NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

gage6953's avatar
gage6953
Follower
Jun 20, 2023

DoS attack: RST/ACK Scan

Hello,

I have recently looked at my router logs and it says that there was a DoS Attack: RST Scan, I looked up the source IP and it read Amazon Data Center. I also had a ACK Scan and when I looked up that source IP it read Akamai Data Center.

They all have the same port, "443."

 

Could someone help me or tell me why I am having DoS Attacks from a Datacenter??

 

Examples:

[DoS attack: RST Scan] from source 3.14.234.240, port 443 Tuesday, Jun 20,2023 12:10:33

[DoS attack: ACK Scan] from source 23.60.13.24,port 443 Tuesday, Jun 20,2023 11:50:35

1 Reply

  • michaelkenward's avatar
    michaelkenward
    Guru - Experienced User
    Jun 20, 2023
    gage6953 wrote:

     

    Could someone help me or tell me why I am having DoS Attacks from a Datacenter??

     

    You aren't.

     

    Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.

     

    Search - NETGEAR Communities – DoS attacks

     

    As you have found, you can use Whois.net to see who is behind some of them and you find that they are from places like Facebook, Google, even your ISP.

     

    Here is a useful tool for that task:

     

    IPNetInfo: Retrieve IP Address Information from WHOIS servers

     

    If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.