NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Cvaughn8086
Oct 11, 2021Aspirant
R8000P Dos attack:fraggle attack from 10.3.0.1
EVery few tenths of a second I see a log entry for [dos attack : fraggle attack] from source 10.3.0.1, port 67. 10.3.0.1 is a private ip but not one I use in my local network. The kid's laptop will start to see sluggish internet download speeds and sometimes will be reduced to just kB/sec. a router reboot is required to remove it from that state. Oddly, the one laptop is the only device impacted. Not sure how to tell if this is a false positive or legit and how to stop it, regardless. I just upgraded to firmware version 1.4.2.84 today but no change. Any assistance is greatly appreciated. Thanks.
3 Replies
- FURRYe38Guru - Experienced User
What Firmware version is currently loaded?
What is the Mfr and model# of the Internet Service Providers modem/ONT the NG router is connected too?- microchip8Master
NG is notoriously known for many false positives. 99% of all "DoS attacks" are from legitimate sources.. I suggest turning off logging of DoS entries or completely turning off DoS protection as it is mostly useless.
- Cvaughn8086Aspirant
Firmware version is: V1.4.2.84_1.3.42
Modem make/model is: Arris SB8200
FYI, I enabled netgear armor to see if that would help, but it didn't. I still see the attacks in the logs and the same laptop was reduced down to less than 3mb/sec download speed today. Had to restart the router to restore normal download speeds.