Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
Need the latest SmartSDR, Power Genius, Tuner Genius and Antenna Genius Software?
SmartSDR v3.8.19 and the SmartSDR v3.8.19 Release Notes | SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
SmartSDR v1.12.1 and the SmartSDR v1.12.1 Release Notes
Power Genius XL Utility v3.8.8 and the Power Genius XL Release Notes v3.8.8
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
SmartSDR v3.8.19 and the SmartSDR v3.8.19 Release Notes | SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
SmartSDR v1.12.1 and the SmartSDR v1.12.1 Release Notes
Power Genius XL Utility v3.8.8 and the Power Genius XL Release Notes v3.8.8
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Unwanted IP Connection
K6MBY
Member ✭✭
Using Windows 10 and a Flex 6500 with V2. I noticed today an IP address popping up in the lower right corner of my screen indicating it was connected with Smart Link. The address is 174.213.13.58 which is listed to Verizon. I use Verizon Cell service but no wired services with Verizon. About the same time I noted the band changed from 40 meters to 20 meters with no input from me. I immediately changed the Flex login passwords but within a few minutes the same IP popped up again indicating it was connected.
Has anyone else noticed this activity? Any suggestions other than running a full virus scan?
Has anyone else noticed this activity? Any suggestions other than running a full virus scan?
0
Answers
-
Ping it from a cmd window. If the ping comes back <1ms, disable wi-fi on your smart phone.
Ned, K1NJ
0 -
Request timed out.
Bob
K6MBY
0 -
Were you in a coffee shop or other public place?
A common hijacking technique is someone sets up a "fake router" that looks and feels like it is the real Starbucks WiFi but you are connected to them instead and they skim off keystrokes etc.
If this was the case then they probably got curious and played with your flex connection a little. Most people doing this simply have way too much time on their hands.
One reason NEVER to do financial stuff on public WiFi at hotels, Starbucks, etc.0 -
Have you ever used your Verizon service (hot spot) to establish a SmartLink connection?
Looks like a device that you have enabled SmartLink on that is using Verizon is connecting to the radio. If you are concerned, change your SmartLink account (user ID or password)0 -
Could this be some third party app running on the Win-10 platform using the CAT interface. Since you're on a Verizon connection that should be secure. Having used this same configuration no hack attacks have been observed.0
-
This is true too since SmartSDR, Maestro and CAT auto reconnect when they are started.
0 -
I have never been in a public place with the computer used to connect to the Flex. Only device ever used on a public hot spot was cellphone and that was only for email.
Agree on never do financial stuff on public wifi.
Bob
K6MBY
0 -
Tim,
Yes I have used my Verizon cell phone hot spot to test the SmartLink connection. The phone hot spot, however, has not been on in some time. Ah, but this does give me an idea to chase down.
I have changed the password but I think I will log off Smartlink for a bit.
Bob
K
0 -
I can stop the apps using CAT for the moment and see if the issue goes away.
Bob
K6MBY
0 -
Found it. Some time ago a Ham RV friend was here and used his Verizon MiFi to log into my Flex. He is now gone from my location and in central California. We have just completed some testing and when he turns off his MiFi the 174.**** IP address goes away. I see this by looking at the connections in the router. When he turns the MiFi back on the 174 IP address comes back. We did this several times and each time the connection reappeared when the MiFi was turned back on. Whether I am logged in to the SmartLink or not the connection appears when the MiFi is on.
We are not sure how to get rid of the "calling home" feature of the MiFi but at least I know where the address is coming from.
Bob
K6MBY
0 -
Why is the RV guy being able to logon with invalid credentials (ie, the password has been changed)?0
-
Further testing today.
My SmartLink password has been changed on my end and I am logged out. My friend, W5NH BTW, is logged out of SmartLink. Both of our 6500s are on with the WSJT application running.
When W5NH pushes his Tune button within his WSJT application..... MY radio keys up. His does not. WSJT has a method of changing bands via a mouse click. When W5NH clicks to change bands, my radio changes bands. His does not.
The reverse of this is not true, however. My pushing the tune button or changing bands does nothing at the W5NH end.
My thought is that somehow SmartLink is still in the play even though both of us are logged out. While I have OpenVPN running, I deleted my previous DDNS and created a new DDNS with a different domain name. OpenVPN has not been reconfigured with the new domain.
Totally amazed by this and out of possible solution.
Any ideas appreciated.
Bob
K6MBY
Sequim, WA
0 -
Just thinking out loud. Doesn't SSDR CAT also operate through Smartlink? It sounds like your friends SSDR CAT is still tied in or logged into Smartlink somehow. Was his local VPN Client ever tied into your Router via the VPN link ?0
-
CAT is SmartLink enabled and he is still logged into your SmartLink account on his copy of SmartSDR CAT.0
-
Ah Tim... Thank you. I had totally forgotten about that right click on "Radio Connected" in the SmartSDR Cat dialog. 5NH now at home at the moment but I will leave a message for him. I will confirm with a response back tomorrow.
Bob
K6MBY
0 -
My bet is on insufficient verification of credentials. That is, upon initial successful logon, SSDR places some sort of auth token on the end point. Think of it as a fancy cookie.
Next time a connection attempt is made SADR first looks for the token. If a token is found SSDR does not re-authenticate. This is evident from the first post when the password was changed and the RV guy could still connect.
Further, my bet is that the token does not expire in the name of keeping things “simple” for the benefit of the user. If the token were to expire then the radio keying ritual has to be repeated whenever the token expires. All this can be tested by installing Burp on the endpoint and observing the handshakes between SSDR, the auth server, and radio itself.0 -
Larry,
Yes, I think that is exactly the issue as Tim just pointed out. Even though we had signed out of SmartLink the SmartSDR Cat was still connected to the last radio..... which in this case, must have been my radio when he was visiting.
Up on the top of the SmartSDR Cat dialog box..... right click on "Radio Connected." The two boxes noted in this drop down must be checked on my friends SDR Cat application.
Bob
K6MBY
Sequim, WA
0
Leave a Comment
Categories
- All Categories
- 280 Community Topics
- 2.1K New Ideas
- 521 The Flea Market
- 7.5K Software
- 6K SmartSDR for Windows
- 144 SmartSDR for Maestro and M models
- 349 SmartSDR for Mac
- 247 SmartSDR for iOS
- 228 SmartSDR CAT
- 168 DAX
- 351 SmartSDR API
- 8.7K Radios and Accessories
- 7K FLEX-6000 Signature Series
- 838 Maestro
- 43 FlexControl
- 842 FLEX Series (Legacy) Radios
- 786 Genius Products
- 413 Power Genius XL Amplifier
- 274 Tuner Genius XL
- 99 Antenna Genius
- 237 Shack Infrastructure
- 161 Networking
- 398 Remote Operation (SmartLink)
- 124 Contesting
- 617 Peripherals & Station Integration
- 122 Amateur Radio Interests
- 856 Third-Party Software