NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
vwwanted
Mar 30, 2016Aspirant
DoS attack, Teardrop or derivative, Ping of Death, strange non-DHCP IP address connected to wifi
I'm getting lots of Dos attacks logged in my C3000 modem/router. They appear to be coming from inside my network, from my wifi. I keep seeing a device attached to my wifi with an IP address of 1.1.15...
SamirD
Sep 18, 2016Prodigy
Holy *****. I have never known anyone to actually watch their computer being controlled like that and money stolen. I am completely speechless because otherwise it's a string of obscenities.
Here's what I would do. One, disconnect everything from the Internet--period. No phones, no computers, no nothing on any network, anywhere.
Two, get all your personal data off of those machines by backing them up to an external hard drive (or two or three if the data is important).
Three, go to the apple store and tell them to wipe all of those devices clean and start them over, explaining that all your accounts were compromised.
Four, contact banks or anyone else you had any electronic communications with using those devices and confirm if anything was stolen.
Five, contact the police and your insurance company.
This is the real deal and no drill--your identity and life were being stolen before your eyes. And no router could have ever prevented that.
Be sure to factory reset your router too. And don't plug it in or go online ANYWHERE until all of this is under control and you know what's going on.
Jammy
Oct 19, 2016Aspirant
On my router the factory def settings in the wan setup have
disable port scan and dos protection
Toggled ON !!!
meaning there is no protection. I can not imagine netgear having this toggled on as default but I did a hard reset and it was ON!
i got dos attacks and similar symptoms as discussed with ip changes on devices to outside my local network. I am now going through all the set up again.
wtf is netgear doing ?
- SamirDOct 21, 2016Prodigy
Disabling a port scan is a protection that prevents an external source from port scanning. (having it checked enabled the protection.)
Enabling DOS protection (checking it) protects you as well.
I think you simply misinterpreted what those meant. Most consumer routers (netgear included) ship with all protections turned on.
- JammyOct 21, 2016Aspirant
"By default, the router uses port scan and DoS protection (it is enabled) to help guard a network against those attacks that inhibit or stop network availability. If someone selects the Disable Port Scan and DoS Protection check box on the WAN screen, that disables the protection."
That is from the netgear site. The default factory settings on the router I received had it checked. I did not change it. On my other netgear routers it is unchecked as delivered which is correct. I'm getting the dos attacks and port scans on the new router as described by others in this post. Having these disabled by checking that box, may have contributed I now can not stop these attaacks as others in this post have said. IOS devices have their ips on the router changed which seems like a virus on the router. I will update the firmware and NOT check the box
- go4parApr 24, 2019Aspirant
This advice is not true. Click on the 'show/hide help center and it says only disable port scan and dos protection in rare occassions. DO NOT CHECK THE BOX.
- Astro-CatJun 12, 2019Aspirant
[DoS attack: Teardrop or derivative] from 128.0.1.192,
Traced it to my Iphone (IP is different from my other devices.
Read the posts here, but still not 100% sure WHAT to do?