NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
DoS Attack by Multiple IP's?
Hello, i have a NETGEAR WNR2500 router and have recently experienced a DoS attack from what looked like multiple IP addresses according to my router log. I have tried everything to stop the person wh...
The next time you see the [LAN access from remote] logs, you can open a Command Prompt as Administrator on the targeted machine (assuming it's running Windows) and run netstat -b to obtain a listing of network connections and user processes that is responsible for each connection. In the example above, the LAN access targeted port 15930 on your computer, so you would look for that port in the netstat. If the owner process looks suspicious, then your computer could be compromised.
As I recommended already, you should disable uPNP. If your computer is compromised, it could be using uPNP to open ports in your router to allow unsolicited incoming traffic from the Internet.
192.168.1.11 is being targeted by all of the remote traffic.
Okay i see. Then that would be my computers IP.
The next time you see the [LAN access from remote] logs, you can open a Command Prompt as Administrator on the targeted machine (assuming it's running Windows) and run netstat -b to obtain a listing of network connections and user processes that is responsible for each connection. In the example above, the LAN access targeted port 15930 on your computer, so you would look for that port in the netstat. If the owner process looks suspicious, then your computer could be compromised.
As I recommended already, you should disable uPNP. If your computer is compromised, it could be using uPNP to open ports in your router to allow unsolicited incoming traffic from the Internet.