NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Cable Modem/Router
Hello, Could anyone please advise on the following? I've noticed the following in the log of my router and these DOS attacks have me concerned. Can someone please explain what's happening here and what should be done to eliminate this?
| Description | Count | Last Occurrence | Target | Source |
| [DoS attack: SYN Flood] from 54.230.5.183, port 443 | 1 | Sat Dec 24 20:19:20 2016 |
| Description | Count | Last Occurrence | Target | Source |
| [DoS attack: SYN Flood] from 54.230.5.183, port 443 | 1 | Sat Dec 24 20:19:20 2016 | 54.230.5.183:443 | |
| [DoS attack: SYN Flood] from 54.239.16.235, port 80 | 1 | Sat Dec 24 20:19:16 2016 | 54.239.16.235:80 | |
| [DoS attack: SYN Flood] from 72.21.91.8, port 80 | 1 | Sat Dec 24 20:19:07 2016 | 72.21.91.8:80 | |
| [DoS attack: TCP- or UDP-based Port Scan] from 66.90.130.10, port 53 |
1 Reply
Your cable modem/router has identified what it believes are attacks from a variety of sources. Two of those addresses belong to Amazon, one to Verizon and another Grande Communications Networks. It's a bit unusual but probably not unheard for an attack to originate from legitimate companies such as these. This is why some of us here believe that the DoS attack detection logic in Netgear's code might occasionally be too aggressive in labeling something as an attack. Whether or not this is true, your router has stopped these "attacks". The truth of the matter is that the Internet is a dangerous place and attacks like these are not uncommon. There's really nothing you can do to stop them from coming. You can only trust that your router will do its job to keep them out of your network.
