NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
DOS ATTACK drops internet completely
Background:
I've tried many things from forums, I know these are false positives as they are from places like Microsoft, Amazon, and Valve(or steam)
I just don't know why it keeps disconnecting me from the internet, the whole house at that. Wired, and Wifi.
Firmware: V1.3.2.126_10.1.66
LOGS:
[Admin login] from source 192.168.50.16, Monday, Dec 14,2020 03:00:39
[DHCP IP: (192.168.50.9)] to MAC address 98:B8:BA:1E:A3:54, Monday, Dec 14,2020 03:00:36
[DHCP IP: (192.168.50.8)] to MAC address 10:F1:F2:0A:D5:E5, Monday, Dec 14,2020 02:59:49
[DHCP IP: (192.168.50.4)] to MAC address B8:27:EB:87:53:88, Monday, Dec 14,2020 02:59:25
[DoS attack: ACK Scan] attack packets in last 20 sec from ip [52.230.222.68], Monday, Dec 14,2020 02:59:20
[Time synchronized with NTP server] Monday, Dec 14,2020 02:59:07
[Internet connected] IP address: *My IP just keeping this hidden(don't know if nec*, Monday, Dec 14,2020 02:59:06
[Internet disconnected] Monday, Dec 14,2020 02:59:06
[DHCP IP: (192.168.50.6)] to MAC address 8C:45:00:82:D2:6B, Monday, Dec 14,2020 02:58:53
[DHCP IP: (192.168.50.4)] to MAC address B8:27:EB:87:53:88, Monday, Dec 14,2020 02:58:44
[Initialized, firmware version: V1.3.2.126] Monday, Dec 14,2020 02:58:43
[DHCP IP: (192.168.50.12)] to MAC address B8:27:EB:55:49:0E, Monday, Dec 14,2020 02:58:38
[DHCP IP: (192.168.50.24)] to MAC address A8:47:4A:18:DA:C9, Monday, Dec 14,2020 02:58:38
[DHCP IP: (192.168.50.62)] to MAC address 1C:1E:E3:00:59:AE, Monday, Dec 14,2020 02:58:38
[DHCP IP: (192.168.50.29)] to MAC address 68:1C:A2:14:01:B2, Monday, Dec 14,2020 02:58:37
[DHCP IP: (192.168.50.3)] to MAC address 4C:A1:61:06:FA:A9, Monday, Dec 14,2020 02:58:35
4 Replies
There is only one DoS attack in there. Hardly enough to bring the thing to its knees. I assume that there are more somewhere.
Have you tried disabling the logging of those events?
They may put a strain in the router's processor which could explain the behaviour.
Also disabling things like QoS and the traffic meter. They also use processor power.
Thanks for quick reply, I have it logging everything and I believe Traffic meter is on, I'll turn those off and get back to you.
I know it's hardly enough thats why its just weird, cause it'll always be just one false positive then down for like 1 min, and back up again.Happened again, much later than usual, but still, wipeed internet off, Did you mean for me to basically have it not log at all or just the "DOS attacks"
