NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
What is happening in my logs for my modem/router? Dos, Remote and other stuff.
So i run malwarebyts rootkit scanner and it found so virus or infected rootkits(idk how or if they are different). Anyways i decided i should also check my logs for my router/modem and sure enough if found so dos, remotes and other things. So my questions are should i be worried? What did it do? Do you guys recommend any other anti virus/rootkit scanners to run or any other useful scanner? So far i used malwarebytes, malwarebytes rootkit scanner and Avast antivirus.
before i post the logs of my network is there anything i should censor? Will be here waiting.
5 Replies
so here are the logs. I found out that my phone is the one doing this (Dos attacks). The ip 36.3.10.0:0 is my phone it somehow changed and started dos again so it was not my pc doing this but my phone im going to factory reset my phone and see if that works fixs it.
[DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 23:00:55 2017 220.63.58.72:0 36.3.10.0:0 [ [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 22:02:06 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 2 Wed Jul 26 22:01:50 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 22:01:47 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 22:01:29 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 22:01:29 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 22:01:26 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 22:00:28 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 17 Wed Jul 26 22:00:23 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 3 Wed Jul 26 21:59:39 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 3 Wed Jul 26 21:59:38 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:58:30 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:57:16 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 2 Wed Jul 26 21:57:16 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 22 Wed Jul 26 21:56:43 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:55:51 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 2 Wed Jul 26 21:55:02 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:54:09 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:54:09 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:54:05 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 3 Wed Jul 26 21:52:24 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:51:32 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 6 Wed Jul 26 21:51:28 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 4 Wed Jul 26 21:51:22 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:51:22 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:51:19 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:51:18 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 6 Wed Jul 26 21:51:16 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:49:37 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 2 Wed Jul 26 21:49:37 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:31 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 3 Wed Jul 26 21:45:31 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:31 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:10 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:07 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:07 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 5 Wed Jul 26 21:45:07 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:45:00 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 12 Wed Jul 26 21:44:58 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:44:57 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 7 Wed Jul 26 21:17:55 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 6 Wed Jul 26 21:17:41 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:17:40 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:17:40 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 21:17:40 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 21:17:40 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 21:17:39 2017 220.63.58.72:0 36.3.10.0:0 [LAN access from remote] from 157.56.144.216:3544 to 192.168.0.11:59412 1 Wed Jul 26 21:17:26 2017 192.168.0.11:59412 157.56.144.216:3544 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 3 Wed Jul 26 21:17:10 2017 220.63.58.72:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 10 Wed Jul 26 12:14:48 2017 136.91.114.146:0 36.3.10.0:0 [DHCP IP: 192.168.0.12] to MAC address fc:8f:90:8a:4c:6a 1 Wed Jul 26 11:29:59 2017 0.0.0.0:0 0.0.0.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 12 Wed Jul 26 11:11:17 2017 136.91.114.146:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 10:35:36 2017 40.17.244.67:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 2 Wed Jul 26 10:35:24 2017 40.17.244.67:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 10:34:14 2017 40.17.244.67:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 10:32:06 2017 136.91.114.146:0 36.3.10.0:0 [DoS attack: Ping Of Death] from 36.3.10.0, port 0 1 Wed Jul 26 10:31:44 2017 40.17.244.67:0 36.3.10.0:0 [DoS attack: Teardrop or derivative] from 36.3.10.0, port 0 1 Wed Jul 26 10:24:57 2017 40.17.244.67:0 36.3.10.0:0 [DoS attack: Illegal Fragments] from 36.3.10.0, port 0 1 Wed Jul 26 10:24:56 2017 40.17.244.67:0 36.3.10.0:0 While you are at it, you might want to disable UPnP on the router, unless you need it for gaming. You should change the admin password on the router, too.
yea i changed my password for my router because it had the default one(password thats bad probably) and the wifi password too which had a more complex password. So was my phone just Dos a website or what was it doing and what is that remote thing?
