NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
R8000P [DOS Attack: Fraggle Attack]
Netgear Nighthawk X65 AC4000 Model R8000P
Firmware V1.4.4.94_1.3.56
When I view my Administrator Log I see reoccurring logs every minute
[DOS Attack: Fraggle Attack] from source [my public ip] port [my port] date timestamp
I’ve seen other posts about these DOS Attacks of different types.
I’m not an expert, but from what I can gather it shouldn’t be possible to get a real DOS Attack that comes from my own IP. Seems like these warnings maybe false positives. I checked with my ISP and they seem to agree with this line of thinking, but the discussion was far from definitive.
I was hoping someone could offer more clarity on my situation which seems different from other posts in that the source is my own IP.
Any insight would be greatly appreciated. Thanks
2 Replies
Thought may have been a attack, the firewall blocked it and is just reporting it in the logs. Part of the FW system and logging is when those issues are found or seen by the system, it gets logged.
I’m not an expert, but from what I can gather it shouldn’t be possible to get a real DOS Attack that comes from my own IP
The source IP address is often spoofed by the attacker (replaced with a different one to hide the source). And it is fairly common to replace it with the destination IP address (which is your router's WAN address).
As FURRYe38 says, the attack was detected. But your ISP should know about IP-spoofing, and IMO should have followed up. It is a denial of service attack, so it is intended to flood their network with these attack packets.
If you use torrent software, you might turn that off for a while, and see if the reports stop.
