What's new
Pinball info

Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Advice needed on Internet / VPN / law / risk - from any experts! Sensitive family situation.

Monkeyboypaul

Monkeyboypaul

Site Supporter
Joined
May 29, 2013
Messages
5,552
Location
South of York
Alias
Paul G
Hi,

totally off-topic from Pinball - i need some advice on a potential situation in a family with regards someone remotely accessing their PC in the UK from abroad.

Back story. (names changed... )

Doris gets a lodger about 5yrs ago The lodger is call Pedro. He's network savvy having worked for in ISP tech support for the last few years in the UK. He is not from the UK, but does have a passport from Portugal.
Pedro then becomes the boyfriend of Doris, starts to get this feet under the table with the odd name on a bill or 2 in the house & also effectively gains control of her home internet - leaving his PC on 24/7. House is 100% owned by Doris still.
"The family" does not trust Pedro - he is not a nice person, nor is he very kind to Doris (think: constant mental abuse), but she seems to be convinced he's got her interests at heart.
Pedro decides he's leaving the UK for 3months, maybe more. Goes to Geogia. Leaves his stuff in the room, asks for his PC to be left on.

So Pedro can now remotely connect to this PC via VPN from another country (he could be anywhere) and basically do whatever he wants remotely.
He is not paying any rent now, but has left all his stuff in the room and her loft. He has offered to pay half the internet bill (!).

Sadly in this connected day and age he can quickly and easily contact her (via Facebook, What'sApp, Video chat, email) to basically give her abuse about turning it on again.

I've said to the family simply turn the PC off & put a reset pin in the Router. Done. Let him get abusive, then hopefully she'll see his true colours...

  • What are the risks?
  • What's the worst that could happen?
  • Is Doris personally at risk from any potentially illegal activity coming from this machine, on her Internet?
  • Could HER house be at risk?
  • What am i missing?

If anyone is willing to help with some advice, in confidence over PM, then i'd be very much appreciative. I have a reasonable grasp on this stuff - the lingo, etc... but not entirely.
 
unplug the PC and tell Pedro IF he does contact that there's an issue with the Internet... and that Doris doesn't know what she is doing to fix it.

Realistically if he is torrenting films or the like then there is a possibility of her getting raided the next time they do a bunch of raids...

Is the internet in Doris or Pedro's name?
 
Before anything else is done I'd get her to unplug the router, changer her email password via her phone on 4G.

Then change the password on FB/WhatsApp and everything else via 4G.
 
Arv said:
He will be able to power on the pc after that with wake on lan.
Click to expand...

Police won't be interested as you've no evidence of any crime being committed

Unlikely, it's a PITA to setup over a routed connection and will only work if her ISP has given her a fixed IP address and he's setup the router to forward the required UDP ports. In any case, it won't work if you've removed the power cable from the PC!

Not much advantage to having a PC on remotely - he could be hosting torrents, though liability for that is the user, not the network (she may get claims/cease and desist letters but that's unlikely).

Is her electricity bill way higher than normal? My guess would be a Bitcoin mining rig.

Hard reset may work, but if he's installed custom firmware (unlikely but possible, given the physical access) then may not. If you/she don't have significant IT skills, I'd turn the router off and ask the ISP to send a replacement as you fear it has been hacked by a lodger, most will accommodate if you explain.

Leave PC off, totally unplugged, as well as anything else in the room. Change passwords for EVERYTHING using randomly generated ones from a password manager (LastPass/Dashlane etc).
 
Turn off the PC.
Sounds to me the guy has set up ether:-
1. A site to site VPN IPSEC / GRE with another remote router
2. Remote access VPN - similar to to a Dial In account from a PC like a PPTP connection going via the router....

By having the above in place, he simply takes remote control of the PC bypassing the firewall - probably has a port open using VNC or something similar.
He can then use the PC at his leisure to do whatever.
If it’s malicious- the person who will be under investigation will be traced via the leased public IP address tagged to all outbound traffic from the PC via the NAT (network address translation) outbound traffic.
Just switch the bloody pc off + change the password on the router.
Job done 👍
 
Mate, this is WAY more sketch than torrenting films. I have worked fraud and carding remediation for over 10 years.

If he's a dodgey bastard, my bet is he is either:

1. Using this PC on a UK home IP address for credit card fraud (a lot easier to get CNP transactions authed from in their home country, He's probably using this to "card" meaning he's verifying the ability of stolen cards to charge money (making them worth a lot more on black market))

2. Hosting a website of extremely questionable material (perhaps over TOR for really horrible stuff, but perhaps just a phishing scam)

3. Using the PC as a physical VPN to further hide some other activity elsewhere

4. The PC is mining Cryptocurrency


UNPLUG IT!! You are responsible for all activity on your home connection...
 
Last edited:
Unlikely, it's a PITA to setup over a routed connection and will only work if her ISP has given her a fixed IP address and he's setup the router to forward the required UDP ports. In any case, it won't work if you've removed the power cable from the PC
Click to expand...

Not true i have a dynamic ip and access my router you are thinking of wake on internet. I often shell into my router to power things on from a remote location.
 
I'd say just switch the computer off. Buy a new router. Tell him she switched it off because its running up a big electricity bill that he's not contributing towards. Or she could say there was a power cut and the computer went off. If its not dodgy (which it definitely must be) he will give her the computer password.

Tell him he can arrange to collect his belongings at the Police station if he gets nasty.
 
Last edited:
Appreciate this advice - currently along similar lines to what I’ve said, but a few extra handy nuggets too
 
Open the computer - and unplug the hard drive. Take hard drive to another computer and totally low level format it.

Reset router - but immediately change the password as most revert to 'admin or password' as the password.

If something dodgy is not going on - why would he need access to that PC? He wants some kind of access for a specific reason.
 
Joking aside, I would definitely cut the power and then have a look what he's got in the loft. My feeling is that if he's a control freak he's probably rigged up cameras in the ceilings. Check all the lightbulbs to make sure they're not wifi cameras (yes really).
 
Hi

Adding to what others have said - I'm no expert, but I have in the past set up my router to open a port to my home PC & set up a VPN so I could put bets on with UK bookies while I was on holiday. He may also have changed the admin password on the router and enabled remote configuration - worth checking, but I suspect a hard reset of the router should remove port forwarding, password changes & disable remote config (no guarantees from me though).
 
Very sorry to read this tale @Monkeyboypaul.

In life, usually when you smell a rat, there is a rat.

Noone ever knows what is happening in someone else's personal life, but this has some hallmarks of a coercive control/ gaslighting scenario. Two of my friends found themselves in these dreadful relationships. These are incredibly difficult scenarios to escape from.

Both were subjected to ridiculous levels of incoming communication. One guy was receiving 5/ 10/ 20 texts a day from her even AFTER the divorce. The other was storing the stuff of rogue partner that went walkabout abroad.

Folk caught in this way can be in complete denial and have extremely low self esteem. The longer it goes on the worse the mess becomes. I am no Dr, but their disconnection from reality seemed as vivid as an anorexic's.

You and your family member have my sympathies. I suspect that you are all in this for the long haul.

I think you should find a gaslighting charity and/ or support group and ask professionals what to do in scenarios like this. The IT side may just be a small part of this story.

If you do a complete reset- Change locks. End internet contract, get a completely fresh bband supply arrangement. Replace all internal IT/ routers etc in that household that can be networked. Change all passwords. Remove Pedro from utility and other bills. Give a reasonable deadline then dump all possessions......

What is to stop her letting him back in again, or downloading his Trojans/ password loggers or whatever ?

Good luck.
 
DRD said:
Very sorry to read this tale @Monkeyboypaul.

In life, usually when you smell a rat, there is a rat.

Noone ever knows what is happening in someone else's personal life, but this has some hallmarks of a coercive control/ gaslighting scenario. Two of my friends found themselves in these dreadful relationships. These are incredibly difficult scenarios to escape from.

Both were subjected to ridiculous levels of incoming communication. One guy was receiving 5/ 10/ 20 texts a day from her even AFTER the divorce. The other was storing the stuff of rogue partner that went walkabout abroad.

Folk caught in this way can be in complete denial and have extremely low self esteem. The longer it goes on the worse the mess becomes. I am no Dr, but their disconnection from reality seemed as vivid as an anorexic's.

You and your family member have my sympathies. I suspect that you are all in this for the long haul.

I think you should find a gaslighting charity and/ or support group and ask professionals what to do in scenarios like this. The IT side may just be a small part of this story.

If you do a complete reset- Change locks. End internet contract, get a completely fresh bband supply arrangement. Replace all internal IT/ routers etc in that household that can be networked. Change all passwords. Remove Pedro from utility and other bills. Give a reasonable deadline then dump all possessions......

What is to stop her letting him back in again, or downloading his Trojans/ password loggers or whatever ?

Good luck.
Click to expand...

100% agree with this. My sisters ex partner was a very abusive son of a bitch. He was and still is a Policeman and used his training and interrogation techniques to bully and break her down. Gaslighting probably would be an understatement. This is why I know so much about covert spy technology. I rigged her house up to catch him at it. I would recommend your Doris also learns how to use technology to protect herself.
 
I know it’s fun to jump to something off the wall mad illegal that he’s doing but maybe he’s just got something simple like a PleX media server setup so he can stream movies and TV shows that he’s got on the HDD while he’s away. Or a VPN for watching bbc/etc while he’s away.
It’s not really worth mining crypto on a PC even if he’s getting free lecky, unless it’s a serious rig with multiple high end GPUs, unlikely the reason for leaving it on.

Doris owns the house, Yes?
Does she mind the PC being on?

Why doesn’t Doris ask him?
If she doesn’t know how to bring it up she could say to him the fan is noisy on the PC and does he mind if she turns it off, if yes, why, what’s running on it that’s so important?

if you want to snoop on it why don’t you join your laptop to the WiFi, use something like advanced IP scanner to get the IP of it, you can then see if there is any shares on it.
Maybe look up using wireshark to see if you can see what traffic is happening on that IP
 
You must log in or register to reply here.
Back
Top Bottom