NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

one2busy's avatar
one2busy
Aspirant
Oct 30, 2022

Why over 200 smurf attack packets from Comcast IP's within a day.

For about a two weeks, I've been getting 100's of smurf attack packets on my Netgear R7000P NightHawk.  The ip's seem to be comcast's.   On Oct. 29, 2022 there seems to be over 200.   Is there a ...
microchip8's avatar
microchip8
Master
Oct 30, 2022

False positives. NG is famously known for that. Either disable logging of these or completely disable DoS protection.

And yes michaelkenward processing/dropping/blocking at iptables levels is far more expensive than just logging somme entries in the logs

Besides, what's the point keeping it on if 85-90% are false positives? The rest 10-15% is just yoour regular spambots testing trying to get in. It's useless

michaelkenward's avatar
michaelkenward
Guru - Experienced User
Oct 30, 2022
microchip8 wrote:


Besides, what's the point keeping it on if 85-90% are false positives? The rest 10-15% is just yoour regular spambots testing trying to get in. It's useless

Keeping what on? Protection or logging?

 

 

  • microchip8's avatar
    microchip8
    Master
    Oct 30, 2022

    Protection. Logs just get spammed by false positives. In my 22 years of Linux experience and particulary iptables/nftables, I can 100% assure you iptables/nftables takes way more prcessing power than writing some lines to the log. Yes, the log uses a % or so but nowhere near the amount of iptables/nftables.