- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AX6 AX5200 Constant [Fraggle Attack] In Logs
Hey so I've had my ISP out multiple times to help try and isolate a recent packet loss problem that has been reoccuring for the last month or 2 now. At first it would happen during the day and then settle down the later it got in the night. They've replaced Coax cables and a wire from the house to the pole. I have also followed their recommendation of updating my hardware and so I did and I know both pieces support my internet speed (blaze from xfinity) (RAX48 and a SB6190 Modem) I have also noticed in my logs that I am receiving many fraggle attacks as well, is this something I should be worried about? I'm honestly out of ideas.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 RAX48 Constant [Fraggle Attack] In Logs
I am now for the first time receiving blocked Denial of Service notifications from NETARMOR on 'Wyze camera' the jank security system my mother installed for the house. Again I don't know if I should be worried and I really want to know if this could even be linked to my packet loss issues.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
Well your ISP modem has a long standing known problem:
I'd recommend getting into a broadcom based modem first off.
Look up where those IP addresses are coming from using a WHOIS service.
Ask your ISP and see if they can change your WAN IP address.
Try a full reset of the router and setup from scratch. I would leave Armor disabled for a short period and see if the problems still happen.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
@FURRYe38 wrote:Well your ISP modem has a long standing known problem:
I'd recommend getting into a broadcom based modem first off.
Look up where those IP addresses are coming from using a WHOIS service.
Ask your ISP and see if they can change your WAN IP address.
Try a full reset of the router and setup from scratch. I would leave Armor disabled for a short period and see if the problems still happen.
@FURRYe38 Hmm. That is interesting to find out. I will definitely be returning this at some point for sure. However my old Modem was a SB6141 from a few years back. I don't see that one in the list but I had began getting the packet loss with my old hardware (asus rtc3100 and that 6141 modem). Now the issue is still here, ISP is coming out a 3rd time with a more equipped tech they say, lol.
I have yet to call the Cyber Agency side of Xfinity, which they told me to do for the DoS things. They said they couldn't change my IP when I asked on the forum.
Now after using WHOIS I found out
United States Chicago Akamai Technologies Inc.
Comcast Aurora
And a new attack I haven't noticed yet [UDP FLOOD] that ip comes from
United States Atlanta Service Provider Corporation
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
I just found another new one. [TCP SYN Flood] coming from United States Los Angeles Level 3 Parent Llc.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
I began receiving Denial of Service blockages from Netarmor on "Wyze camera" last night and awoke to this.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
Starting to believe these are truly false-positives. It seems they must've failed to find the noise that's giving me troubles on their end. Or I can't seem to find out the issue on my end. Either way it's been a month or so and my online-gaming is subpar.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
Some of the logs being seen on NG routers has been know to be false positives or just what the router is reporting. However id say get the ISP to replace the modem first thing, something with a broadcom chip set.
NGs CM1000 thru 2000 are all broadcom based.
They can change the IP address on the modem, they can do that at any time. Though they change it automatically, or if you keep the modem fully OFF maybe over night, this can trigger a new lease on the WAN IP.
SHow the tech these WHOIS entries...
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
@FURRYe38 wrote:Some of the logs being seen on NG routers has been know to be false positives or just what the router is reporting. However id say get the ISP to replace the modem first thing, something with a broadcom chip set.
NGs CM1000 thru 2000 are all broadcom based.
They can change the IP address on the modem, they can do that at any time. Though they change it automatically, or if you keep the modem fully OFF maybe over night, this can trigger a new lease on the WAN IP.
SHow the tech these WHOIS entries...
Gotcha. They won't be replacing the modem. I will be returning the one I bought and doing the replacement myself. I will never use ISP given modems. I would like to mention this packet loss only appears during the day and stays clear around 11PM-11AM then it begins again. I have a forum group chat with xfinity support and they told me to contact CSA 'as this is a security issue' when i showed them the WHOIS entries. Their Supervisor Tech is set to visit this thursday as well since the last 2 couldn't isolate it.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
Ok, check with the ISP to see what brand and model modems they support by users before you buy. Same here, I prefer my own modem.
Ok, seems like this problem is going higher than the ISP. Since this happens during the day and not might time, tells me something someone is activaly doing this during the day. Something you might try, power OFF the modem for as long as you can when this happens during the day.
I'd also power OFF as many devices you have connected as well...then power a device on 1 at a time while checking the router logs. Just checking to see if something from the WAN side is trying to access or ping someting on the LAN side. If you have time.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
@FURRYe38 wrote:Ok, check with the ISP to see what brand and model modems they support by users before you buy. Same here, I prefer my own modem.
Ok, seems like this problem is going higher than the ISP. Since this happens during the day and not might time, tells me something someone is activaly doing this during the day. Something you might try, power OFF the modem for as long as you can when this happens during the day.
I'd also power OFF as many devices you have connected as well...then power a device on 1 at a time while checking the router logs. Just checking to see if something from the WAN side is trying to access or ping someting on the LAN side. If you have time.
Ok I settled with the CM1000. I have it hooked up and I still am receiving the loss.
I have no blocked everything except my PC. I don't know if I can do the modem off all day with my family but for now I can mess with the devices since nobody is home.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
ALSO. For those time frames it can be completely random when it's good and bad BUT always in that time frame.. and during the day it's for sure the worst. Night time I can play with pretty much no interruption. Just to reclarify that.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
No matter if its just my PC allowed to connect, the packet loss is still there. I noticed when it was only the PC allowed on there I get a [DoS attack: Fraggle Attack] from source UNKNOWN,port 58052 Sunday, Nov 07, 2021 15:47:29
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
@Cj877 wrote:No matter if its just my PC allowed to connect, the packet loss is still there. I noticed when it was only the PC allowed on there I get a [DoS attack: Fraggle Attack] from source UNKNOWN,port 58052 Sunday, Nov 07, 2021 15:47:29
When I allowed my phone I received [DoS attack: Fraggle Attack] from source 174.-.-.-,port 58052 Sunday, Nov 07, 2021 15:55:04
i removed the IP for safety reasons but it comes back from comcast in the area of course.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: AX6 AX5200 Constant [Fraggle Attack] In Logs
[Time synchronized with NTP server] Monday, Nov 08, 2021 14:42:10
[DoS attack: ACK Scan] from source 52.2.107.53,port 443 Monday, Nov 08, 2021 14:42:05
[DoS attack: Fraggle Attack] from source 174.62.224.178,port 47430 Monday, Nov 08, 2021 14:42:05
[DoS attack: RST Scan] from source 44.240.231.235,port 443 Monday, Nov 08, 2021 14:42:05
[Internet connected] IP address: 174.62.141.57, Monday, Nov 08, 2021 14:42:04
[DoS attack: Fraggle Attack] from source 174.62.140.79,port 10001 Monday, Nov 08, 2021 14:42:02
[DoS attack: Fraggle Attack] from source 174.62.140.32,port 2190 Monday, Nov 08, 2021 14:41:58
[Internet disconnected] Monday, Nov 08, 2021 14:41:33
[DoS attack: Fraggle Attack] from source UNKNOWN,port 2190 Monday, Nov 08, 2021 14:41:13
[DoS attack: Fraggle Attack] from source 98.46.9.128,port 2190 Monday, Nov 08, 2021 14:41:02
[DoS attack: Fraggle Attack] from source 174.62.252.244,port 10001 Monday, Nov 08, 2021 14:41:01
[admin login] from source 192.168.1.2, Monday, Nov 08, 2021 14:41:01
[DHCP IP: (192.168.1.4)] to MAC address 8A:87:CC:55:C9:50, Monday, Nov 08, 2021 14:40:52
[DoS attack: Fraggle Attack] from source 174.62.252.244,port 10001 Monday, Nov 08, 2021 14:40:30
[Internet connected] IP address: (MY IP), Monday, Nov 08, 2021 14:40:29
[DoS attack: Fraggle Attack] from source 174.62.140.79,port 10001 Monday, Nov 08, 2021 14:40:27
[DHCP IP: (192.168.1.3)] to MAC address 8C:85:80:8B:1F:AE, Monday, Nov 08, 2021 14:40:18
[DHCP IP: (192.168.1.2)] to MAC address 44:8A:5B:21:C8:40, Monday, Nov 08, 2021 14:40:11
[Internet disconnected] Monday, Nov 08, 2021 14:40:11
[Initialized, firmware version: V1.0.4.100_2.0.64] Monday, Nov 08, 2021 14:40:09
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more