NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Blocked sites and blocked services NOT working properly
I have a WNDR3800 and the blocked sites and blocked services features is NOT woring correctly. Any time I use ftp I can successfully send 189 files and then the log starts making entries that the...
universal4 wrote:
I have a WNDR3800 and the blocked sites and blocked services features is NOT woring correctly.
Any time I use ftp I can successfully send 189 files and then the log starts making entries that the server is attempting a dos attack with the ftp responses on port 20.
If you didn't catch that yet, the allowed ip (mine) or the allowed service are there and never go away, but the router still blocks the traffic, unless I click apply again.
There are two things going on in there. Logging and blocking "attacks" are not the same thing.
First, it may not be blocking anything. Logging simply records events, even when there is nothing to block.
Second, blocking isn't always what slows down the router.
Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.
So, you can see if it is possible to disable logging in a router of that vintage. If you can, that might eliminate the symptoms you see. If not, then disabling DOS
As plemans says, you are using a decade old router. (Look at its wifi technology.) It was never going to set the world on fire, some people say that disabling DoS Protection is not as harmful as the name suggests. Indeed, a router that old may have other security issues. Who knows what nasties have come along in the almost five years since there was last a firmware update for this thing?
The suggestion of search DDOS attacks is silly as this as not due to a dos attack.
I never once suggested the issue was caused by logs, I only supplied that information to show what was happening and why the fir,ware was being stuupid and not allowing a device inside the subnet use a trusted service.
This is a flaw in Netgear firmware, and I was hoping there weould be reasonable information about a real fix, or at least what version of firmware from Netgear actually fixed this.
The only other option is certainly to not use Netgear products, as it has neither been acknowledged nor any offer of suggestions such as, "be sure the outer has formware version x or above, or that firmware versions are dated after x date".
The suggestion that it is due to blocking I have put in place, actually I had NOT added anything to the allowed service or allowed IP until after I discovered the problem, after recently moving one of my machines at home to the subnet behind the netgear router.
Again, my research shows that this issue is 100% that the router forgets to allow the ip addy of the machine, or that ftp should not be a blocked service.
ftp 500 files, approximately 189-190 with be successful, it wil stop, click the apply button for allowing that private ip's device, anoother 190 will go, and must click it again to finish the last 120 or so.
Again, for clarification, these are not incoming ftp, but outgoing to a public server, on a public subnet, and the machine that experiences the issue is behine a WNDR3800, single nat not a double nat issue. The ftp connection is to an ip, not a hostname. Active connection with Filezilla on both ends.