NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
constant DoS attacxks
so since upgrading to the newest firmware I see constant dos attacks every few minutes and my connection does slow.
Attack: ACK Scan] from source: 34.230.89.123, port 9543, Tuesday, June 19, 2018 22:15:16
[DoS Attack: ACK Scan] from source: 34.230.89.123, port 9543, Tuesday, June 19, 2018 22:13:16
[DoS Attack: ACK Scan] from source: 34.230.89.123, port 9543, Tuesday, June 19, 2018 22:11:16
such as these logs . they continiue to grow larger and speeds get slower all day. Netgear support is no help and the firmware they promised would help manage such issues doesn't seem to be coming . . The QoS feature is broken. How can I fix this?
13 Replies
That IP address belongs to Amazon:
https://whois.domaintools.com/34.230.89.123
Have you fully rebooted the router and or do a ERASE on it and set it up from scratch?
Whats the Mfr and model # of your ISP modem?
Besure none of your devices are acessing and amazon services. Disconnect ALL devices accept for 1 wired PC and check speeds and connection and the log. Graduate adding one device at a time until you notice something...
I have two amazon echoes recently added. I bet thats what it is.
FURRYe38 wrote:
That IP address belongs to Amazon:
https://whois.domaintools.com/34.230.89.123
Have you fully rebooted the router and or do a ERASE on it and set it up from scratch?
Whats the Mfr and model # of your ISP modem?
Besure none of your devices are acessing and amazon services. Disconnect ALL devices accept for 1 wired PC and check speeds and connection and the log. Graduate adding one device at a time until you notice something...
Disable or turn them off and check your stuff. :smileywink:
Firewall and logging is doing it's job...just reporting what the router is encountering.
- But once they start my wifi speeds are cut in half.. this never happened in the old firmware... Not sure what exactly changed but the other problem is I can't go back because my homekit was broken in those old ones.
Hello all - I must say I am sick of these DoS attacks from variety of sources.
Have since sent emails (with details) to their "abuse" emails, etc.
Very large number from Amazon Technologies (!) and Lime Light Networks
[DoS Attack: ACK Scan] from source: 52.25.181.51, port 443, Monday, June 25, 2018 20:34:46
[DoS Attack: TCP/UDP Chargen] from source: 209.126.136.5, port 48682, Monday, June 25, 2018 19:56:21
[DoS Attack: RST Scan] from source: 134.19.190.38, port 80, Monday, June 25, 2018 18:43:41
[DoS Attack: SYN/ACK Scan] from source: 31.13.84.1, port 80, Monday, June 25, 2018 18:22:44
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:59:01
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:59:01
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:59:01
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:59:01
[DoS Attack: ACK Scan] from source: 208.111.173.167, port 80, Monday, June 25, 2018 16:59:01
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:57:46
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:57:46
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:57:46
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:57:46
[DoS Attack: ACK Scan] from source: 208.111.173.167, port 80, Monday, June 25, 2018 16:57:46
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:56:31
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:56:31
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:56:31
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:56:31
[DoS Attack: ACK Scan] from source: 208.111.173.167, port 80, Monday, June 25, 2018 16:56:31
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:55:16
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:55:16
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:55:16
[DoS Attack: ACK Scan] from source: 208.111.173.167, port 80, Monday, June 25, 2018 16:55:16
[DoS Attack: ACK Scan] from source: 208.111.149.129, port 80, Monday, June 25, 2018 16:54:01
[DoS Attack: ACK Scan] from source: 208.111.155.129, port 80, Monday, June 25, 2018 16:54:01
[DoS Attack: ACK Scan] from source: 208.111.173.167, port 80, Monday, June 25, 2018 16:54:01
[DoS Attack: ACK Scan] from source: 86.105.196.110, port 3306, Monday, June 25, 2018 16:35:04
[DoS Attack: RST Scan] from source: 66.225.197.197, port 80, Monday, June 25, 2018 16:31:51
[DoS Attack: SYN/ACK Scan] from source: 37.242.246.38, port 11211, Monday, June 25, 2018 14:41:27
[DoS Attack: SYN/ACK Scan] from source: 167.114.156.139, port 80, Monday, June 25, 2018 14:14:46
[DoS Attack: SYN/ACK Scan] from source: 167.114.156.139, port 80, Monday, June 25, 2018 13:56:51
[DoS Attack: SYN/ACK Scan] from source: 62.210.92.188, port 80, Monday, June 25, 2018 13:55:23
[DoS Attack: SYN/ACK Scan] from source: 167.114.156.139, port 80, Monday, June 25, 2018 13:44:59
[DoS Attack: SYN/ACK Scan] from source: 62.210.92.188, port 80, Monday, June 25, 2018 13:44:17
[DoS Attack: SYN/ACK Scan] from source: 167.114.156.139, port 80, Monday, June 25, 2018 13:38:43
[DoS Attack: ACK Scan] from source: 157.240.22.39, port 443, Monday, June 25, 2018 13:18:06
[DoS Attack: RST Scan] from source: 72.167.18.237, port 80, Monday, June 25, 2018 13:16:42
