× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.
Orbi WiFi 7 RBE973
Reply

dos attack

crimsonjedi
Aspirant

dos attack

[DHCP IP: 192.168.1.4] to MAC address 00:17:88:a1:db:46, Monday, July 16, 2018 17:35:02
[DumaOS] DHCP new event., Monday, July 16, 2018 17:35:02
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:35:02
[UPnP set event: del_nat_rule] from source 192.168.1.3, Monday, July 16, 2018 17:37:19
[Time synchronized with NTP server] Monday, July 16, 2018 17:39:39
[DHCP IP: 192.168.1.8] to MAC address 78:9f:70:9f:0d:39, Monday, July 16, 2018 17:40:31
[DumaOS] DHCP new event., Monday, July 16, 2018 17:40:31
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:40:31
[DHCP IP: 192.168.1.8] to MAC address 78:9f:70:9f:0d:39, Monday, July 16, 2018 17:40:31
[DumaOS] DHCP new event., Monday, July 16, 2018 17:40:31
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:40:31
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Monday, July 16, 2018 17:47:11
[DumaOS] DHCP new event., Monday, July 16, 2018 17:47:11
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:47:11
[DHCP IP: 192.168.1.2] to MAC address 40:16:3b:69:86:2e, Monday, July 16, 2018 17:58:42
[DumaOS] DHCP new event., Monday, July 16, 2018 17:58:42
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:58:42
[DHCP IP: 192.168.1.3] to MAC address 2c:54:91:01:0f:70, Monday, July 16, 2018 17:59:08
[DumaOS] DHCP new event., Monday, July 16, 2018 17:59:08
[DumaOS] DHCP lease change., Monday, July 16, 2018 17:59:08
[UPnP set event: add_nat_rule] from source 192.168.1.3, Monday, July 16, 2018 17:59:16
[UPnP set event: del_nat_rule] from source 192.168.1.3, Monday, July 16, 2018 18:00:13
[DoS Attack: ACK Scan] from source: 65.54.187.16, port 443, Monday, July 16, 2018 18:53:10
[DoS Attack: ACK Scan] from source: 65.54.187.16, port 443, Monday, July 16, 2018 18:53:13
[DoS Attack: ACK Scan] from source: 65.54.187.16, port 443, Monday, July 16, 2018 18:53:13
[DumaOS] Cloudsync DPI result 'false','All mirrors are down', Monday, July 16, 2018 19:04:08
[DumaOS] Resync R-App store cloud, Monday, July 16, 2018 19:05:26
[DumaOS] HTTP download failed with code '404', Monday, July 16, 2018 19:05:27
[DumaOS] R-App store cloud sync failed, Monday, July 16, 2018 19:05:27
[DHCP IP: 192.168.1.5] to MAC address 9c:b6:d0:6b:e2:f7, Monday, July 16, 2018 20:39:17
[DumaOS] DHCP new event., Monday, July 16, 2018 20:39:17
[DumaOS] DHCP lease change., Monday, July 16, 2018 20:39:17
[DHCP IP: 192.168.1.9] to MAC address 10:65:30:58:b7:4c, Monday, July 16, 2018 20:39:18
[DumaOS] DHCP new event., Monday, July 16, 2018 20:39:18
[DumaOS] DHCP lease change., Monday, July 16, 2018 20:39:18
[DHCP IP: 192.168.1.8] to MAC address 78:9f:70:9f:0d:39, Monday, July 16, 2018 21:11:23
[DumaOS] DHCP new event., Monday, July 16, 2018 21:11:23
[DumaOS] DHCP lease change., Monday, July 16, 2018 21:11:23
[DoS Attack: SYN/ACK Scan] from source: 95.216.15.88, port 8888, Monday, July 16, 2018 21:48:55
[DoS Attack: SYN/ACK Scan] from source: 95.216.15.88, port 8888, Monday, July 16, 2018 22:00:02
[Internet connected] IP address: 68.227.118.78, Monday, July 16, 2018 22:03:00
[DoS Attack: SYN/ACK Scan] from source: 185.21.60.6, port 80, Monday, July 16, 2018 22:35:45
[DoS Attack: SYN/ACK Scan] from source: 185.21.60.6, port 80, Monday, July 16, 2018 23:14:41
[DoS Attack: TCP/UDP Chargen] from source: 209.126.136.5, port 54877, Monday, July 16, 2018 23:40:34
[DHCP IP: 192.168.1.7] to MAC address 30:fd:38:af:e6:46, Monday, July 16, 2018 23:48:43
[DumaOS] DHCP new event., Monday, July 16, 2018 23:48:43
[DumaOS] DHCP lease change., Monday, July 16, 2018 23:48:43
[DoS Attack: ACK Scan] from source: 64.4.16.211, port 443, Tuesday, July 17, 2018 00:16:52
[DoS Attack: SYN/ACK Scan] from source: 23.91.123.120, port 80, Tuesday, July 17, 2018 00:26:23
[DoS Attack: SYN/ACK Scan] from source: 92.45.4.105, port 80, Tuesday, July 17, 2018 00:31:02
[DoS Attack: RST Scan] from source: 52.221.246.13, port 13929, Tuesday, July 17, 2018 00:36:07
[DoS Attack: SYN/ACK Scan] from source: 144.76.155.220, port 8888, Tuesday, July 17, 2018 00:39:26
[DoS Attack: SYN/ACK Scan] from source: 52.221.246.13, port 13929, Tuesday, July 17, 2018 00:42:57
[DoS Attack: SYN/ACK Scan] from source: 144.76.155.220, port 8888, Tuesday, July 17, 2018 00:43:51
[DoS Attack: SYN/ACK Scan] from source: 178.63.68.200, port 5816, Tuesday, July 17, 2018 00:45:33
[DoS Attack: SYN/ACK Scan] from source: 178.63.68.200, port 5816, Tuesday, July 17, 2018 00:51:01
[DoS Attack: SYN/ACK Scan] from source: 144.76.155.220, port 8888, Tuesday, July 17, 2018 01:00:48
[DoS Attack: SYN/ACK Scan] from source: 144.76.155.220, port 8888, Tuesday, July 17, 2018 01:06:09
[DoS Attack: SYN/ACK Scan] from source: 144.76.155.220, port 8888, Tuesday, July 17, 2018 01:16:21
[DoS Attack: SYN/ACK Scan] from source: 185.50.25.17, port 80, Tuesday, July 17, 2018 02:54:23
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Tuesday, July 17, 2018 03:43:03
[DumaOS] DHCP new event., Tuesday, July 17, 2018 03:43:03
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 03:43:03
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Tuesday, July 17, 2018 03:43:04
[DumaOS] DHCP new event., Tuesday, July 17, 2018 03:43:04
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 03:43:04
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Tuesday, July 17, 2018 03:44:49
[DumaOS] DHCP new event., Tuesday, July 17, 2018 03:44:49
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 03:44:49
[DHCP IP: 192.168.1.4] to MAC address 00:17:88:a1:db:46, Tuesday, July 17, 2018 05:35:04
[DumaOS] DHCP new event., Tuesday, July 17, 2018 05:35:04
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 05:35:04
[DoS Attack: SYN/ACK Scan] from source: 192.184.59.249, port 80, Tuesday, July 17, 2018 08:48:09
[Internet connected] IP address: 68.227.118.78, Tuesday, July 17, 2018 10:03:00
[DoS Attack: SYN/ACK Scan] from source: 185.255.94.230, port 25565, Tuesday, July 17, 2018 10:29:09
[DHCP IP: 192.168.1.7] to MAC address 30:fd:38:af:e6:46, Tuesday, July 17, 2018 11:48:44
[DumaOS] DHCP new event., Tuesday, July 17, 2018 11:48:44
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 11:48:44
[DoS Attack: SYN/ACK Scan] from source: 144.217.228.78, port 80, Tuesday, July 17, 2018 13:28:57
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Tuesday, July 17, 2018 14:06:35
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:06:35
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:06:35
[DHCP IP: 192.168.1.6] to MAC address 40:98:ad:35:aa:86, Tuesday, July 17, 2018 14:06:37
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:06:37
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:06:37
[DHCP IP: 192.168.1.8] to MAC address 78:9f:70:9f:0d:39, Tuesday, July 17, 2018 14:13:12
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:13:12
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:13:12
[DHCP IP: 192.168.1.2] to MAC address 40:16:3b:69:86:2e, Tuesday, July 17, 2018 14:16:32
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:16:32
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:16:32
[DHCP IP: 192.168.1.3] to MAC address 2c:54:91:01:0f:70, Tuesday, July 17, 2018 14:16:56
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:16:56
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:16:56
[UPnP set event: add_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 14:17:02
[DHCP IP: 192.168.1.5] to MAC address 9c:b6:d0:6b:e2:f7, Tuesday, July 17, 2018 14:59:10
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:59:10
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:59:10
[DHCP IP: 192.168.1.5] to MAC address 9c:b6:d0:6b:e2:f7, Tuesday, July 17, 2018 14:59:10
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:59:10
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:59:10
[DHCP IP: 192.168.1.9] to MAC address 10:65:30:58:b7:4c, Tuesday, July 17, 2018 14:59:11
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:59:11
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:59:11
[DHCP IP: 192.168.1.9] to MAC address 10:65:30:58:b7:4c, Tuesday, July 17, 2018 14:59:12
[DumaOS] DHCP new event., Tuesday, July 17, 2018 14:59:12
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 14:59:12
[DumaOS] Geo-Filter cloudsync result 'true','Geo-Filter is up to date', Tuesday, July 17, 2018 15:04:11
[admin login] from source 2600:8803:bc00:b6:7d2e:e30:9f18:a480, Tuesday, July 17, 2018 15:06:59
[DumaOS] config write 'com.netdumsoftware.geofilter.settings', Tuesday, July 17, 2018 15:07:11
[DumaOS] config write 'com.netdumsoftware.geofilter.settings', Tuesday, July 17, 2018 15:15:44
[DumaOS] config write 'com.netdumsoftware.geofilter.settings', Tuesday, July 17, 2018 15:15:52
[DumaOS] RPC call 'add_capture' exception 'ERROR: Unable to install because some filters are overlapping. stack traceback: ^I?, in function '__new__' ^I?: in function '?' ^I?: in function <?:469> ^I(tail call): ? ^I?: in function 'add_gf_service' ^I?: in function <?:276> ^I(tail call): ? ^I?: in function <?:324> ^I[C]: in function 'xpcall' ^I?: in function 'try' ^I?: in function <?:290> ^I[C]: in function 'run' ^I?: in function <?:366> ^I[C]: in function 'xpcall' ^I?: in function 'try' ^I?: in function <?:283> ^I(tail call): ? ^I/dumaos/api/cli.lua:48: in function </dumaos/api/cli.lua:30> ^I[C]: in function 'xpcall' ^I/dumaos/api/cli.lua:59: in main chunk ^I[C]: ?' Tuesday, July 17, 2018 15:16:00
[DumaOS] Geo-Filter cloudsync result 'true','nil', Tuesday, July 17, 2018 15:16:28
[DoS Attack: ACK Scan] from source: 91.237.217.53, port 53, Tuesday, July 17, 2018 15:20:32
[admin login] from source 192.168.1.9, Tuesday, July 17, 2018 15:24:37
[admin login] from source 192.168.1.9, Tuesday, July 17, 2018 15:24:37
[admin login] from source 2600:8803:bc00:b6:7d2e:e30:9f18:a480, Tuesday, July 17, 2018 15:24:42
[admin login] from source 2600:8803:bc00:b6:7d2e:e30:9f18:a480, Tuesday, July 17, 2018 15:34:14
[DumaOS] config write 'com.netdumsoftware.geofilter.settings', Tuesday, July 17, 2018 15:34:25
[admin login] from source 2600:8803:bc00:b6:7d2e:e30:9f18:a480, Tuesday, July 17, 2018 15:36:57
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:37:09
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:37:32
[UPnP set event: del_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 15:38:35
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:39:13
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:39:13
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:39:14
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:39:24
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:39:25
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:39:26
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:39:46
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:39:47
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:39:48
[DumaOS] config write 'com.netdumasoftware.qos.settings', Tuesday, July 17, 2018 15:40:02
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:40:03
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:40:04
[UPnP set event: add_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 15:40:08
[DoS Attack: ACK Scan] from source: 64.4.16.210, port 443, Tuesday, July 17, 2018 15:41:17
[DoS Attack: ACK Scan] from source: 64.4.16.209, port 443, Tuesday, July 17, 2018 15:42:58
[DHCP IP: 192.168.1.8] to MAC address 78:9f:70:9f:0d:39, Tuesday, July 17, 2018 15:46:34
[DumaOS] DHCP new event., Tuesday, July 17, 2018 15:46:34
[DumaOS] DHCP lease change., Tuesday, July 17, 2018 15:46:34
[DoS Attack: ACK Scan] from source: 192.168.62.11, port 8080, Tuesday, July 17, 2018 15:47:40
[DoS Attack: ACK Scan] from source: 192.168.62.11, port 8080, Tuesday, July 17, 2018 15:47:43
[DoS Attack: ACK Scan] from source: 192.168.62.11, port 8080, Tuesday, July 17, 2018 15:47:50
[DoS Attack: ACK Scan] from source: 192.168.62.11, port 8080, Tuesday, July 17, 2018 15:48:04
[UPnP set event: del_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 15:48:38
[admin login] from source 192.168.1.9, Tuesday, July 17, 2018 15:48:39
[admin login] from source fe80::e439:5ab5:1814:a0ca, Tuesday, July 17, 2018 15:49:13
[Internet connected] IP address: 68.227.118.78, Tuesday, July 17, 2018 15:49:20
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:49:26
[DoS Attack: ACK Scan] from source: 192.168.62.11, port 8080, Tuesday, July 17, 2018 15:49:26
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:49:27
[UPnP set event: add_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 15:49:53
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 15:49:59
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 15:50:00
[admin login] from source 2600:8803:bc00:b6:7d2e:e30:9f18:a480, Tuesday, July 17, 2018 15:50:57
[OpenVPN] VPN Client disconnected., Tuesday, July 17, 2018 15:51:05
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:51:55
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:51:56
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:51:56
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:51:56
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:51:57
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:51:57
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:51:57
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:51:58
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:51:58
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:52:01
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:52:01
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:52:01
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:52:02
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:52:02
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:52:02
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:52:03
[DoS Attack: ACK Scan] from source: 162.254.196.67, port 27020, Tuesday, July 17, 2018 15:52:03
[DoS Attack: ACK Scan] from source: 162.254.193.46, port 27020, Tuesday, July 17, 2018 15:52:03
[DoS Attack: ACK Scan] from source: 162.254.196.68, port 443, Tuesday, July 17, 2018 15:52:04
[DumaOS] config write 'com.netdumsoftware.geofilter.settings', Tuesday, July 17, 2018 15:55:39
[UPnP set event: del_nat_rule] from source 192.168.1.3, Tuesday, July 17, 2018 16:02:51
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 16:05:35
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 16:05:36
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 16:05:48
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 16:05:49
[DumaOS] applying qos for zone wan, Tuesday, July 17, 2018 16:08:12
[DumaOS] applying qos for zone lan, Tuesday, July 17, 2018 16:08:13

 

 

this my last log that i had and it crashed my xbox... in the middle of a game was wondering if there is anything i can do to prevent this

 

 

Model: XR500| Nighthawk Pro Gaming Router
Message 1 of 4

Accepted Solutions
Netduma-Fraser
NetDuma Partner

Re: dos attack

I see there were some DHCP lease entries in there, set a static IP for your console and see if the issue persists after that.

View solution in original post

Message 4 of 4

All Replies
Netduma-Fraser
NetDuma Partner

Re: dos attack

Its unlikely that would have caused a crash, did you see anything blocked on the Geo-Filter when the issue occurred?
Message 2 of 4
crimsonjedi
Aspirant

Re: dos attack

I did not see any blocking in geo filter. And It’s still happening. Called my isp and they help me work through it and getting back in line but they recommended talk to netgear specifically also
Model: XR500| Nighthawk Pro Gaming Router
Message 3 of 4
Netduma-Fraser
NetDuma Partner

Re: dos attack

I see there were some DHCP lease entries in there, set a static IP for your console and see if the issue persists after that.
Message 4 of 4
Discussion stats
  • 3 replies
  • 6894 views
  • 1 kudo
  • 2 in conversation
Announcements

Orbi WiFi 7