Reply

Re: Set 450R Router to only allow OPEN DNS

Dilinger2020
Follower

Set 450R Router to only allow OPEN DNS

Actually XR450 Gaming router.

I am seeing attacks come in on port 53 to one of my pc inside my network. I want to block it at the router.

 

Open DNS

The recommenation is to

ALLOW TCP/UDP IN/OUT to 208.67.222.222 or 208.67.220.220 on Port 53

and

BLOCK TCP/UDP IN/OUT all IP addresses on Port 53
 

However I only see content filtering. I can block all of 53, but I don't see how to allow the above.

Am I missing something?

 

I did a quick search, and did not find anything related, if there is another thread please mock me and list the link and I will read.

I appreciate the help .

 

Dilinger

MCP Demands your presence on the game grid.

 

HISTORY

Here is the Norton Block Notification

Category: Intrusion Prevention
6/23/2019 3:27:15 PM,High,

An intrusion attempt by 192.168.1.1 was blocked., (My Night Hawk Router)

Blocked,No Action Required,

Web Attack: Fake Tech Support Website 295,

No Action Required,

No Action Required,"192.168.1.1, 53",

"MYPC(192.168.x.x, 57464)",192.168.1.1,"UDP, Port 53"

 

Model: XR500|Nighthawk Pro Gaming Router
Message 1 of 3
FURRYe38
Guru

Re: Set 450R Router to only allow OPEN DNS

Sounds like Norton is mistakenly taking the routers IP address as an attack. 

I would try to disable Norton or remove Norton and setup MS Security Essentials and MalwareBytes as a 2ndary security apps and then enable firewall on the PC and see if either of these pick up an actual attack or something coming from the router. Only attacks that would come from the WAN side or internet would be and should be caught by the routers firewall. 

 

Look at the logs on the router to see if there are any such attacks being reported by the router from the WAN side. 


@Dilinger2020 wrote:

Actually XR450 Gaming router.

I am seeing attacks come in on port 53 to one of my pc inside my network. I want to block it at the router.

 

Open DNS

The recommenation is to

ALLOW TCP/UDP IN/OUT to 208.67.222.222 or 208.67.220.220 on Port 53

and

BLOCK TCP/UDP IN/OUT all IP addresses on Port 53
 

However I only see content filtering. I can block all of 53, but I don't see how to allow the above.

Am I missing something?

 

I did a quick search, and did not find anything related, if there is another thread please mock me and list the link and I will read.

I appreciate the help .

 

Dilinger

MCP Demands your presence on the game grid.

 

HISTORY

Here is the Norton Block Notification

Category: Intrusion Prevention
6/23/2019 3:27:15 PM,High,

An intrusion attempt by 192.168.1.1 was blocked., (My Night Hawk Router)

Blocked,No Action Required,

Web Attack: Fake Tech Support Website 295,

No Action Required,

No Action Required,"192.168.1.1, 53",

"MYPC(192.168.x.x, 57464)",192.168.1.1,"UDP, Port 53"

 


 

My Setup (Cable 1Gbps/50Mbps)>CAX80 v2.1.2.1(LAG Disabled)>RBK853 v4.6.3.16
Additional NG HW: C7800/CM1100/CM1200CM2000, Orbi CBK40, CBR750, RBK50(v22), SXR30(v110), R7000(v34), R7800(v84), R7960P(v82), EX7500/EX7700, XR450(v120) and WNHDE111
Message 2 of 3
Netduma-Fraser
NetDuma Partner

Re: Set 450R Router to only allow OPEN DNS

I would agree with FURRYs diagnosis above, this appears to be a misclassification of an attack. It would also be a bad idea to block all traffic other than those IPs on that port - Xbox Live uses this port as well as Apple devices for some services such as FaceTime - might not apply to you but you get the point.
Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 495 views
  • 0 kudos
  • 3 in conversation
Announcements