Recently installed zorinOS and now my isp is saying my network is doing malicious stuff

after a day or two of switching from windows 10 to Zorin my isp sent me a mail saying my network is compromised. they say that some device is used by a "cyber-criminal" (lol). so basically something on my network is doing port scans/Network scans. any ideas if this is something with Zorin or just a really bad coincidence.

even if it isnt Zorin i would really want some advice on how to solve this. I know the ports being scanned and the exact times it happens.

TCP:23, TCP:2323 and SrcPort: 22318
it also said something about ~2000hosts.

Lmaofao, I recommend try using your routers web interface to check is their device connected to your internet that you don't recognise.

Shoud that read:
try using your routers web interface to check is there a device connected to your internet that you don't recognise.

1 Like

thats the first thing i did.
nothing weird i could see.
i even tried checking logs n stuff.

It is not Zorin OS.

That's the beauty of Open Source.

I would suspect a wayward car in your neighborhood driving around with a notebook computer.

And they from the looks of it managed to get into my network.
changing passwords would be a wise thing to do right now i assume, i will do that right away.

A password that you cringe at, preferably.
Something like 2Ae@&lreo&1dH

haha yeah.
i had a mild version of something like that. no symbols tho.
i will step it up this time. thx

I can't remember that!! To many symbols. Imagine I have a friend over, it will take me like 30 minutes to connect him to my Wi-Fi.

But it will take your friend even longer. :wink:

1 Like

I don't know, is that a joke or not, but I don't get it if it is...

It will take unauthorized people far longer to access your network.


Ow ok I get it now, so my friend will have to be very lucky to guess my password.

Your friend would have to be a supercomputing genius to think of a way to take less than ten years to figure that out.

I'd also go about setting the access control of your router (uses the mac addresses of your devices to identify permitted devices) and disabling guest access. If you can, without keeping people you allow to access it from accessing your network, don't run dual band, only 5ghz. It limits the devices that connect by hardware. Finally, configure the firewall to only allow pass through to specific services, otherwise block all connections. Google searches with your router model will help in doing these, add how to at the beginning of the search.

To be on the safe side, go to settings, network, and firewall and make sure that's on with the default. Anyone that was or could have used zorin to proxy to the net will not be able to contact your machine (not that this has occurred, but better safe than sorry).

you use linux... you probably have android too?
you can share your wifi with a qr code in the wifi settings.
even people on ios can scan it. works wonders

Yes, I have a very slow android phone.

1 Like

aw rip. I have a oneplus 6t. its very old but it still get updates. im on android 11 and its just a snappy as when i bought it. used oneplus phones are still amazing. and they look very closely to stock android. very pretty.

My phone is less than 100 USD so im not complaining

1 Like

ah. well oneplus makes some really really nice budget phones too :slight_smile:
thats a very cheap phone. great value today even if its not fast.

Don't have money to get one. Even though I have, my parents wouldn't let me buy one. :cry:

1 Like