Kitz Forum
Broadband Related => Broadband Hardware => Topic started by: dizzy4528 on February 21, 2009, 01:34:00 PM
-
Quick question guys, on the log page of my Netgear DG834gt it has the following entries . :hmm: Any ideas?
Sat, 2009-02-21 12:38:55 - UDP Packet - Source:92.244.32.3,7474 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:55 - UDP Packet - Source:87.80.180.110,21468 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:55 - UDP Packet - Source:203.218.125.249,20727 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:92.244.32.3,7474 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:203.218.125.249,20727 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:58.107.164.227,35141 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:203.218.125.249,20727 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:87.80.180.110,21468 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:58.107.164.227,35141 Destination:192.168.0.2,48117 - [DOS]
Sat, 2009-02-21 12:38:56 - UDP Packet - Source:87.80.180.110,21468 Destination:192.168.0.2,48117 - [DOS]
-
Are you using P2P software (BitTorrent, Limewire, Emule etc) or playing online games at all? As these are from all over the world, I'd say it looks like P2P myself.
The router thinks this is a DOS (denial of service) attack, but often these are genuine data packets.
I wouldn't worry too much, like I say looks like P2P getting mistakenly identified as an attack and getting blocked by the router.
-
I sometimes get similar type messages when I first start up in the morning. I had assumed that it was because whoever had been using the IP address that I get assigned when I log in to Plusnet, i.e. at system startup, must have been using that connection for P2P or similar.
Failing that it is a genuine Denial of Service attempt, and the router blocks it, I think.
TTFN
toulouse
-
No P2P , but i do play COD online sometimes but not in the last few days .
.
-
Yeah, if it's reported in the logs, it's been blocked by the router.
-
Nothing to worry about then.
-
No P2P , but i do play COD online sometimes but not in the last few days .
.
Dunno then.. I wouldn't worry too much unless they get excessive, then it looks like some distributed DoS attack, but it's a funny port number to try it on...
-
Run a spyware check, seems an odd port to keep trying.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
See if that port is open:
https://www.grc.com/x/ne.dll?bh0bkyd2
You reminded me to test the Netgear834GT for ports that used to be open by default on the DG834Gv2.
40000-41000
5566
5190
4443
1863
1864
The good news is they all all steathed on the lastest DGteam firmware.
-
I run both spybot and spyware terminator and all seems clear on my PC ,and i have the latest DGTeam firmware on the router.
So hopefully the DOS attacks aint doing me any harm. :fingers: :fingers: