I do not use any P2P program and port 80 should not be visible on the Internet because I have never opened the remote administration on the modem and I have activated the built-in firewall blocking all incoming connections (Typical security / Inbound Policy: Reject.)

My PC is running all MS updates, MC-Afee Internet Security, Windows firewall with almost no exception, Spy BOT Search & Destroy resident, CCCleaner, Mozilla Firefox instead of MS Ie and no P2P programs. I am not saying that it is 100% sure, but none of the installed security suites reports any spyware, virus, whatsoever.

The remote administration of my PC is disable.

Strong passwords are used and changed periodically. Guess account is disable. MS Baseline security checker does not report security holes.

My WiFi is secured, WAP2 personal and MAC security in place. If somebody is getting into my modem, that means that Belgacom has security holes.

I wonder what could I do next?

Regards
Miguel

Belgacom suggests this could be due to a spyware making repeated requests. I would also suggest to check the configuration of P2P programs you might use. Allowing an unlimited number of connections in Bittorrent, Emule, etc might also cause such behaviour. Further, if your BBOX2 is visible on the Internet through port 80, you might be hit be a whole tribe of robots trying all nasty tricks against your modem.

I have performed the step as of the post you indicated to me. I have even done so three times to make sure. I did it this way:

Telnet to BB2 as admin, then:

rg_conf_set upnp/rules_autoclean/enabled 1
save

I received message “return 0″ on screen
Then, I rebooted the BB

After a couple of days the same problem comes back:

“No more than 100 sessions at a time are allowed. Please wait until open sessions expire”

Please note that message is shown before any attempt of log-in. Thus right after writing http://192.168.1.1 and hitting on “Enter”

Do you have any other suggestion? Or anybody who reads me?

Many thanks
Best Regards
Miguel

You might be right and therefore I have done so, then as login was still not possible, I rebooted the device. I will check results and let you know since mentioned UI login lock was taking a while to come after a reboot.

I never thought it could come so with the firewall ’cause I do not see a logic link. Besides, if I change the admin password (only possible on telnet) my BB2 restarts right after command “save” has been issued, but only if the ADSL wire is connected to the outlet. That sounds to me to an attempt to download the configuration file online every time the password is changed. While trying to change the password on the UI, it claims the old password is not valid, which it btw is the good one. If done on telnet, then restart as mentioned here above. Last but not less, whenever I change the Internet connection password on Belgacom Online services, the BBOX seems to be able to read it and adopted seemingly, setting any advance user up to a paranoid state of mind I did that three times and I did not need to amend the credentials on the BB2. So anyone at Belgacom can have my credentials, my BB2 configuration (on plain text) and the control on the device and we all users have to stand behind with a big smile while our privacy is compromised so. This is unacceptable… Belgacom should also deliver a free of charge RC insurance to its customers or better said its victims

What drives me crazy on this machine is that on top of being castrated on functionality and proven as so unsecured, one has to really play around to understand its “features”. How can it be possible that administration UI log-in capabilities were linked to the dynamic firewall entries. That would mean that once the firewall is active (only real security we have on this box) after some browsing & emailing, we cannot login on the UI anymore without restarting the box. I am really disappointed with this device and worse we have either to digest it or to move to another ISP. Definitely, no value for money and no respect to customers privacy.

On the other hand, I wonder which other ISP will offer me what I need, one land line, three GSM ones with 3G data plan, digital TV and an acceptable Internet Access Service guaranteeing security and respecting privacy.

Unfortunately, as the mass public either ignore or do not care too much, Belgacom stays on Belgian market top.

Regards
Miguel Ruiz

I do not think this has anything to do with people connecting to your WLAN. Rather, it is linked to the number of outgoing sessions in the firewall table. Try the trick explained on this page

Thanks for taking your time to write this information. It is of help for many people out there.
To the already commented security issues, one can add that Belgacom subscriptions have a download limitation after which the customer gets ISDN speed. Taking into account that anyone can log-in into the unprotected BBOX modems, Belgacom has made the grade once again!

I did noticed all that and since the very beginning I changed the Admin password, the Internet log-in information and activated the firewall to almost paranoid level. Additionally, I used MAC address filtering to grant WiFi connectivity, sticking to only a few&required of those addresses and deleting any temporary one from guests gear when no longer needed. I also use WAP2 and a max length paraphrase key.
Despite all that, this is what I get every two days after a modem reboot when trying to log-in:

“No more than 100 sessions at a time are allowed. Please wait until open sessions expire”

I have already checked that I am running the latest available firmware. I have reconfigured several time the modem manually and I have changed the Admin&User passwords a few times. Nothing has helped very much.

I noticed some attacks on my PC (security logs, sporadic failures on my anti-virus real time scan, firewall disconnected upon start-up for unknown reasons, firewall alerts, etc, etc. Worse, with a good modem well configured and a competent Telco-provider, our PC should be safe with just a little care on the Internet Browser and a good free anti-virus solution. A PC connected to Belgacom network seems to be in danger even behind 10 firewalls

I do not know if this is an error or it is really what is said, but anyway smell very bad.

Any suggestion?
Miguel Ruiz