Why over 200 smurf attack packets from Comcast IP's within a day.

---

@one2busy wrote:

Is there a setting I can change to prevent this, or any other suggestion?

 

---

Prevent what? The attacks? Those reports?

Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.

Search - NETGEAR Communities – DoS attacks

Use Whois.net to see who is behind some of them and you may find that they are from places like Facebook, Google, even your ISP.

Here is a useful tool for that task:

IPNetInfo: Retrieve IP Address Information from WHOIS servers

If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.

False positives. NG is famously known for that. Either disable logging of these or completely disable DoS protection.

And yes @michaelkenward processing/dropping/blocking at iptables levels is far more expensive than just logging somme entries in the logs

Besides, what's the point keeping it on if 85-90% are false positives? The rest 10-15% is just yoour regular spambots testing trying to get in. It's useless

---

@microchip8 wrote:

Besides, what's the point keeping it on if 85-90% are false positives? The rest 10-15% is just yoour regular spambots testing trying to get in. It's useless

---

Keeping what on? Protection or logging?

Protection. Logs just get spammed by false positives. In my 22 years of Linux experience and particulary iptables/nftables, I can 100% assure you iptables/nftables takes way more prcessing power than writing some lines to the log. Yes, the log uses a % or so but nowhere near the amount of iptables/nftables.