This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Since a few weeks I cannot visit certain sites as my IP adress seems to be blacklisted - a search on spamhaus confirms that my address is on the CBL (composite black list).
Before troubleshooting I updated the firmware to the current version, V1.0.1.26_1.0.19. After having removed myself from the blacklist, I saw my IP address was re-added to the CBL the next day.
According to the Netgear-logs there are DoS attacks on my router ("[DoS attack: Smurf] attack packets in last 20 sec from ip xxx"). I'm somewhat IT savvy, but with regard to this matter I don't know much. I basically have two questions:
1) Does the fact that the router mentions the DoS attacks in its logs mean that I don't have to look further to any culprits? (I have a wireless printer and a NAS which I might look into).
More importantly:
2) What settings can I change on the R6400 to close the relevant outside ports for these botnets? (Supposedly ports 23, 2323, 3389, 5555 and 7547 according to abuseat). AFAIK there is no custom firewall on the R6400 router.
Can I do anything with the Services tabpage on Security?
Thanks, @DexterJB. I'm glad to report that I have blocked the ports mentioned by spamhaus and am no longer on the blacklist.
If I understand you correctly, the attacks ON my router have basically been tackled by the router, and those have nothing to do with the outgoing attacks FROM my router on the outside world.
