This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I'm getting tons of DDOS attacks, ack, fraggle, smurf, etc.. I "think" its from my PoE Ring doorbell elite which is hardwire connected via my netgear PoE switch which is connected to my RAX200 router. Every 1-3 minutes 5-9 entries are logged in with or without doorbell activity other than the constant connected PoE, of course. The ring site says they use port 80 and 443 and I'm told they use AWS (Amazon services) so there could be hundreds of IPs.....Anyone give some guidance? Truly attacks or just the way netgear reports it?
DoS attack: ACK Scan] from source 172.217.10.131,port 80 Thursday, Dec 05,2019 12:14:28 [DoS attack: ACK Scan] from source 172.217.3.106,port 443 Thursday, Dec 05,2019 12:14:00 [DoS attack: ACK Scan] from source 173.194.68.188,port 5228 Thursday, Dec 05,2019 12:12:49 [DoS attack: ACK Scan] from source 13.225.66.99,port 443 Thursday, Dec 05,2019 12:12:33 [DoS attack: ACK Scan] from source 172.217.12.132,port 443 Thursday, Dec 05,2019 12:12:11 [DoS attack: ACK Scan] from source 172.217.10.131,port 80 Thursday, Dec 05,2019 12:12:11 [DoS attack: ACK Scan] from source 172.217.12.132,port 443
Thanks for the reply. Yes, I have been using whois to try to ID, most are google with no other info. There are a few from Apple, Akamai (PS4?) and a few Amazon.... But the 172.xxx.xx.xx I get 9 or so hits every couple minutes. Its a bit un-nerving.
There has been a lot of chat about this lately, with some confused messages.
You can turn off that bit of logging, or you can just live with it. The point is that the router is blocking stuff that should not get through.
Turning off logging can help to deal with stability problems if there are so many log entries that the processor gets overworked and slows down when doing it normal work.
