- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
xr500 Dos attacks What the heck....
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
xr500 Dos attacks What the heck....
What the hell is going on with all these Dos attacks. I've been reading some of these links and my question is are they real or not? If these attacks are not real then why is this happening? This is uncalled for if they are not real. If something real happens I want to know about just like everyone else, we live in a society that can't be trusted anymore / not safe IMOP. I'm sick and tiered of spending hard earned money on these expensive equipment and they don't work right. I want an explanation of what's going on please.
Here I am racking my brain and feeling threatened by these (real or not real) attacks and I'm sure I'm not the only one that feels like that.
I too have a problem with Internet drop out as well.
Bottom line I want to know what's going on.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
What FW is currently loaded?
What is the Mfr and model# of the ISP modem the NG router is connected too?
Please post a short snippet of what your seeing in the router logs. Just a few lines.
@Birdwatch wrote:
What the hell is going on with all these Dos attacks. I've been reading some of these links and my question is are they real or not? If these attacks are not real then why is this happening? This is uncalled for if they are not real. If something real happens I want to know about just like everyone else, we live in a society that can't be trusted anymore / not safe IMOP. I'm sick and tiered of spending hard earned money on these expensive equipment and they don't work right. I want an explanation of what's going on please.
Here I am racking my brain and feeling threatened by these (real or not real) attacks and I'm sure I'm not the only one that feels like that.
I too have a problem with Internet drop out as well.
Bottom line I want to know what's going on.
Thank you
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
What FW is currently loaded? the latest one
What is the Mfr and model# of the ISP modem the NG router is connected too? netgear cm1000
thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
Please post a short snippet of what your seeing in the router logs. Just a few lines.
@Birdwatch wrote:
What FW is currently loaded? the latest one
What is the Mfr and model# of the ISP modem the NG router is connected too? netgear cm1000
thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
[DoS Attack: SYN/ACK Scan] from source: 116.0.72.4, port 636, Wednesday, March 06, 2019 01:30:18
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:59
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:56
[DoS Attack: SYN/ACK Scan] from source: 122.70.154.19, port 443, Wednesday, March 06, 2019 00:51:47
[DoS Attack: SYN/ACK Scan] from source: 192.229.100.224, port 80, Tuesday, March 05, 2019 22:48:11
Here's a few
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
[DoS Attack: ACK Scan] from source: 17.249.172.32, port 5223, Tuesday, March 05, 2019 21:48:00
[DoS Attack: ACK Scan] from source: 17.249.172.32, port 5223, Tuesday, March 05, 2019 21:46:45
Here's some more
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
You can use whois.domaintools.com to see where those IP addresses are coming from.
@Birdwatch wrote:
[DoS Attack: SYN/ACK Scan] from source: 116.0.72.4, port 636, Wednesday, March 06, 2019 01:30:18
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:59
[WLAN access rejected: incorrect security] from MAC address 94:e9:79:94:a7:cd, Wednesday, March 06, 2019 01:32:56
[DoS Attack: SYN/ACK Scan] from source: 122.70.154.19, port 443, Wednesday, March 06, 2019 00:51:47
[DoS Attack: SYN/ACK Scan] from source: 192.229.100.224, port 80, Tuesday, March 05, 2019 22:48:11
Here's a few
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
Ok, thank you both for the replies. But, this is unacceptable bottom line. I'm sure a lot of people would agree. If these are harmless then they need to identify it another way other than a Dos-attack. How is regular consumer going to distinguish a real threat vs a harmless one. I wish some other folks would chime in here.
What about the WLan part?
Please don't take it personal guys I do appreciate the help and answers.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
You'll need to track down where the IPs are coming from and see if they are being falsely reported by the router or actual attacks by checking to see if anything on your side of the LAN is using services from any of the IPs that are showing up.
I would also contact the ISP for additional help and information regarding this. If you think your actually being attacked. Have them change your WAN IP address to something else to see if the attacks top.
Regarding the WLAN, does this MAC belong to any of your devices? 94:e9:79:94:a7:cd
If not, then the router is just reporting someone attempted to joing your SSID and didn't get the PW right. The router is doing it's job by reporting this.
@Birdwatch wrote:
Ok, thank you both for the replies. But, this is unacceptable bottom line. I'm sure a lot of people would agree. If these are harmless then they need to identify it another way other than a Dos-attack. How is regular consumer going to distinguish a real threat vs a harmless one. I wish some other folks would chime in here.
What about the WLan part?
Please don't take it personal guys I do appreciate the help and answers.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
(You'll need to track down where the IPs are coming from and see if they are being falsely reported by the router or actual attacks) It's the routers job take make sure it is and to report back to me if it's a real threat. IMOP
I don't have a static IP address so I can change it anytime I want.
(I would also contact the ISP for additional help and information regarding this) I did and they would not know. At least this is what they told me.
(Regarding the WLAN, does this MAC belong to any of your devices? 94:e9:79:94:a7:cd) It could be I'll have to check.
I think what netgear should do is implement a color code for logs in 3 different levels to differentiate between severity levels. Green normal, yellow caution, red danger need to investigate.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
Ya, it would be nice to have some color indication of severity levels. They could change the text logging color.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: xr500 Dos attacks What the heck....
That color coding idea is a good one. The log is very sensitive, which makes it quite disconcerting when you read it. 99.9% of the time it's nothing to worry about.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more