NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Woke up to weird sound. Fragile, DDOS attack and remote access all in my AX6000 router log.
So I picked up an RX80 used and I'm getting a lot of DDOS scans, access from remote and a little fragile. I had an R7000 previously that I also have connected to in the back area of the house. So I c...
Newer routers will flassify more types of traffic detected. Pretty much all of the DOS related stuff can be ignored unless you see the log being flooded rapidly and internet traffic performing worse than dialup.
Due to how many infected systems are out there, as well as how many bot networks are out there, they are constantly checking through every IP address in an endless loop. A common term to refer to it is internet background radiation. It is simply unwanted traffic that everyone receives because out of billions of people on earth, there are still a few million that believe a browser toolbar will give them free movies, or some app will "fix" their registry or update their drivers or boost performance.
Older routers will not add traffic to a log that the firmware never contined thhe code needed to identify the traffic.
Beyond that there are still systems online running windows XP and even windows 98 that are infected, and still trying to spread Nimda
I just don't like how the connection drops or gets extremely slow. Doesn't happen at all on the R7000.
For slowdowns, that needs to be investigated, for example, when it happens, is it slow for wired devices as well as wireless?
Usuallly it is impossible for a router to do much about DOS attack, since the purpose of one is not to attack the router itself (with the exception of extremely rare cases such as devices with remote access enabled and unsecured), but instead to saturate the last mile of your WAN connection, and fill any buffers as rapidly as possible so all legit traffic gets dropped. For example, a user has a 100mbit connection, but they are hit with a DDOS at 10+Gbps, only 100Mbps of junk will make it through the last mile, but somewhere within the ISPs network, the excess traffic will start getting dropped as buffers filll, and the user's connection becomes useless during the attack. It is uncommon for it to ever happen to a home user, with the exception of some toxic gaming communities where if they can ge ta hold of someone's WAN IP they may do a DOS attack during a match, or if they find that the user is on comcast or some other ISP with a data cap, they will do a DOS attack over night as a way of burning through their data cap since ISPs like comcast and many other capped ones log traffic based on what is directed towards your WAN IP regardless of what reaches you, thus someone can have a 200mbit connection, but a 10Gbps DOS attack will eat through their cap at 10Gbps even though only a tiny fraction of that data will actually reach the user.
Overall for home users, that is about as bas as a DOS attack will get.
- I'm going shelf the router or trash it. Won't be buying another Netgear product after reading about how terrible they've become. Everyone is having issues with this thing