DoS attack: TCP SYN Flood] from source

acayci wrote:

source 3.17.72.122

FYI, this particular address is registered to Amazon and is part of the AWS cloud.  Best not to block it, as later on it could disrupt use of other cloud services hosted in the EC2 cloud.  You could try reporting the behavior to mailto:trustandsafety@support.aws.com

These detections are pretty common.  I don't think they are linked to the deployment of openvpn.  

acayci wrote:

Secondly how do I ensure only the developers in my team can connect to the router and not anyone else?  

The OpenVPN certificate should prevent other actors (w/o the certificate) from connecting with OpenVPN.  One challenge here is that former team members might hang on to the credentials, which would let them continue to use the service.  AFAIK, there is no way to create a new certficate in my Orbi router (and I think that is also true for other Netgear routers).  So you might not be able to revoke access if you stay with Netgear's built-in service.  

If you are forwarding any ports (or putting a server in the DMZ), then other measures would be needed.  Firewalls on the devices receiving that traffic, and perhaps other security software.  I'd disable upnp in the router.

Netgear routers are designed for home use by consumers - you could also consider getting a business class router. There is a learning curve, so you'd need to be sure you have someone with the skills needed to properly administer it.  But they will give you stronger access controls.  As far as revocation goes, you could also get that by setting up your own VPN server.  There's a learning curve there too.

You could also separate the development resources from the rest of your network, which would give you some more protection for your personal data.  For instance, connect the Netgear router behind a business class firewall, and put your personal devices on the Netgear router (while putting development repos and servers on the business-only network).