Is my home network spamming my wife's website?

asked 2021-02-26 12:51:12 +0000

Tigers gravatar image

Gudday all For about 4 months now my wife's on-line business site is regularly blacklisted and taken off the air until we get the current broadband IP address whitelisted and rest the modem. This week my wife can barely get to her site before it is taken down. Our ISP reckons it is a device in out home network that is using an old password that is the culprit. Are they correct? At home we have an (old) Lenovo laptop (I am typing this message on it), a new dell PC (my wife's) and a QNAP TS-502 (our NAS and storage). Could one of these devices be the culprit? Could Wireshark be used to analyse the home network traffic to see if rogue traffic to my wife's ISP is leaving and then what device is doing it? That is if we are not logged onto my wife's site for checking e-mails, cPanel work or looking at the site could Wireshark determine undesired traffic?

Regards Tim

edit retag flag offensive close merge delete


So your wifes business site is hosted somewhere in the Internet, and she access the site from home and after some time, the IP address of your home Internet line gets blacklisted at the website hoster? And the hoster says that the IP gets blacklisted because of too many wrong login attemps?

It sounds that any of the named devices tries regulary to login to the admin account of the website, and the saved credentials are old or wrong. Are you using any kind of backup software (e.g. Hybrid backup on the QNAP NAS) to backup the website data onto your NAS/laptop/PC? Or a FTP software to upload data to the website? Check the logs and the saved login credentials on that devices. Have you run an antivirus scan on all devices?

Try if it still happens, when you've shutdown the QNAP NAS and your laptop ...(more)

JasMan gravatar imageJasMan ( 2021-02-26 23:00:05 +0000 )edit

JasMan Thank you for replying.

I access the site for maintenance, changes etc. via the cPanel account associated with the site. I use cPanel to do backups on the site and download to my laptop and then to the NAS.

The latest scan of the NAS/laptop & PC showed nothing. I have turned off the FTP service on the NAS though I do not as far as I can see use it for anything.

I found an old version of Filezilla on the laptop that I have removed just in case.

I will turn off the NAS and my laptop to see what happens to the PC.

1, 2, 3, Thunderbirds are go.

Tigers gravatar imageTigers ( 2021-02-27 10:32:24 +0000 )edit