- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: RAX200 - DDOS Attacks - A LOT of them...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm getting tons of DDOS attacks, ack, fraggle, smurf, etc.. I "think" its from my PoE Ring doorbell elite which is hardwire connected via my netgear PoE switch which is connected to my RAX200 router. Every 1-3 minutes 5-9 entries are logged in with or without doorbell activity other than the constant connected PoE, of course. The ring site says they use port 80 and 443 and I'm told they use AWS (Amazon services) so there could be hundreds of IPs.....Anyone give some guidance? Truly attacks or just the way netgear reports it?
DoS attack: ACK Scan] from source 172.217.10.131,port 80 Thursday, Dec 05,2019 12:14:28
[DoS attack: ACK Scan] from source 172.217.3.106,port 443 Thursday, Dec 05,2019 12:14:00
[DoS attack: ACK Scan] from source 173.194.68.188,port 5228 Thursday, Dec 05,2019 12:12:49
[DoS attack: ACK Scan] from source 13.225.66.99,port 443 Thursday, Dec 05,2019 12:12:33
[DoS attack: ACK Scan] from source 172.217.12.132,port 443 Thursday, Dec 05,2019 12:12:11
[DoS attack: ACK Scan] from source 172.217.10.131,port 80 Thursday, Dec 05,2019 12:12:11
[DoS attack: ACK Scan] from source 172.217.12.132,port 443
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Netgear is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Just use whois to see who is behind some of them. You may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
Your attacks are from places you may recognise – Google and Amazon.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Netgear is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Just use whois to see who is behind some of them. You may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
Your attacks are from places you may recognise – Google and Amazon.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX200 - DDOS Attacks - A LOT of them...
Thanks for the reply. Yes, I have been using whois to try to ID, most are google with no other info. There are a few from Apple, Akamai (PS4?) and a few Amazon.... But the 172.xxx.xx.xx I get 9 or so hits every couple minutes. Its a bit un-nerving.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: RAX200 - DDOS Attacks - A LOT of them...
There has been a lot of chat about this lately, with some confused messages.
You can turn off that bit of logging, or you can just live with it. The point is that the router is blocking stuff that should not get through.
Turning off logging can help to deal with stability problems if there are so many log entries that the processor gets overworked and slows down when doing it normal work.
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more