Router model and/or firmware version identifiable in network traffic?

1

I found out recently my IP had been blacklisted and thus I couldn't send any emails. On the CBL site it says...

"IMPORTANT: Many CBL/XBL listings are caused by a vulnerability in Mikrotik routers. If you have a Mikrotik router, please check out the Mikrotik blog on this subject and follow the instructions before attempting to remove your CBL listing."

I have a MikroTik router, so I wondered how do they know? Is this information contained in any packets of data sent to and from a server when sending an email and the IP was blacklisted preemptively or has someone hacked my router and done something to get me blacklisted?

FWIW, this is more of a hypothetical question than a 'what I did' one, but FYI I wasn't doing anything blacklist worthy like running a mail server for example. Just normal every day use of a normal PC connected to a home network.

The question is simply when sending an email is there anything in that process that passes on the details (i.e. model and firmware version) of your router?

Doob

Posted 2019-10-19T19:00:40.523

Reputation: 23

Question was closed 2019-10-20T07:11:42.100

1Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer. – Ramhound – 2019-10-19T19:16:07.290

Answers

1

We don't know what you did so we cannot answer conclusively. But there is a chance that your router became a bot-slave and was black-listed, and in that case there is also the possibility that it infected your computer(s).

All I can suggest is to first factory-reset your router, then follow this Mikrotik blog on the subject, finally run antivirus scans by several well-known companies on all your computers.

If any infection is found, you can find more information in the post
How can I remove malicious spyware, malware, adware, viruses, trojans or rootkits from my PC.

harrymc

Posted 2019-10-19T19:00:40.523

Reputation: 306 093

Asked: 2019-10-19T19:00:40.523

Viewed: 61 times

Active: 2019-10-19T20:05:32.187