- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
Why am I getting continous DOS attacks in my logs with the RAX120/AX12. If I put my Asus GT-AC5300, no issue.
Worried cause my ISP provider has sent me an email saying I need to take care of this or they will shut me down? Does that make sense? I am on the latest firmware .84 of the RAX120/AX12.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
Netgear is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Just use whois to see who is behind some of them. You may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
In this case something else seems to be going on. The router will usually have no way of telling the ISP what is happening.
It might help if you posted one of those logs to show people what is happening.
Perhaps your ISP has told you what it is seeing on your connection.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
I have the same issues. My router seems to drop Ip address. DHCP reboots possible? As soon as I log onto my computer i get these Dos attack logs. usually five at a time. here is some excerpts.
- DoS Attack: ACK Scan] from source: 208.111.178.31, port 443, Tuesday, December 03, 2019 04:43:06
- [DoS Attack: SYN/ACK Scan] from source: 148.251.48.231, port 50002, Tuesday, December 03, 2019 04:34:25
- [DoS Attack: ACK Scan] from source: 205.185.216.10, port 80, Monday, December 02, 2019 23:04:28
- [DoS Attack: ACK Scan] from source: 34.237.131.21, port 9543, Monday, December 02, 2019 23:04:21
- [DoS Attack: ACK Scan] from source: 69.171.250.52, port 5222, Monday, December 02, 2019 22:53:10
- [DoS Attack: ACK Scan] from source: 34.237.131.21, port 9543, Monday, December 02, 2019 22:50:19
Inbetween thes logs the DHCP will reset - [DHCP IP: 192.168.1.135] to MAC address
Router is a few days old with latest firmware - V1.0.1.108
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
See above.
Try IPNetInfo.
Facebook!?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
There is another thread from an RAX120 user who has recently upgraded to the latest firmware & now has the same problems.
He has contacted the ISP responsible for the attacks & is waiting for a response.
However, I guess the root cause is that in the new firmware something has changed regarding the open ports or way that the router responds.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
Have you find a solution on DoS attack?
I’m having the same issue since 3 weeks on my RAX120. Bandwidth is 150GB and it drops to less than 1GB. I reboot my ISP modem (Arris TG1662G) and my router and all works fine but after 20 to 24 hrs have no he same issue..!!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX120/AX12 - Constant DOS Attack - ISP Provider warning to shut me down if not fixed
[DoS Attack: SYN/ACK Scan] from source: 84.53.161.129, port 443, Sunday, February 16, 2020 16:43:31
[DoS Attack: SYN/ACK Scan] from source: 84.53.161.129, port 443, Sunday, February 16, 2020 16:43:15
[DoS Attack: SYN/ACK Scan] from source: 84.53.161.129, port 443, Sunday, February 16, 2020 16:43:07
[DoS Attack: SYN/ACK Scan] from source: 84.53.161.129, port 443, Sunday, February 16, 2020 16:43:03
[DoS Attack: SYN/ACK Scan] from source: 84.53.161.129, port 443, Sunday, February 16, 2020 16:43:00
[DoS Attack: ACK Scan] from source: 17.248.131.173, port 443, Sunday, February 16, 2020 16:33:30
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:33:20
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:32:13
[DoS Attack: ACK Scan] from source: 17.248.131.173, port 443, Sunday, February 16, 2020 16:32:08
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:32:02
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:44
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:43
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:43
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:43
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:43
[DoS Attack: ACK Scan] from source: 157.240.14.63, port 443, Sunday, February 16, 2020 16:31:42
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:31:28
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:31:21
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:31:05
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:31:03
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:30:54
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:30:53
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:30:48
[DHCP IP: 192.168.1.14] to MAC address 88:f5:6e:ec:a9:bb, Sunday, February 16, 2020 16:30:46
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:30:45
[DoS Attack: ACK Scan] from source: 17.188.167.20, port 443, Sunday, February 16, 2020 16:30:44
[DoS Attack: ACK Scan] from source: 52.22.126.152, port 443, Sunday, February 16, 2020 16:30:44
[DoS Attack: SYN/ACK Scan] from source: 31.13.66.10, port 443, Sunday, February 16, 2020 16:30:43
[DoS Attack: ACK Scan] from source: 17.188.167.20, port 443, Sunday, February 16, 2020 16:30:43
[DoS Attack: ACK Scan] from source: 157.240.14.35, port 443, Sunday, February 16, 2020 16:30:43
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more