NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
xr500 Dos attacks What the heck....
What the hell is going on with all these Dos attacks. I've been reading some of these links and my question is are they real or not? If these attacks are not real then why is this happening? This ...
What FW is currently loaded? the latest one
What is the Mfr and model# of the ISP modem the NG router is connected too? netgear cm1000
thanks
Please post a short snippet of what your seeing in the router logs. Just a few lines.
Birdwatch wrote:
What FW is currently loaded? the latest one
What is the Mfr and model# of the ISP modem the NG router is connected too? netgear cm1000
thanks
[DoS Attack: SYN/ACK Scan] from source: 116.0.72.4, port 636, Wednesday, March 06, 2019 01:30:18
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:59
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:56
[DoS Attack: SYN/ACK Scan] from source: 122.70.154.19, port 443, Wednesday, March 06, 2019 00:51:47
[DoS Attack: SYN/ACK Scan] from source: 192.229.100.224, port 80, Tuesday, March 05, 2019 22:48:11
Here's a few
[DoS Attack: ACK Scan] from source: 17.249.172.32, port 5223, Tuesday, March 05, 2019 21:48:00
[DoS Attack: ACK Scan] from source: 17.249.172.32, port 5223, Tuesday, March 05, 2019 21:46:45
Here's some more
- Logs are verbose as they are primarily for developers. They are not meant for users to come up with an issue. DoS Attack entries are common on Netgear routers and do cause unnecessary panic. They appear just from browsing the internet etc, one of those IP addresses belong to Apple so I assume you either have an Apple device or went to a website of theres or something along those lines. The entries are harmless and DoS protection is enabled by default anyway if there was something sinister happening you'd be protected.
You can use whois.domaintools.com to see where those IP addresses are coming from.
Birdwatch wrote:
[DoS Attack: SYN/ACK Scan] from source: 116.0.72.4, port 636, Wednesday, March 06, 2019 01:30:18
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:59
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:56
[DoS Attack: SYN/ACK Scan] from source: 122.70.154.19, port 443, Wednesday, March 06, 2019 00:51:47
[DoS Attack: SYN/ACK Scan] from source: 192.229.100.224, port 80, Tuesday, March 05, 2019 22:48:11
Here's a few
Ok, thank you both for the replies. But, this is unacceptable bottom line. I'm sure a lot of people would agree. If these are harmless then they need to identify it another way other than a Dos-attack. How is regular consumer going to distinguish a real threat vs a harmless one. I wish some other folks would chime in here.
What about the WLan part?
Please don't take it personal guys I do appreciate the help and answers.
Thanks
