the network to make sure they were legit and not let them connect without proper permissions. I like this.

安装程序花了几分钟，然后我开始修改设置。 我打开了入侵防护系统和端点扫描。 前者会发现潜在的恶意流量，而后者会扫描我在网络上的设备，以确保它们是合法的，并且在没有适当权限的情况下也不允许它们连接。 我喜欢这个。

Then I checked my Wi-Fi downstairs. It worked without any additional access points. I was, and still am, over the moon for this little magic Wi-Fi capsule.

然后我在楼下检查了Wi-Fi。 它无需任何其他访问点即可工作。 我曾经，现在仍然是这个小魔术Wi-Fi胶囊的登月者。

But the next day I was thumbing through my UniFi app on my phone, and tabbed over to the Intrusion Prevention System. I found more than 300 alerts. A piece of software was pinging its home server at a “.su” domain. When I looked at the logs, they were all coming from my NAS (network-attached storage). My NAS is a little box made by a company called QNAP that acted like a personal cloud storage server for my most sensitive files.

但是第二天，我翻阅了手机上的UniFi应用程序，并切换至“入侵防御系统”。 我发现了300多个警报。 一款软件正在“ .su”域中对其家用服务器执行ping操作。 当我查看日志时，它们全部来自我的NAS(网络附加存储)。 我的NAS是一个名为QNAP的公司生产的小盒子，它充当我最敏感文件的个人云存储服务器。

After a quick Google of “QNAP malware,” I found that more than 60,000 NAS devices had been infected with malware called QSnatch, which ferreted an untold amount of data away from QNAP customers, could control my device, and took a lengthy, annoying process to patch. I opted to just unplug it.

在快速搜索“ QNAP恶意软件”之后，我发现超过60,000台NAS设备已感染名为QSnatch的恶意软件 ，该软件从QNAP客户那里散发了大量数据，可以控制我的设备，并且花费了漫长而烦人的过程修补。 我选择只是拔掉它。

I searched my email for a notice about this from QNAP. QSnatch was reported in October 2019 by Finnish authorities. The only emails I can find from QNAP, aside from marketing materials, were nonspecific prods from June 2020 to update my firmware for security upgrades.

我从QNAP的电子邮件中搜索了有关此事项的通知。 芬兰当局于2019年10月报道了 QSnatch。 除了行销资料，我只能从QNAP收到的电子邮件是从2020年6月开始更新固件以进行安全升级的非特定产品。

I don’t know if my NAS is infected with QSnatch. It might be. It also was just as likely some other malware.

我不知道我的NAS是否感染了QSnatch。 有可能。 这也和其他恶意软件一样。

But seeing as how I used this NAS for a “safe” home base for my most personal files, I can’t see how I can trust my own device or the company anymore. Even if I’m overreacting and the “.su” domain was erroneously flagged as being associated with malware, the process led me to learning of a massive security breach of a company whose device I naively trusted.

但是看到我是如何使用该NAS来存储大多数个人文件的“安全”家庭基础的，所以我再也看不到如何信任自己的设备或公司。 即使我React过度，并且“ .su”域被错误地标记为与恶意软件相关联，该过程也使我了解到一家公司对其天真信任的公司的大规模安全漏洞。

(And anyway, the “.su” domain has seemingly been flagged as related to malware by other security vendors — I don’t think I’m overreacting.)

(无论如何，“。su”域似乎已被其他安全供应商标记为与恶意软件有关–我认为我React不大。)

I’m moving all my files off my QNAP NAS, and I’ll probably end up moving to a managed cloud storage provider like Google Drive or iCloud for files I need to regularly access. For long-term mass storage, like photos, videos, and sensitive documents, I’ll probably put them on regular external hard drives that aren’t connected to the internet.

我将所有文件从QNAP NAS中移出，最终可能需要转移到托管云存储提供商(例如Google Drive或iCloud)中，以获取需要定期访问的文件。 对于照片，视频和敏感文档等长期大容量存储，我可能会将它们放在未连接到互联网的常规外部硬盘驱动器上。

After all this, I’m starting to rethink the way that I look at data storage. It’s not critical I have access to all my data on a 24/7 basis, and I think I severely underestimated the danger of putting these rarely accessed personal files on a device connected to the internet. I’m fairly tech-savvy and set up my QNAP as securely as I could when I got it, so I figured I’d be fine. I was wrong.

毕竟，我开始重新考虑看待数据存储的方式。 我可以24/7全天候访问我的所有数据并不重要，我认为我严重低估了将这些很少访问的个人文件放在连接到互联网的设备上的危险。 我相当精通技术，并且在获得QNAP时会尽可能安全地对其进行设置，因此我认为我会好的。 我错了。

A hard drive is 80% as convenient as my NAS, and 99% more secure. I still risk it getting physically stolen, but that was also a danger before.

硬盘比我的NAS方便80％，安全性高99％。 我仍然冒着被人偷走的危险，但这以前也是危险的。

The Dream Machine ironically ended up being a wake-up call for me. I don’t feel invincible now because I have this little capsule internet guardian. If anything, I feel more wary of where I put my data.

具有讽刺意味的是，梦机器最终对我来说是一个警钟。 我现在不觉得自己立于不败之地，因为我有这个小小的胶囊互联网监护人。 如果有的话，我对将数据放置在何处更为警惕。

I urge you to do the same.

我敦促您也这样做。

翻译自: https://onezero.medium.com/i-bought-a-new-router-it-told-me-i-was-hacked-fb141930dd22

mac地址被路由器拉黑