NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
DoS Attacks RAXE500
Currently experiencing repeated DoS attacks on new RAXE500. So far, one of the RST attacks was successful at rebooting my router and exposing my disabled Access Points. I've contacted my ISP (G-Fiber) to report the issue. Any suggestions?
[DoS attack: snmpQueryDrop] from source 94.102.61.30,port 36600 Wednesday, Dec 06, 2023 03:28:15
[DoS attack: snmpQueryDrop] from source 198.235.24.171,port 55731 Wednesday, Dec 06, 2023 02:34:25
[DoS attack: snmpQueryDrop] from source 152.32.247.30,port 43462 Wednesday, Dec 06, 2023 01:17:04
[DoS attack: snmpQueryDrop] from source 152.32.247.30,port 51681 Wednesday, Dec 06, 2023 01:16:59
[DoS attack: snmpQueryDrop] from source 45.148.10.241,port 14300 Wednesday, Dec 06, 2023 01:00:03
[DoS attack: snmpQueryDrop] from source 198.98.56.20,port 50537 Tuesday, Dec 05, 2023 23:07:22
[DoS attack: snmpQueryDrop] from source 205.210.31.138,port 52317 Tuesday, Dec 05, 2023 22:07:30
[DoS attack: snmpQueryDrop] from source 184.105.139.67,port 9644 Tuesday, Dec 05, 2023 20:43:24
[DoS attack: snmpQueryDrop] from source 192.46.224.69,port 48565 Tuesday, Dec 05, 2023 19:57:11
[DoS attack: RST Scan] from source 54.201.29.41,port 443 Tuesday, Dec 05, 2023 18:57:08
[DoS attack: snmpQueryDrop] from source 162.221.192.29,port 35769 Tuesday, Dec 05, 2023 18:17:35
[DoS attack: RST Scan] from source 74.119.119.73,port 443 Tuesday, Dec 05, 2023 18:07:11
[DoS attack: RST Scan] from source 198.148.27.131,port 443 Tuesday, Dec 05, 2023 17:48:21
[DoS attack: RST Scan] from source 23.209.84.169,port 443 Tuesday, Dec 05, 2023 16:29:41
[DoS attack: RST Scan] from source 23.209.84.186,port 443 Tuesday, Dec 05, 2023 16:29:14
Thanks
R
3 Replies
Rune10 wrote:
Currently experiencing repeated DoS attacks on new RAXE500.
Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Use Whois.net to see who is behind some of them and you may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.
Thank you! The IPNet download is very helpful. I will try disabling the DoS logging.
Rune10 wrote:
Thank you! The IPNet download is very helpful. I will try disabling the DoS logging.
Might not be a bad idea. But may not be essential if your network is running smoothly.
If you check you log, you will see that it was mostly the usual suspects. Amazon and others who clearly aren't trying to do nasty things to you.
