Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

DGND3700v2 Strange logs

AusDazza
Aspirant
Aspirant
‎2022-11-28 02:33 PM
‎2022-11-28 02:33 PM

DGND3700v2 Strange logs

Hi,

 

I'm currently having issues with my router the DGND3700v2. For the past 2-3 weeks the modem will just die, we'll lose Internet connect and start receiving DNS probe errors from Google Chrome. To fix this I've been restarting the the device this works temporarily.

 

Today I was researching new gateways to replace it, however, when I checked the logs on the router I noticed something strange. I'm receiving a large number of NodeJS messages coming from various IP addresses and ports all around the same time. This would line up to about the time when the router died on Monday. The messages all say "NodeJS rule not match". When I search for this message Google returns nothing.

 

Do I have a rogue application or is somebody DDoSing my network? I've attached a copy of the logs (replacing my public IP with xxx's).

 

Thanks in advance.

Message 1 of 4
0 Kudos
Reply
michaelkenward
Guru Guru
Guru
‎2022-11-29 03:01 AM
‎2022-11-29 03:01 AM

Re: DGND3700v2 Strange logs

@AusDazza wrote:

 

I'm currently having issues with my router the DGND3700v2. For the past 2-3 weeks the modem will just die, we'll lose Internet connect and start receiving DNS probe errors from Google Chrome. To fix this I've been restarting the the device this works temporarily.

 

What firmware version do you have on your decade old ADSL modem/router?

A number is more useful than "the latest". (It may not be by the time people read this.) There can also be newer versions, or "hot fixes", that do not show up if you check for new firmware in the browser interface.

Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.

 

Search - NETGEAR Communities – DoS attacks

 

Use Whois.net to see who is behind some of them and, as you have discovered, they can from places like Facebook, Google, even your ISP.

 

Have youi tried a reset of the DGND3700v2?

 

Message 2 of 4
0 Kudos
Reply
AusDazza
Aspirant
Aspirant
‎2022-11-30 11:44 AM
‎2022-11-30 11:44 AM

Re: DGND3700v2 Strange logs

Thanks for the reply. I'm running the latest firmware v.26 from the Netgear support page, strangely though the router reports v.23 even after a reboot.

After the update I did a factory reset and things seem to have calmed down. Thanks for putting my mind at ease.

When I did a whois of the ips they mostly seemed to be from American tech companies such as CariNET, Ripe network, Amazon, Census.
Message 3 of 4
0 Kudos
Reply
michaelkenward
Guru Guru
Guru
‎2022-12-01 02:42 AM
‎2022-12-01 02:42 AM

Re: DGND3700v2 Strange logs

@AusDazza wrote:

When I did a whois of the ips they mostly seemed to be from American tech companies such as CariNET, Ripe network, Amazon, Census.

Join the club. Those log entries can confuse even the most experience users.

 

Trying to understand nature of "DoS attack: RST Sc... - NETGEAR Communities

Message 4 of 4
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 3 replies
  • ‎2022-11-28 02:33 PM
  • 523 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 7