- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Remote Access to LAN R7800
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Remote Access to LAN R7800
Hi,
I am concerned about remote access to my LAN. I have not noticed anything, but for the 1st time I just looked at my router log and saw the following:
[DoS Attack: ACK Scan] from source: 159.100.4.212, port 443, Monday, July 04, 2022 13:00:24
[DoS Attack: ACK Scan] from source: 52.39.32.173, port 443, Monday, July 04, 2022 12:56:45
[LAN access from remote] from 93.186.201.117:36312 to 192.168.1.10:80, Monday, July 04, 2022 12:56:24
[DoS Attack: ACK Scan] from source: 52.39.32.173, port 443, Monday, July 04, 2022 12:56:14
[LAN access from remote] from 109.237.103.123:49642 to 192.168.1.10:80, Monday, July 04, 2022 12:55:54
[LAN access from remote] from 109.237.103.123:47190 to 192.168.1.10:80, Monday, July 04, 2022 12:55:54
[LAN access from remote] from 109.237.103.123:47220 to 192.168.1.10:80, Monday, July 04, 2022 12:55:54
I access the LAN remotely from my apple on occasions, but these logged events were not me. What should I do to stop these other people whoever they are?
Thanks,
westewart
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
@westewart wrote:
Hi,
I am concerned about remote access to my LAN. I have not noticed anything, but for the 1st time I just looked at my router log and saw the following:
[DoS Attack: ACK Scan] from source: 159.100.4.212, port 443, Monday, July 04, 2022 13:00:24
[DoS Attack: ACK Scan] from source: 52.39.32.173, port 443, Monday, July 04, 2022 12:56:45
Those alerts may have nothing to do with remote access, which can be a useful tool.
Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Use Whois.net to see who is behind some of them and you may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
One of those is from diva-e Datacenters GmbH. The other one is Amazon.
If these events are slowing down your router, that may be because it is using up processor time as it writes the events to your logs. Anything that uses processor power – event logging, QoS management, traffic metering – may cause slowdowns. Disable logging of DoS attacks and see if that reduces the problem. This does not prevent the router from protecting you from the outside world.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
Hi MircroChip8,
I need to do remote work, so how can I access my server more securely?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
Hi MichaelKenward,
I am not as concerned about the dos attacks that don't seem to have a noticeable impact on router performance. What I'm concerned about are the remote accesses. How to I stop them?Does a remote access showing up in the log mean that they were failed attempts at remote access, or does it mean they were successful remote accesses?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
@westewart wrote:
How to I stop them?Does a remote access showing up in the log mean that they were failed attempts at remote access, or does it mean they were successful remote accesses?
Very good questions. I'd say that if your password etc security is good, these alerts could be on a par with the fake detections of DoS Attacks.
Unfortunately, Netgear's guidance on what those reports mean is hopeless.
Google found this:
Interpreting Netgear wireless router security logs - Super User
I agree with you that remote access is valuable. I am surprised by a blanket "turn it off" suggestion. Maybe they don't use it.
Netgear has disabled various really dangerous "remote" options
I use the Nighthawk App for remote access all the time. (I have two ISP accounts that I watch.) I don't see entries like that in my logs.
Have you looked at these to see if they relate to what you are doing?
Don't forget, if they are logged, then they probably aren't getting through your router's defences.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Remote Access to LAN R7800
just a quick note, instead of turning on remote mgment on your router, create an internal vpn (on the router or my preferred way, on a spare raspberry pi) that way you can start a vpn session from wherever you are and to your router, you are local.)
hih, nb
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more