Start a New Discussion

Start a New Discussion

Reply
Mark_Spilker
Aspirant
Aspirant
‎2018-04-25 08:36 AM
‎2018-04-25 08:36 AM

NIghthawk - IP Spoofing Solutions

Our Nighthawk log continues to generate activities such as the following listed below, despite the computer both in airline mode & shut down entirely.  Is anyone aware of a feature to eliminate this activity & find it's source at our business? 

[DoS Attack: IP Spoofing] from source: 192.168.1.5, port 1901, Wednesday, April 25, 2018 11:24:40

Model: R9000|Nighthawk X10 AD7200 Smart WiFi Router
Message 1 of 6
Labels:
0 Kudos
Reply
schumaku
Guru
Guru
‎2018-04-25 09:35 AM
‎2018-04-25 09:35 AM

Re: NIghthawk - IP Spoofing Solutions

Can be a spoofed attack directed to your router Internet/WAN interface, in attempt to test for certain UPnP vulnerabilities.

Message 2 of 6
0 Kudos
Reply
Mark_Spilker
Aspirant
Aspirant
‎2018-04-25 09:37 AM
‎2018-04-25 09:37 AM

Re: NIghthawk - IP Spoofing Solutions

Sounds like you're saying it is not coming from that specific IP address.

 

Yes?

Message 3 of 6
0 Kudos
Reply
schumaku
Guru
Guru
‎2018-04-25 09:42 AM
‎2018-04-25 09:42 AM

Re: NIghthawk - IP Spoofing Solutions

Yes. Spoofing can nick "any" source IP addess - the source does not have to be on your (W)LAN.

Message 4 of 6
0 Kudos
Reply
Mark_Spilker
Aspirant
Aspirant
‎2018-04-25 09:44 AM
‎2018-04-25 09:44 AM

Re: NIghthawk - IP Spoofing Solutions

Any suggested features on the Nighthawk to use?

Message 5 of 6
0 Kudos
Reply
schumaku
Guru
Guru
‎2018-04-25 10:02 AM
‎2018-04-25 10:02 AM

Re: NIghthawk - IP Spoofing Solutions

What else do you expect beyond of the DoS detection (and blocking) schemes in place for years?

Message 6 of 6
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 5 replies
  • ‎2018-04-25 08:36 AM
  • 436 views
  • 0 kudos
  • 2 in conversation
Announcements